Tranphu

Bonjour, Merci, mais pour ce qui est de AdwCleaner, il bloque au milieu de la suppression. Le programme ne répond plus et il faut redémarer. _____________________________________________________ Pour ZHDiag voici: ZHD 31.01.2012

Bonjour, En faisant une analyse pour logiciels espion avec Outpost Firewall 7.5, j'ai constaté la présence de : C:\WINDOWS\system32\wrLZMA.dll Cela semble une m... de première. La machine est lente, elle rame, j'ai plein de soucis avec Adobe etc... J'ai fait un scan, il y a 3 jours avec ZHPDiag: ZHPDiag 27.01.2012 Et aussi avec RogueKiller V7.0.0: RK 26.01.2012 Je viens de sscanner avec: # AdwCleaner v1.317B - Rapport créé le 30/01/2012 à 03:46:56 # Mis à jour le 10/11/11 à 14h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Administrateur - EJN-8D39E802FF (Administrateur) # Exécuté depuis : D:\Documents and Settings\Administrateur\Bureau\Racourcis\adwcleaner.exe # Option [Recherche] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. -\\ Opera v11.60.1185.0 Fichier : D:\Documents and Settings\Administrateur\Application Data\Opera\Opera\operaprefs.ini [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1054 octets] - [26/12/2011 01:38:35] AdwCleaner[R2].txt - [1193 octets] - [02/01/2012 02:06:53] AdwCleaner[R3].txt - [1175 octets] - [15/01/2012 16:01:31] AdwCleaner[s1].txt - [370 octets] - [15/01/2012 16:02:10] AdwCleaner[R4].txt - [1165 octets] - [30/01/2012 03:46:56] ########## EOF - D:\AdwCleaner[R4].txt - [1293 octets] ########## J'ai aussi scanné avec HijackThis: HijackThis 30.01.2012 -édit- Dans cette section, il ne faut pas multiplier les messages dans ton sujet avant d'avoir été pris en charge : au vu de la présence d'une « réponse », les helpers ne s'y intéresseront pas, croyant le problème pris en mains par l'un des leurs…

Merci à tous les deux!

Il faut le désisntaller?

Voici: # DelFix v8.6 - Rapport créé le 13/11/2011 à 22:52:12 # Mis à jour le 13/10/11 à 18h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Administrateur - EJN-8D39E802FF (Administrateur) # Exécuté depuis : D:\Documents and Settings\Administrateur\Bureau\delfix.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : D:\ZHP Supprimé : D:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP Supprimé : D:\Program Files\ZHPDiag Supprimé : D:\Program Files\Trend Micro\Hijackthis ~~~~~~ Fichier(s) ~~~~~~ Supprimé : D:\JavaRa.log Supprimé : D:\PhysicalDisk0_MBR.bin ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKLM\SOFTWARE\AdwCleaner Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autres ~~~~~~ -> Prefetch Vidé ************************* DelFix[R1].txt - [1033 octets] - [13/11/2011 22:49:41] DelFix[R2].txt - [1089 octets] - [13/11/2011 22:49:47] DelFix[s1].txt - [1054 octets] - [13/11/2011 22:52:12] ########## EOF - D:\DelFix[s1].txt - [1178 octets] ########## # DelFix v8.6 - Rapport créé le 13/11/2011 à 22:49:47 # Mis à jour le 13/10/11 à 18h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Administrateur - EJN-8D39E802FF (Administrateur) # Exécuté depuis : D:\Documents and Settings\Administrateur\Bureau\delfix.exe # Option [Recherche] ~~~~~~ Dossiers(s) ~~~~~~ Présent : D:\ZHP Présent : D:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP Présent : D:\Program Files\ZHPDiag Présent : D:\Program Files\Trend Micro\Hijackthis ~~~~~~ Fichier(s) ~~~~~~ Présent : D:\JavaRa.log Présent : D:\PhysicalDisk0_MBR.bin ~~~~~~ Registre ~~~~~~ Clé Présente : HKLM\SOFTWARE\AdwCleaner Clé Présente : HKLM\SOFTWARE\TrendMicro\Hijackthis Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autres ~~~~~~ ************************* DelFix[R1].txt - [1033 octets] - [13/11/2011 22:49:41] DelFix[R2].txt - [969 octets] - [13/11/2011 22:49:47] ########## EOF - D:\DelFix[R2].txt - [1092 octets] ##########

Voici. Je te signale que j'ai ce logiciel (version payante sur mon ordi). Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 8152 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 13/11/2011 18:25:57 mbam-log-2011-11-13 (18-25-57).txt Type d'examen: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|) Elément(s) analysé(s): 319851 Temps écoulé: 1 heure(s), 14 minute(s), 10 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Bonjour, Voici les rapports: ZHPFixReport.txt Rapport de ZHPFix 1.12.3367 par Nicolas Coolman, Update du 29/10/2011 Fichier d'export Registre : Run by Administrateur at 13/11/2011 00:04:05 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: Mozilla Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 SUPPRIME Key: CLSID DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} SUPPRIME Key: HKLM\Software\AskSBar SUPPRIME Key: HKLM\Software\Conduit SUPPRIME Key: HKLM\Software\Classes\imside1egate.application.1 SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa} ========== Valeur(s) du Registre ========== SUPPRIME Toolbar: {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} ERREUR RunValue: OutpostFeedBack SUPPRIME RunValue: KernelFaultCheck Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Elément(s) de donnée du Registre ========== SUPPRIME Trusted Zone: delcampe.fr SUPPRIME Trusted Zone: e-lotto.be ========== Dossier(s) ========== SUPPRIME Folder: D:\Program Files\WildTangent Games SUPPRIME Temporaires Windows: : 11 SUPPRIME Flash Cookies: 159 ========== Fichier(s) ========== SUPPRIME File: d:\program files\wildtangent games\app\browserintegration\registered\0\np_wtapp.dll SUPPRIME Temporaires Windows: : 22 SUPPRIME Flash Cookies: 70 ========== Récapitulatif ========== 8 : Clé(s) du Registre 4 : Valeur(s) du Registre 2 : Elément(s) de donnée du Registre 3 : Dossier(s) 3 : Fichier(s) End of clean in 01mn 04s AdwCleaner.txt # AdwCleaner v1.317B - Rapport créé le 13/11/2011 à 00:16:09 # Mis à jour le 10/11/11 à 14h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Administrateur - EJN-8D39E802FF (Administrateur) # Exécuté depuis : D:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. -\\ Opera v11.52.1100.0 Fichier : D:\Documents and Settings\Administrateur\Application Data\Opera\Opera\operaprefs.ini [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s1].txt - [919 octets] - [13/11/2011 00:16:09] ************************* Dossier Temporaire : 2 dossier(s)et 3 fichier(s) supprimés 2 RKreport.txt RogueKiller V6.1.7 [05/11/2011] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/37) Blog: tigzy-RK Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: Administrateur [Droits d'admin] Mode: Recherche -- Date : 13/11/2011 00:38:48 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 1 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ SSDT[277] : NtWriteVirtualMemory @ 0x805B43CC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A340) SSDT[274] : NtWriteFile @ 0x8057CF16 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477980) SSDT[262] : NtUnloadDriver @ 0x805842F4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4793C0) SSDT[258] : NtTerminateThread @ 0x805D2BDC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479CA0) SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479B20) SSDT[255] : NtSystemDebugControl @ 0x806180BA -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47AA90) SSDT[254] : NtSuspendThread @ 0x805D48F4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479ED0) SSDT[253] : NtSuspendProcess @ 0x805D4A82 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479DE0) SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478B60) SSDT[240] : NtSetSystemInformation @ 0x8060FD06 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4792D0) SSDT[237] : NtSetSecurityObject @ 0x805C062E -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47AC60) SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479FC0) SSDT[210] : NtSecureConnectPort @ 0x805A3D64 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A630) SSDT[208] : NtSaveKeyEx @ 0x80625CB2 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478DE0) SSDT[207] : NtSaveKey @ 0x80625BCC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478D10) SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479050) SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D76 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A8E0) SSDT[199] : NtRequestPort @ 0x805A2A4A -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A810) SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478C40) SSDT[192] : NtRenameKey @ 0x80623B12 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479120) SSDT[180] : NtQueueApcThread @ 0x805D1276 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A0B0) SSDT[177] : NtQueryValueKey @ 0x80622314 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478A80) SSDT[160] : NtQueryKey @ 0x80625810 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4789A0) SSDT[137] : NtProtectVirtualMemory @ 0x805B841E -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A440) SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479920) SSDT[125] : NtOpenSection @ 0x805AA3EC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477880) SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479A20) SSDT[119] : NtOpenKey @ 0x806254CE -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478650) SSDT[116] : NtOpenFile @ 0x8057A1A6 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478010) SSDT[105] : NtMakeTemporaryObject @ 0x805BC5D4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4783C0) SSDT[99] : NtLoadKey2 @ 0x80625F20 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478F80) SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478EB0) SSDT[97] : NtLoadDriver @ 0x80584160 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC488C20) SSDT[84] : NtFsControlFile @ 0x805792A2 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477A90) SSDT[73] : NtEnumerateValueKey @ 0x80624BA6 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4788C0) SSDT[71] : NtEnumerateKey @ 0x8062493C -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4787E0) SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4791F0) SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478720) SSDT[57] : NtDebugActiveProcess @ 0x80643B30 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47AB70) SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479480) SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C39FA -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478480) SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4777B0) SSDT[48] : NtCreateProcessEx @ 0x805D117A -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479730) SSDT[47] : NtCreateProcess @ 0x805D1230 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479640) SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478560) SSDT[37] : NtCreateFile @ 0x805790A8 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477B80) SSDT[31] : NtConnectPort @ 0x805A45D0 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A540) SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4781B0) SSDT[19] : NtAssignProcessToJobObject @ 0x805D6642 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A180) SSDT[17] : NtAllocateVirtualMemory @ 0x805A8ABA -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A270) S_SSDT[509] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B970) S_SSDT[502] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B470) S_SSDT[491] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B8A0) S_SSDT[490] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B610) S_SSDT[292] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BAF0) S_SSDT[237] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BC80) S_SSDT[227] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BBB0) S_SSDT[13] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BA30) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[1].txt >> RogueKiller V6.1.7 [05/11/2011] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/37) Blog: tigzy-RK Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: Administrateur [Droits d'admin] Mode: Suppression -- Date : 13/11/2011 00:41:12 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 1 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED () ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ SSDT[277] : NtWriteVirtualMemory @ 0x805B43CC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A340) SSDT[274] : NtWriteFile @ 0x8057CF16 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477980) SSDT[262] : NtUnloadDriver @ 0x805842F4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4793C0) SSDT[258] : NtTerminateThread @ 0x805D2BDC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479CA0) SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479B20) SSDT[255] : NtSystemDebugControl @ 0x806180BA -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47AA90) SSDT[254] : NtSuspendThread @ 0x805D48F4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479ED0) SSDT[253] : NtSuspendProcess @ 0x805D4A82 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479DE0) SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478B60) SSDT[240] : NtSetSystemInformation @ 0x8060FD06 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4792D0) SSDT[237] : NtSetSecurityObject @ 0x805C062E -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47AC60) SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479FC0) SSDT[210] : NtSecureConnectPort @ 0x805A3D64 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A630) SSDT[208] : NtSaveKeyEx @ 0x80625CB2 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478DE0) SSDT[207] : NtSaveKey @ 0x80625BCC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478D10) SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479050) SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D76 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A8E0) SSDT[199] : NtRequestPort @ 0x805A2A4A -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A810) SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478C40) SSDT[192] : NtRenameKey @ 0x80623B12 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479120) SSDT[180] : NtQueueApcThread @ 0x805D1276 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A0B0) SSDT[177] : NtQueryValueKey @ 0x80622314 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478A80) SSDT[160] : NtQueryKey @ 0x80625810 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4789A0) SSDT[137] : NtProtectVirtualMemory @ 0x805B841E -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A440) SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479920) SSDT[125] : NtOpenSection @ 0x805AA3EC -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477880) SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479A20) SSDT[119] : NtOpenKey @ 0x806254CE -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478650) SSDT[116] : NtOpenFile @ 0x8057A1A6 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478010) SSDT[105] : NtMakeTemporaryObject @ 0x805BC5D4 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4783C0) SSDT[99] : NtLoadKey2 @ 0x80625F20 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478F80) SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478EB0) SSDT[97] : NtLoadDriver @ 0x80584160 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC488C20) SSDT[84] : NtFsControlFile @ 0x805792A2 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477A90) SSDT[73] : NtEnumerateValueKey @ 0x80624BA6 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4788C0) SSDT[71] : NtEnumerateKey @ 0x8062493C -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4787E0) SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4791F0) SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478720) SSDT[57] : NtDebugActiveProcess @ 0x80643B30 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47AB70) SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479480) SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C39FA -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478480) SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4777B0) SSDT[48] : NtCreateProcessEx @ 0x805D117A -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479730) SSDT[47] : NtCreateProcess @ 0x805D1230 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC479640) SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC478560) SSDT[37] : NtCreateFile @ 0x805790A8 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC477B80) SSDT[31] : NtConnectPort @ 0x805A45D0 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A540) SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC4781B0) SSDT[19] : NtAssignProcessToJobObject @ 0x805D6642 -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A180) SSDT[17] : NtAllocateVirtualMemory @ 0x805A8ABA -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47A270) S_SSDT[509] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B970) S_SSDT[502] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B470) S_SSDT[491] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B8A0) S_SSDT[490] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47B610) S_SSDT[292] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BAF0) S_SSDT[237] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BC80) S_SSDT[227] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BBB0) S_SSDT[13] : Unknown -> HOOKED (\??\D:\WINDOWS\system32\drivers\SandBox.sys @ 0xAC47BA30) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[2].txt >>

Merci, le nécessaire a été fait sur l'autre forum.

Bonjour, Suite à un contrôle de routine, j'ai reçu le conseil de procéder à une désinfection: zébu 12.11.2011 Voici le rapport: ZHPdiag 12.11.2011 Merci pour votre attention. Tranphu.

Merci Tonton, Le nécessaire a été fait et voici: Mon lien Bon amusement... Tranphu.

Quelqu'un peut-il m'indiquer si il y a des mesures à prendre? Merci. Rapport de ZHPDiag v1.27.1844 par Nicolas Coolman, Update du 27/03/2011 Run by Administrateur at 12/11/2011 10:11:23 Web site : ZHPDiag Outil de diagnostic Voir plus loin.

Merci pour le conseil, c'est super, gratuit et cela marche!

Je cherche un codec de bonne qualité?

Merci, c'est fait. (j'ai Secunia sur mon PC) Pour Java = ok, mais je ne sais pas où JavaRa est allé se planquer... Adobe 9x Pro extendet sur la machine, mise à jour régulière, je dois passer à X (10).

Voilà le résultat d'ESET nod32: D:\Documents and Settings\Administrateur\Application Data\Sun\Java\Deployment\cache\6.0\5\9398105-63fff0f5 » ZIP » gendalf/fire.class - Java/TrojanDownloader.Agent.NCM cheval de troie D:\Documents and Settings\Administrateur\Application Data\Sun\Java\Deployment\cache\6.0\5\9398105-63fff0f5 » ZIP » gendalf/frost.class - Java/TrojanDownloader.Agent.NCM cheval de troie D:\Documents and Settings\Administrateur\Application Data\Sun\Java\Deployment\cache\6.0\5\9398105-63fff0f5 » ZIP » mordor/bilbo.class - Java/TrojanDownloader.Agent.NCM cheval de troie D:\Documents and Settings\Administrateur\Application Data\Sun\Java\Deployment\cache\6.0\5\9398105-63fff0f5 » ZIP » mordor/frodo.class - Java/TrojanDownloader.Agent.NCM cheval de troie D:\Documents and Settings\Administrateur\Application Data\Sun\Java\Deployment\cache\6.0\5\9398105-63fff0f5 » ZIP » mordor/gorlum.class - Java/TrojanDownloader.Agent.NCM cheval de troie D:\Documents and Settings\Administrateur\Application Data\Sun\Java\Deployment\cache\6.0\5\9398105-63fff0f5 » ZIP » mordor/saruman.class - Java/TrojanDownloader.Agent.NCM cheval de troie 04/04/2011 10:41:56 Mémoire vive;D:\Secteur d'amorçage;D:\ 237206 6 6 Terminé

Seconde analyse: Rapport de ZHPFix 1.12.3267 par Nicolas Coolman, Update du 28/03/2011 Fichier d'export Registre : D:\ZHPExportRegistry-04-04-2011-07-52-35.txt Run by Administrateur at 04/04/2011 07:52:35 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== HKLM\Software\Conduit => Clé supprimée avec succès ========== Fichier(s) ========== d:\windows\_delis32.ini => Fichier absent ========== Récapitulatif ========== 1 : Clé(s) du Registre 1 : Fichier(s) End of the scan

Première analyse: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6264 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 04/04/2011 07:28:22 mbam-log-2011-04-04 (07-28-22).txt Type d'examen: Examen complet (D:\|) Elément(s) analysé(s): 201712 Temps écoulé: 24 minute(s), 11 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Tu le déplaces où???????? Et infecté par quoi? Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 6199 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 03/04/2011 22:28:41 mbam-log-2011-04-03 (22-28-41).txt Type d'examen: Examen rapide Elément(s) analysé(s): 154884 Temps écoulé: 4 minute(s), 5 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Je suis sous XP. Bonne lecture: Rapport de ZHPDiag v1.27.1844 par Nicolas Coolman, Update du 27/03/2011 Run by Administrateur at 03/04/2011 13:54:35 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) OPIE: Opera v11.01 ---\\ System Information Windows XP Professional Service Pack 3 (Build 2600) Processor: x86 Family 6 Model 23 Stepping 7, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3327 MB (68% free) System Restore: Désactivé (Disabled) System drive D: has 470 GB (96%) free of 488 GB ---\\ Logged in mode Computer Name: EJN-8D39E802FF User Name: Administrateur All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=D:\Documents and Settings\Administrateur\Application Data %LocalAppData%=D:\Documents and Settings\Administrateur\Local Settings\Application Data %StartMenu%=D:\Documents and Settings\Administrateur\Menu Démarrer ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 436 Go of 443 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 470 Go of 488 Go) E:\ CD-ROM drive (Not Inserted) F:\ CD-ROM drive (Not Inserted) G:\ Hard drive, Flash drive, Thumb drive (Free 55 Go of 76 Go) H:\ Hard drive, Flash drive, Thumb drive (Free 38 Go of 149 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 13:00:00.) -- D:\Windows\Explorer.exe [1037824] [MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- D:\Windows\System32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 13:00:00.) -- D:\Windows\System32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 11:40:32.) -- D:\Windows\System32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 13:00:00.) -- D:\Windows\System32\drivers\ntfs.sys [574976] ---\\ Processus lancés [MD5.EAA24CE4AE91839C67914B497D7CF5FE] - (.Webroot Software, Inc. - WRConsumerService.) -- D:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [1201640] [MD5.281D26DF656E53DAB568214EE282EC46] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- D:\WINDOWS\system32\Ati2evxx.exe [638976] [MD5.0F98B9384C37C8C29904B8AE4359A54F] - (.Logitech, Inc. - Logitech Bluetooth Service.) -- D:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe [293456] [MD5.14F82A3D1A16135D12556F379BFB4506] - (.PS Soft Lab - Pas de description.) -- D:\Program Files\PS Tray Factory\PSTrayFactory.EXE [424448] [MD5.E28AFBD43982DDDA0A23CA73220CD7BA] - (.Analog Devices, Inc. - SMax4PNP.) -- D:\Program Files\Analog Devices\Core\smax4pnp.exe [1040384] [MD5.04FEB6C7E08E941CA300CFB3FA78C976] - (.Analog Devices, Inc. - Audio Control Panel.) -- D:\Program Files\Analog Devices\SoundMAX\Smax4.exe [884736] [MD5.F9932C3C8F1C78738F27EB6360ACF681] - (.Adobe Systems Inc. - AcroTray.) -- D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640440] [MD5.926CF712448FEA216DEB1D30E708275C] - (.Western Digital Technologies, Inc. - WD Button Manager.) -- D:\WINDOWS\system32\WDBtnMgr.exe [335872] [MD5.126EED659167ECFD15E277301DD80470] - (.ESET - ESET GUI.) -- D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2145000] [MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- D:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208] [MD5.E7704CBF568815C1CAA6E513387BD3F2] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [65536] [MD5.8932A36E6C03768309C3426669B5E40E] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- D:\Program Files\Logitech setpoint\SetPointP\SetPoint.exe [1352272] [MD5.B853CF0D6BC7F620EED479B274C0284A] - (.Logitech, Inc. - Logitech Blutooth Wizard Host Process.) -- D:\Program Files\Logitech setpoint\SetPointP\LBTWiz.exe [53328] [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064] [MD5.253E5B2B2A6CEE5EE13A06C3EDFFE78B] - (.Webroot Software, Inc. - Spy Sweeper Client Executable.) -- D:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [6515784] [MD5.27F8BF031D9332C9C02AE8C1357185B3] - (...) -- D:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [168792] [MD5.61E3B5BEE1C10954F53DC07282F2A61C] - (.Logitech Inc. - Logitech Vid HD.) -- D:\Program Files\Logitech\Vid HD\Vid.exe [6129496] [MD5.C5697134542BB24213DC905D4576F935] - (.Copernic Inc. - Copernic Desktop Search Service.) -- D:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe [1679368] [MD5.E8EF6A322B527855CC887E513E77812D] - (.Yahoo! Inc. - Yahoo! Messenger.) -- D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [6174008] [MD5.9806EAFE682766EADEE921DCBDA5231A] - (.Heidi Computers Ltd - Eraser..) -- D:\Program Files\Eraser\eraser.exe [634880] [MD5.723FCCFC592E5A022BD7FFC87B55AE91] - (...) -- D:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe [651096] [MD5.7E3DF5ECC177DC1A7F04D781228AFBDA] - (.ASUSTek Computer Inc. - ASUS WiFi-AP @n Utility.) -- D:\Program Files\ASUS\WiFi-AP @n\WiFi-AP@n.exe [1224704] [MD5.D179E1DE532C903AB1D57A4E81342F40] - (.Secunia - Secunia PSI Tray.) -- D:\Program Files\Secunia\PSI\psi_tray.exe [291896] [MD5.F67A4759BE4672D4D85CFB2D1CCB73D3] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- D:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE [146000] [MD5.CCE5D71F19AB70D969F9819B5C88438D] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [65536] [MD5.DD347806400462F1937B162B5983E471] - (.Diskeeper Corporation - Diskeeper Service.) -- D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2148176] [MD5.82A0EE1F5CCC82CC5453D24FF186E9B0] - (.ESET - ESET Service.) -- D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810120] [MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- D:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.2333057542C91AE8228BDCCC2E5F2632] - (.Logitech Inc. - LVPrcSrv Module..) -- D:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe [162648] [MD5.02A3C7C23BA47E8E7281CC07A0EF351E] - (.Dantz Development Corporation - Retrospect.) -- D:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe [46592] [MD5.7198BBFBE46C0070257278C536386687] - (.Secunia - Secunia PSI Agent.) -- D:\Program Files\Secunia\PSI\PSIA.exe [993848] [MD5.3C3F05960536407A47D598138489B335] - (.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper Engine.) -- D:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [4048240] [MD5.D2FCA567F9BE87E29B9A9FA32FFE79CA] - (.Secunia - Secunia Update Agent.) -- D:\Program Files\Secunia\PSI\sua.exe [399416] [MD5.4F2BDCCBFADFE9989F24FE781CABC4E0] - (.Opera Software - Opera Internet Browser.) -- D:\Program Files\Opera\opera.exe [943472] [MD5.2A8AEFDE5BED57D232ECF9482336E139] - (.Microsoft Corporation - Microsoft Office Outlook.) -- D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [12995952] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\iexplore.exe [638816] [MD5.6267B1D6DCE9841E96E0C1F18ABC157A] - (.Nicolas Coolman - Diagnostic Tool.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [1991680] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- D:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- D:\Program Files\Yahoo!\Shared\npYState.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-2052111302-2139871995-682003330-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- D:\WINDOWS\system32\ieframe.dll ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Copernic Desktop Search 3 CE - {435FAE9B-81A9-49D8-A0B1-A85ED3121976} . (.Copernic Inc. - Copernic Desktop Search Band.) -- D:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchBand300000053.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [soundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- D:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] . (.Analog Devices, Inc. - Audio Control Panel.) -- D:\Program Files\Analog Devices\SoundMAX\Smax4.exe O4 - HKLM\..\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [ATICustomerCare] . (.Advanced Micro Devices, Inc. - ATI Customer Care.) -- D:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- D:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TrayFactory] . (.PS Soft Lab - Pas de description.) -- D:\Program Files\PS Tray Factory\PSTrayFactory.exe O4 - HKLM\..\Run: [WD Button Manager] . (.Western Digital Technologies, Inc. - WD Button Manager.) -- D:\Windows\System32\WDBtnMgr.exe O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O4 - HKLM\..\Run: [OutpostFeedBack] Clé orpheline O4 - HKLM\..\Run: [OutpostMonitor] . (.Agnitum Ltd. - Outpost User Interface.) -- D:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- D:\Program Files\Logitech\LWS\Webcam Software\LWS.exe O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- D:\Program Files\Logitech setpoint\SetPointP\SetPoint.exe O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [spySweeper] . (.Webroot Software, Inc. - Spy Sweeper Client Executable.) -- D:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe O4 - HKLM\..\RunOnce: [TrayFactory] . (.PS Soft Lab - Pas de description.) -- D:\Program Files\PS Tray Factory\PSTrayFactory.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- D:\Program Files\Logitech\Vid HD\Vid.exe O4 - HKCU\..\Run: [Copernic Desktop Search 3 - Corporate] . (.Copernic Inc. - Copernic Desktop Search Service.) -- D:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe O4 - HKCU\..\Run: [Eraser] . (.Heidi Computers Ltd - Eraser..) -- D:\Program Files\Eraser\eraser.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-2052111302-2139871995-682003330-500\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-2052111302-2139871995-682003330-500\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- D:\Program Files\Logitech\Vid HD\Vid.exe O4 - HKUS\S-1-5-21-2052111302-2139871995-682003330-500\..\Run: [Copernic Desktop Search 3 - Corporate] . (.Copernic Inc. - Copernic Desktop Search Service.) -- D:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe O4 - HKUS\S-1-5-21-2052111302-2139871995-682003330-500\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe O4 - HKUS\S-1-5-21-2052111302-2139871995-682003330-500\..\Run: [Eraser] . (.Heidi Computers Ltd - Eraser..) -- D:\Program Files\Eraser\eraser.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\ASUS WiFi-AP @n Utility.lnk . (.ASUSTek Computer Inc..) -- D:\Program Files\ASUS\WiFi-AP @n\WiFi-AP@n.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Secunia PSI Tray.lnk . (.Secunia.) -- D:\Program Files\Secunia\PSI\psi_tray.exe O4 - Global Startup: D:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech.) -- D:\Program Files\Logitech\Ereg\eReg.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Distiller 9.lnk . (...) -- D:\WINDOWS\Installer\{AC76BA86-1033-F400-7761-000000000004}\_SC_Distiller.ico O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe 3D Reviewer.lnk . (.Adobe Systems Incorporated.) -- D:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins3d\prc\A3DReviewer.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Acrobat 9 Pro Extended.lnk . (...) -- D:\WINDOWS\Installer\{AC76BA86-1033-F400-7761-000000000004}\_SC_Acrobat_3D.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe LiveCycle Designer ES 8.2.lnk . (.Adobe Systems Incorporated.) -- D:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Copernic Desktop Search 3 - Corporate.lnk . (.Copernic Inc..) -- D:\Program Files\Copernic Desktop Search - Corporate\DesktopSearch.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- D:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Secunia PSI.lnk . (.Secunia.) -- D:\Program Files\Secunia\PSI\psi.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- D:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- D:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: D:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- D:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: D:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- D:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: D:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- D:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: D:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- D:\Program Files\Outlook Express\msimn.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: Ajouter à un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: Convertir au format Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- D:\PROGRA~1\MICROS~2\Office12\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} . (.Agnitum Ltd. - Outpost Firewall Pro Quick Tune..) -- D:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- D:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- D:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- D:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- D:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1299856111953 O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_1_0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{44F2F749-A732-407E-A06A-13C804596F65}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{44F2F749-A732-407E-A06A-13C804596F65}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{44F2F749-A732-407E-A06A-13C804596F65}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- D:\Windows\System32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- D:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- D:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- D:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- D:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- d:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- D:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- D:\Windows\System32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- D:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- D:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- D:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (acssrv) . (.Agnitum Ltd. - Agnitum Outpost Service.) - D:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: (ASWFilt) . (.Agnitum Ltd. - Host Protection Component.) - D:\WINDOWS\system32\Filt\ASWFilt.dll O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: (Diskeeper) . (.Diskeeper Corporation - Diskeeper Service.) - D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - D:\WINDOWS\System32\dmadmin.exe O23 - Service: (EhttpSrv) . (.ESET - ESET HTTP Server Service.) - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: (ekrn) . (.ESET - ESET Service.) - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: (LBTServ) . (.Logitech, Inc. - Logitech Bluetooth Service.) - D:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - D:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: (maconfservice) . (.CybelSoft - Service de détection matériel.) - D:\Program Files\ma-config.com\maconfservice.exe O23 - Service: (NBService) . (.Nero AG - Nero BackItUp.) - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: (RetroWDSvc) . (.Dantz Development Corporation - Retrospect.) - D:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe O23 - Service: (Secunia PSI Agent) . (.Secunia - Secunia PSI Agent.) - D:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - D:\Program Files\Secunia\PSI\sua.exe O23 - Service: (WebrootSpySweeperService) . (.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper Engine.) - D:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe O23 - Service: (WRConsumerService) . (.Webroot Software, Inc. - WRConsumerService.) - D:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - D:\Program Files\Microsoft Office\Office12\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\User_Feed_Synchronization-{94525883-37AE-455B-AF86-1218F0A69A51}.job O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\wrSpySweeper_LB21690C4E84543CE80EFF20D55616A93.job [MD5.253E5B2B2A6CEE5EE13A06C3EDFFE78B] [APT] [wrSpySweeper_LB21690C4E84543CE80EFF20D55616A93] (.Webroot Software, Inc..) -- D:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - D:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - D:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - D:\Windows\System32\DRIVERS\ehdrv.sys O41 - Driver: (epfwtdir) . (.ESET - ESET Antivirus Network Redirector.) - D:\Windows\System32\DRIVERS\epfwtdir.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - D:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - D:\Windows\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - D:\Windows\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - D:\Windows\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - D:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - D:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - D:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - D:\Windows\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - D:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - D:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - D:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - D:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - D:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - D:\Windows\System32\DRIVERS\redbook.sys O41 - Driver: (SandBox) . (.Agnitum Ltd. - Host Protection Component.) - D:\WINDOWS\system32\drivers\SandBox.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - D:\Windows\System32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - D:\Windows\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - D:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - D:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: AM-DeadLink - (.Pas de propriétaire.) [HKLM] -- AM-DeadLink O42 - Logiciel: ASUS WiFi-AP @n - (.ASUS.) [HKLM] -- {6600970A-BAE7-412A-BFFC-91AD793B3A41} O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM] -- {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B} O42 - Logiciel: ATI Stream SDK v2 Developer - (.ATI Technologies Inc..) [HKLM] -- {0ED98038-0885-F902-C419-669ADE471A46} O42 - Logiciel: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004} O42 - Logiciel: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004} O42 - Logiciel: Adobe Acrobat 9.4.3 - CPSID_83708 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}_943 O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3} O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {5FD89EA1-99C2-40EE-BBF5-20F8991ED756} O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- lvdrivers_12.0 O42 - Logiciel: Collectorz.com Book Collector - (.Pas de propriétaire.) [HKLM] -- Collectorz.com Book Collector O42 - Logiciel: Copernic Desktop Search 3 - Corporate - (.Copernic Inc..) [HKLM] -- CopernicDesktopSearch2Corpo O42 - Logiciel: Diskeeper 2011 Professional - (.Diskeeper Corporation.) [HKLM] -- {9E0F1FA9-771E-4E6F-81EB-BDA8662AF971} O42 - Logiciel: Eraser 5.8 - (.Heidi Computers Ltd..) [HKLM] -- {B80CC46C-5839-4A48-B051-3CACF23A2718}_is1 O42 - Logiciel: HP Product Detection - (.Hewlett-Packard Company.) [HKLM] -- {CAE7D1D9-3794-4169-B4DD-964ADBC534EE} O42 - Logiciel: Hide Folders XP 2.3 for Windows 2000/XP - (.Pas de propriétaire.) [HKLM] -- Hide Folders XP 2_is1 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF} O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB} O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9} O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6} O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA} O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967} O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM] -- {174A3B31-4C43-43DD-866F-73C9DB887B48} O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441} O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F} O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D} O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189} O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} O42 - Logiciel: Logitech SetPoint 6.20 - (.Logitech.) [HKLM] -- sp6 O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP2 and SOAP Toolkit 3.0 - (.Webroot Software, Inc..) [HKLM] -- {32343DB6-9A52-40C9-87E4-5E7C79791C87} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {0810B8B7-7539-41D3-983E-6127FCF1CC9E} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {6AFFBA7A-F063-44F2-ADA0-65C67E071036} O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL O42 - Logiciel: Opera 11.01 - (.Opera Software ASA.) [HKLM] -- Opera 11.01.1190 O42 - Logiciel: Outpost Firewall Pro 7.1 - (.Agnitum, Ltd..) [HKLM] -- Agnitum Outpost Firewall Pro_is1 O42 - Logiciel: PS Tray Factory 2.5 - (.PS Soft Lab.) [HKLM] -- PS Tray Factory_is1 O42 - Logiciel: PlexTools Professional LE V3.14 - (.Pelxtor Europe.) [HKLM] -- {40F6D16F-C92A-4D31-A41B-8731F09ECFC4} O42 - Logiciel: Reimage Repair - (.Reimage.com.) [HKLM] -- Reimage Repair O42 - Logiciel: Retrospect 6.5 - (.Dantz Development Corp..) [HKLM] -- {73B69C5C-87D6-471E-B695-0BD736C4B644} O42 - Logiciel: Secunia PSI (2.0.0.3001) - (.Pas de propriétaire.) [HKLM] -- Secunia PSI O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474-04A7E8735E16} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785-5212F297A9D9} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C} O42 - Logiciel: Spy Sweeper - (.Webroot Software, Inc..) [HKLM] -- {1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1 O42 - Logiciel: Spy Sweeper Core - (.Webroot Software.) [HKLM] -- {3F5B6210-0903-4DC6-8034-8F488AA3A782} O42 - Logiciel: Truck Racing by Renault Trucks - (.Game Seed/Ai Wave.) [HKLM] -- Truck Racing O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2508979) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D2137BBA-250B-4548-BC1C-19E5009893D7} O42 - Logiciel: WinZip 14.5 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240BD} O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} O42 - Logiciel: jv16 PowerTools 2010 - (.Macecraft Software.) [HKLM] -- jv16 PowerTools 2010 O42 - Logiciel: jv16 PowerTools 2011 - (.Macecraft Software.) [HKLM] -- jv16 PowerTools 2011 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASProtect] [HKCU\Software\ASUS] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Analog Devices] [HKCU\Software\Classes] [HKCU\Software\Collectorz.com] [HKCU\Software\Copernic] [HKCU\Software\ESET] [HKCU\Software\FSPro Labs] [HKCU\Software\Game Seed] [HKCU\Software\Haemimont Games] [HKCU\Software\Heidi Computers Ltd] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Leadertech] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogiShrd] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\ODBC] [HKCU\Software\Opera Software] [HKCU\Software\PS Soft Lab] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Secunia] [HKCU\Software\Skype] [HKCU\Software\Trolltech] [HKCU\Software\WDC] [HKCU\Software\Webroot] [HKCU\Software\WinZip Computing] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\aignes] [HKCU\Software\cybelsoft] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Agnitum] [HKLM\Software\Alienware] [HKLM\Software\Analog Devices] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] [HKLM\Software\Copernic] [HKLM\Software\Dantz] [HKLM\Software\DesktopSearch2] [HKLM\Software\DesktopSearch] [HKLM\Software\Diskeeper Corporation] [HKLM\Software\ESET] [HKLM\Software\FSPro Labs] [HKLM\Software\Gemplus] [HKLM\Software\Global IP Solutions] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LogiShrd] [HKLM\Software\Logitech] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Marvell] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Netscape] [HKLM\Software\Nico Mak Computing] [HKLM\Software\ODBC] [HKLM\Software\Opera Software] [HKLM\Software\PS Soft Lab] [HKLM\Software\Piriform] [HKLM\Software\Plextor] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\RALINK] [HKLM\Software\RegisteredApplications] [HKLM\Software\Reimage] [HKLM\Software\SOS] [HKLM\Software\Schlumberger] [HKLM\Software\Secunia] [HKLM\Software\Sensaura] [HKLM\Software\Skype] [HKLM\Software\Staccato] [HKLM\Software\Webroot] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Yahoo] [HKLM\Software\ahead] [HKLM\Software\cybelsoft] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 12/03/2011 - 20:25:02 - [2707138659] ----D- D:\Program Files\Adobe O43 - CFD: 13/03/2011 - 01:28:14 - [100433521] ----D- D:\Program Files\Agnitum O43 - CFD: 13/03/2011 - 03:09:20 - [2233812] ----D- D:\Program Files\AM-DeadLink O43 - CFD: 11/03/2011 - 16:27:04 - [6096256] ----D- D:\Program Files\Analog Devices O43 - CFD: 11/03/2011 - 16:58:20 - [2836902] ----D- D:\Program Files\ASUS O43 - CFD: 11/03/2011 - 16:33:40 - [595992] ----D- D:\Program Files\ATI O43 - CFD: 11/03/2011 - 16:34:16 - [21016410] ----D- D:\Program Files\ATI Stream O43 - CFD: 11/03/2011 - 16:34:08 - [50444911] ----D- D:\Program Files\ATI Technologies O43 - CFD: 13/03/2011 - 05:35:30 - [23535525] ----D- D:\Program Files\Bookcollector O43 - CFD: 28/03/2011 - 20:27:30 - [9757808] ----D- D:\Program Files\CCleaner O43 - CFD: 13/03/2011 - 06:19:22 - [1685944] ----D- D:\Program Files\Common Files O43 - CFD: 11/03/2011 - 15:36:16 - [0] ----D- D:\Program Files\ComPlus Applications O43 - CFD: 12/03/2011 - 22:03:40 - [24613613] ----D- D:\Program Files\Copernic Desktop Search - Corporate O43 - CFD: 12/03/2011 - 22:52:20 - [28615604] ----D- D:\Program Files\Dantz O43 - CFD: 20/03/2011 - 15:47:00 - [172793254] ----D- D:\Program Files\Diskeeper O43 - CFD: 20/03/2011 - 15:51:06 - [31977076] ----D- D:\Program Files\Diskeeper Corporation O43 - CFD: 13/03/2011 - 06:30:26 - [8937397] ----D- D:\Program Files\Driver Detective O43 - CFD: 13/03/2011 - 06:03:18 - [8115468] ----D- D:\Program Files\Driver Whiz O43 - CFD: 29/03/2011 - 02:31:26 - [0] ----D- D:\Program Files\DriverNavigator O43 - CFD: 03/04/2011 - 00:24:54 - [6379821] ----D- D:\Program Files\Eraser O43 - CFD: 12/03/2011 - 23:01:10 - [53986449] ----D- D:\Program Files\ESET O43 - CFD: 29/03/2011 - 23:54:16 - [546271579] ----D- D:\Program Files\Fichiers communs O43 - CFD: 12/03/2011 - 22:13:56 - [1896120] ----D- D:\Program Files\HFXP2 O43 - CFD: 31/03/2011 - 20:21:32 - [52251114] ----D- D:\Program Files\HP O43 - CFD: 11/03/2011 - 16:58:14 - [7374792] --H-D- D:\Program Files\InstallShield Installation Information O43 - CFD: 11/03/2011 - 16:34:36 - [96760] ----D- D:\Program Files\Intel O43 - CFD: 12/03/2011 - 23:55:32 - [4532840] ----D- D:\Program Files\Internet Explorer O43 - CFD: 29/03/2011 - 23:53:46 - [81792852] ----D- D:\Program Files\Java O43 - CFD: 13/03/2011 - 07:02:46 - [478380217] ----D- D:\Program Files\jv16 PowerTools 2010 O43 - CFD: 13/03/2011 - 07:09:26 - [15057528] ----D- D:\Program Files\jv16 PowerTools 2011 O43 - CFD: 13/03/2011 - 06:19:50 - [128201617] ----D- D:\Program Files\Logitech O43 - CFD: 27/03/2011 - 18:52:38 - [23581283] ----D- D:\Program Files\Logitech setpoint O43 - CFD: 11/03/2011 - 16:31:42 - [5657562] ----D- D:\Program Files\ma-config.com O43 - CFD: 28/03/2011 - 23:59:30 - [10119939] ----D- D:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 11/03/2011 - 16:08:38 - [1602620] ----D- D:\Program Files\Marvell O43 - CFD: 11/03/2011 - 17:22:04 - [2174045] ----D- D:\Program Files\Messenger O43 - CFD: 13/03/2011 - 00:29:10 - [800662] ----D- D:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 11/03/2011 - 15:39:08 - [0] ----D- D:\Program Files\microsoft frontpage O43 - CFD: 12/03/2011 - 20:12:24 - [563516905] ----D- D:\Program Files\Microsoft Office O43 - CFD: 12/03/2011 - 19:10:10 - [14904] ----D- D:\Program Files\Microsoft Visual Studio O43 - CFD: 12/03/2011 - 19:08:22 - [1387249] ----D- D:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 13/03/2011 - 00:32:28 - [3726168] ----D- D:\Program Files\Microsoft Works O43 - CFD: 12/03/2011 - 19:09:52 - [8152064] ----D- D:\Program Files\Microsoft.NET O43 - CFD: 11/03/2011 - 17:42:42 - [10374874] ----D- D:\Program Files\Movie Maker O43 - CFD: 12/03/2011 - 19:10:18 - [26521] ----D- D:\Program Files\MSBuild O43 - CFD: 11/03/2011 - 15:35:22 - [19278399] ----D- D:\Program Files\MSN O43 - CFD: 11/03/2011 - 15:35:54 - [8745735] ----D- D:\Program Files\MSN Gaming Zone O43 - CFD: 13/03/2011 - 02:57:52 - [11804] ----D- D:\Program Files\MSSOAP O43 - CFD: 13/03/2011 - 03:12:12 - [0] ----D- D:\Program Files\MSXML 4.0 O43 - CFD: 12/03/2011 - 21:24:40 - [419830802] ----D- D:\Program Files\Nero O43 - CFD: 11/03/2011 - 15:37:32 - [3285523] ----D- D:\Program Files\NetMeeting O43 - CFD: 11/03/2011 - 15:36:04 - [1804] ----D- D:\Program Files\Online Services O43 - CFD: 31/03/2011 - 00:58:30 - [782336] ----D- D:\Program Files\OpenAL O43 - CFD: 13/03/2011 - 04:38:16 - [38155653] ----D- D:\Program Files\Opera O43 - CFD: 11/03/2011 - 17:43:20 - [4379321] ----D- D:\Program Files\Outlook Express O43 - CFD: 12/03/2011 - 21:51:06 - [17770497] ----D- D:\Program Files\Plextor O43 - CFD: 12/03/2011 - 22:26:02 - [6849804] ----D- D:\Program Files\PS Tray Factory O43 - CFD: 21/03/2011 - 00:18:50 - [4530833] ----D- D:\Program Files\PX Engine O43 - CFD: 12/03/2011 - 23:56:34 - [36400897] ----D- D:\Program Files\Reference Assemblies O43 - CFD: 13/03/2011 - 06:32:48 - [17756718] ----D- D:\Program Files\Reimage O43 - CFD: 30/03/2011 - 00:17:46 - [6471414] ----D- D:\Program Files\Secunia O43 - CFD: 11/03/2011 - 15:38:00 - [1025] ----D- D:\Program Files\Services en ligne O43 - CFD: 11/03/2011 - 15:49:30 - [0] --H-D- D:\Program Files\Uninstall Information O43 - CFD: 13/03/2011 - 02:57:36 - [155495641] ----D- D:\Program Files\Webroot O43 - CFD: 20/03/2011 - 15:51:06 - [0] ----D- D:\Program Files\Windows Home Server O43 - CFD: 12/03/2011 - 21:20:10 - [4106093] ----D- D:\Program Files\Windows Media Player O43 - CFD: 11/03/2011 - 15:35:44 - [3942655] ----D- D:\Program Files\Windows NT O43 - CFD: 11/03/2011 - 15:38:04 - [0] --H-D- D:\Program Files\WindowsUpdate O43 - CFD: 13/03/2011 - 06:51:26 - [30170764] ----D- D:\Program Files\Winzip O43 - CFD: 11/03/2011 - 15:39:08 - [0] ----D- D:\Program Files\xerox O43 - CFD: 13/03/2011 - 03:52:00 - [431912] ----D- D:\Program Files\Yahoo Messenger O43 - CFD: 13/03/2011 - 02:08:06 - [31776648] ----D- D:\Program Files\Yahoo! O43 - CFD: 03/04/2011 - 13:54:42 - [5102355] ----D- D:\Program Files\ZHPDiag O43 - CFD: 13/03/2011 - 06:19:22 - [1685944] ----D- D:\Program Files\Common Files\LogiShrd O43 - CFD: 15/03/2011 - 12:11:20 - [2389291] ----D- D:\Documents and Settings\Administrateur\Application Data\Adobe O43 - CFD: 13/03/2011 - 01:52:18 - [43413] ----D- D:\Documents and Settings\Administrateur\Application Data\Ahead O43 - CFD: 11/03/2011 - 17:45:46 - [0] ----D- D:\Documents and Settings\Administrateur\Application Data\ATI O43 - CFD: 30/03/2011 - 00:03:10 - [0] ----D- D:\Documents and Settings\Administrateur\Application Data\Download Manager O43 - CFD: 29/03/2011 - 02:18:46 - [33065] ----D- D:\Documents and Settings\Administrateur\Application Data\Easeware O43 - CFD: 26/03/2011 - 22:58:56 - [40609524] ----D- D:\Documents and Settings\Administrateur\Application Data\Glory of the Roman Empire O43 - CFD: 11/03/2011 - 15:49:30 - [0] ----D- D:\Documents and Settings\Administrateur\Application Data\Identities O43 - CFD: 11/03/2011 - 16:57:30 - [0] ----D- D:\Documents and Settings\Administrateur\Application Data\InstallShield O43 - CFD: 12/03/2011 - 21:10:16 - [531] ----D- D:\Documents and Settings\Administrateur\Application Data\Leadertech O43 - CFD: 27/03/2011 - 18:51:30 - [117336] ----D- D:\Documents and Settings\Administrateur\Application Data\Logishrd O43 - CFD: 27/03/2011 - 18:54:50 - [99509] ----D- D:\Documents and Settings\Administrateur\Application Data\Logitech O43 - CFD: 11/03/2011 - 17:03:22 - [2742] ----D- D:\Documents and Settings\Administrateur\Application Data\Macromedia O43 - CFD: 28/03/2011 - 23:53:24 - [1056] ----D- D:\Documents and Settings\Administrateur\Application Data\Malwarebytes O43 - CFD: 19/03/2011 - 18:42:58 - [9581791] -S--D- D:\Documents and Settings\Administrateur\Application Data\Microsoft O43 - CFD: 13/03/2011 - 04:37:12 - [907182] ----D- D:\Documents and Settings\Administrateur\Application Data\Opera O43 - CFD: 29/03/2011 - 23:52:32 - [8519756] ----D- D:\Documents and Settings\Administrateur\Application Data\Sun O43 - CFD: 11/03/2011 - 16:08:52 - [0] ----D- D:\Documents and Settings\Administrateur\Application Data\TMP O43 - CFD: 13/03/2011 - 02:57:36 - [88865] ----D- D:\Documents and Settings\Administrateur\Application Data\Webroot O43 - CFD: 13/03/2011 - 02:15:44 - [1096179] ----D- D:\Documents and Settings\Administrateur\Application Data\Yahoo! O43 - CFD: 12/03/2011 - 20:29:16 - [1825109] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe O43 - CFD: 12/03/2011 - 21:38:40 - [2161046] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Ahead O43 - CFD: 13/03/2011 - 02:27:42 - [2872] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\ApplicationHistory O43 - CFD: 11/03/2011 - 17:45:46 - [70978] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\ATI O43 - CFD: 13/03/2011 - 05:06:46 - [2743] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Collectorz.com O43 - CFD: 12/03/2011 - 22:04:12 - [380324462] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Copernic O43 - CFD: 13/03/2011 - 03:20:36 - [0] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Help O43 - CFD: 13/03/2011 - 01:00:32 - [226896] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities O43 - CFD: 12/03/2011 - 21:10:40 - [1886970] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\LogiShrd O43 - CFD: 13/03/2011 - 01:21:02 - [822535711] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft O43 - CFD: 12/03/2011 - 19:06:46 - [0] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft Help O43 - CFD: 13/03/2011 - 04:37:12 - [20311776] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera O43 - CFD: 20/03/2011 - 01:56:22 - [8943] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\PC_Drivers_Headquarters O43 - CFD: 29/03/2011 - 23:59:54 - [0] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Secunia PSI O43 - CFD: 13/03/2011 - 02:15:44 - [324235] ----D- D:\Documents and Settings\Administrateur\Local Settings\Application Data\Yahoo ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.661BE71F47D2DCA3BEFBF1F557965D5C] - 03/04/2011 - 12:19:26 ---A- . (...) -- D:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.B8EE1200F915817C00FCFD7F8CEF1200] - 03/04/2011 - 08:15:43 ---A- . (...) -- D:\WINDOWS\WindowsUpdate.log [2083447] O44 - LFC:[MD5.0C088287E46E00BFDA4273B0BA445BAF] - 03/04/2011 - 08:10:37 ---A- . (...) -- D:\WINDOWS\System32\wpa.dbl [13646] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/04/2011 - 08:10:33 ---A- . (...) -- D:\WINDOWS\0.log [0] O44 - LFC:[MD5.B8EE1200F915817C00FCFD7F8CEF1200] - 03/04/2011 - 08:10:10 ---A- . (...) -- D:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.B8EE1200F915817C00FCFD7F8CEF1200] - 03/04/2011 - 08:10:10 ---A- . (...) -- D:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 03/04/2011 - 08:09:41 -S-A- . (...) -- D:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.B8EE1200F915817C00FCFD7F8CEF1200] - 02/04/2011 - 23:25:01 ---A- . (...) -- D:\WINDOWS\SchedLgU.Txt [32544] O44 - LFC:[MD5.B835299C920126160239B40606AEED4D] - 31/03/2011 - 21:49:51 ---A- . (...) -- D:\WINDOWS\_delis32.ini [272] O44 - LFC:[MD5.B5BC87F3935F751D194C3E24CAD7968F] - 31/03/2011 - 21:49:51 ---A- . (...) -- D:\WINDOWS\_isenv31.ini [1257] O44 - LFC:[MD5.B1A36DA40C9893B1059CC9D543101DE3] - 31/03/2011 - 21:49:51 ---A- . (...) -- D:\WINDOWS\_iserr31.ini [478] O44 - LFC:[MD5.9C24ED831DDFA8319382B2BFD9691AA9] - 30/03/2011 - 23:58:29 ---A- . (.Creative Labs - OpenAL32.) -- D:\WINDOWS\System32\wrap_oal.dll [413696] O44 - LFC:[MD5.CE0CDC5459EAA1D574AF781DDB8F2685] - 30/03/2011 - 23:58:29 ---A- . (.Portions © Creative Labs Inc. and NVIDIA - Standard OpenAL Implementation.) -- D:\WINDOWS\System32\OpenAL32.dll [110592] O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 29/03/2011 - 23:58:58 ---A- . (...) -- D:\WINDOWS\NeroDigital.ini [69] O44 - LFC:[MD5.3FD411DF4A9999EA848615DEF336E905] - 29/03/2011 - 22:53:47 ---A- . (.Sun Microsystems, Inc. - Java Control Panel.) -- D:\WINDOWS\System32\javacpl.cpl [73728] O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 29/03/2011 - 22:53:47 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 29/03/2011 - 22:53:47 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 29/03/2011 - 22:53:47 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- D:\WINDOWS\System32\javaws.exe [157472] O44 - LFC:[MD5.F87BA06FE22C81CDE563761DDFBAB267] - 29/03/2011 - 22:53:46 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\WINDOWS\System32\deployJava1.dll [472808] O44 - LFC:[MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - 29/03/2011 - 01:02:38 ---A- . (...) -- D:\WINDOWS\Language_trs.ini [1769] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/03/2011 - 00:47:54 ---A- . (...) -- D:\WINDOWS\System32\reimage.rep [0] O44 - LFC:[MD5.A926B3EE44DFAAC47239046D836810DB] - 29/03/2011 - 00:31:34 ---A- . (...) -- D:\WINDOWS\reimage.ini [320] O44 - LFC:[MD5.5F6E2456B2A0D75CFB2B238869575FF2] - 29/03/2011 - 00:19:49 ---A- . (...) -- D:\WINDOWS\System32\Native.exe [9216] O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 28/03/2011 - 22:53:11 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 28/03/2011 - 22:53:08 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.0A104714C295228B7FA1021829862D1A] - 28/03/2011 - 20:24:38 ---A- . (...) -- D:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.FF69C29588B924D9B333927E38BCA615] - 27/03/2011 - 21:34:51 ---A- . (...) -- D:\WINDOWS\System32\PerfStringBackup.INI [1128918] O44 - LFC:[MD5.705B58534A29CE56187BBB278D5EDA63] - 27/03/2011 - 21:34:51 ---A- . (...) -- D:\WINDOWS\System32\perfc009.dat [71982] O44 - LFC:[MD5.921A2FD9A76DCDB47C3089957F89D71B] - 27/03/2011 - 21:34:51 ---A- . (...) -- D:\WINDOWS\System32\perfc00C.dat [86074] O44 - LFC:[MD5.002E54BA2A06F031083D36D6F3B10527] - 27/03/2011 - 21:34:51 ---A- . (...) -- D:\WINDOWS\System32\perfh009.dat [443724] O44 - LFC:[MD5.67D9776AD52F3FA4112AC1C5B538CDF5] - 27/03/2011 - 21:34:51 ---A- . (...) -- D:\WINDOWS\System32\perfh00C.dat [513046] O44 - LFC:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 27/03/2011 - 17:53:49 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- D:\WINDOWS\System32\drivers\LNonPnP.sys [16400] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2011 - 17:53:49 --HA- . (...) -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [0] O44 - LFC:[MD5.C99BA72106A858CB8B521BB4C02C93ED] - 27/03/2011 - 17:52:52 ---A- . (.Logitech, Inc. - Logitech Consumer Control Filter Driver..) -- D:\WINDOWS\System32\drivers\LBeepKE.sys [10448] O44 - LFC:[MD5.104F866DEDEDA8191AEC7B706A3FEDE7] - 24/03/2011 - 00:28:40 ---A- . (.Adobe Systems Incorporated - 3D Capture Dll 9.4.) -- D:\WINDOWS\System32\acaptuser32.dll [112056] O44 - LFC:[MD5.23285D9144C76BEE6FEF8E4B8D2FD3C4] - 20/03/2011 - 14:51:17 ---A- . (.Diskeeper Corporation - Diskeeper IntelliWrite Mini-Filter Driver.) -- D:\WINDOWS\System32\drivers\DKRtWrt.sys [38608] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/03/2011 - 18:14:33 ---A- . (...) -- D:\WINDOWS\System32\drivers\logiflt.iad [0] O44 - LFC:[MD5.0C2636CDC504728836BAAA0FA7F7D30B] - 13/03/2011 - 06:03:51 -SHA- . (...) -- D:\WINDOWS\System5537 Data.Repository [22] O44 - LFC:[MD5.71BD9F25E3E327F0F939451ED4E6FF6C] - 13/03/2011 - 05:11:40 ---A- . (...) -- D:\WINDOWS\System32\lvcoinst.log [4642] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 13/03/2011 - 03:29:35 ---A- . (...) -- D:\WINDOWS\System32\drivers\lvuvc.hs [0] O44 - LFC:[MD5.EA123223C796DCFC12E65AD9DED20725] - 13/03/2011 - 02:08:09 ---A- . (.- - Eraser Launcher..) -- D:\WINDOWS\System32\eraserl.exe [233472] O44 - LFC:[MD5.7EB2E369D2590C7FE8910295721846A2] - 13/03/2011 - 02:08:09 ---A- . (.- - Eraser Library..) -- D:\WINDOWS\System32\eraser.dll [610304] O44 - LFC:[MD5.95CD44CF599D0E78E788BFDC87219CF7] - 13/03/2011 - 02:08:09 ---A- . (.- - Eraser Shell Extension..) -- D:\WINDOWS\System32\erasext.dll [282624] O44 - LFC:[MD5.42CBA0819745CE60E10EA41971FC6011] - 13/03/2011 - 01:57:35 ---A- . (.Webroot Software, Inc. - Spy Sweeper Client Executable.) -- D:\WINDOWS\WRSetup.dll [1563008] O44 - LFC:[MD5.7F8965D259C686BDBFDCA8769E663125] - 13/03/2011 - 01:56:51 ---A- . (...) -- D:\WINDOWS\install.dat [164] O44 - LFC:[MD5.E5118CD3FEEDE70318A78D7D7A613DA9] - 13/03/2011 - 00:28:57 ---A- . (.Agnitum Ltd. - Host Protection Component.) -- D:\WINDOWS\System32\drivers\SandBox.sys [710824] O44 - LFC:[MD5.1F3D61965A9BD278A205D3062176E45C] - 13/03/2011 - 00:28:50 ---A- . (.Agnitum Ltd. - Agnitum Firewall Core Driver.) -- D:\WINDOWS\System32\drivers\afwcore.sys [267624] O44 - LFC:[MD5.14BA5CA5D11771CE8E8B6CC6830A2436] - 13/03/2011 - 00:28:24 ---A- . (.Agnitum Ltd. - Agnitum Firewall NDIS Driver.) -- D:\WINDOWS\System32\drivers\afw.sys [34280] O44 - LFC:[MD5.9DC611B2D5F1D87AE31450AA341367B5] - 12/03/2011 - 23:47:27 ---A- . (...) -- D:\WINDOWS\System32\FNTCACHE.DAT [271784] O44 - LFC:[MD5.EE9D8B7FAD6E066F255E7598D3CB25F4] - 12/03/2011 - 23:31:38 ---A- . (...) -- D:\WINDOWS\win.ini [552] O44 - LFC:[MD5.926CF712448FEA216DEB1D30E708275C] - 12/03/2011 - 21:52:31 ---A- . (.Western Digital Technologies, Inc. - WD Button Manager.) -- D:\WINDOWS\System32\WDBtnMgr.exe [335872] O44 - LFC:[MD5.F677358E4DE7BC0CD0AEC0C7B1CB7ABC] - 12/03/2011 - 21:13:53 ---A- . (.FSPro Labs - Hide Folders XP 2 Context Menu Shell Extens.) -- D:\WINDOWS\System32\hfshext.dll [89600] O44 - LFC:[MD5.4B606999D47E8BD466DBCF3E6CDE044C] - 12/03/2011 - 21:13:53 ---A- . (.FSPro Labs - Hide Folders XP driver.) -- D:\WINDOWS\System32\drivers\hfxp2.sys [11648] O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 12/03/2011 - 20:51:03 ---A- . (...) -- D:\WINDOWS\WMSysPr9.prx [316640] O44 - LFC:[MD5.9A4219B8C61723EA8ACBCAD6A10EC387] - 12/03/2011 - 20:09:53 ---A- . (.Logitech Inc. - Logitech Camera Property Pages.) -- D:\WINDOWS\System32\LVUI2.dll [543328] O44 - LFC:[MD5.8433903F829ABD34B0AD700EF00E8BFB] - 12/03/2011 - 20:09:53 ---A- . (.Logitech Inc. - Logitech Camera Property Pages.) -- D:\WINDOWS\System32\LVUI2RC.dll [539232] O44 - LFC:[MD5.3703406AF0726BADD24C5E552493E5B1] - 12/03/2011 - 20:09:53 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- D:\WINDOWS\System32\drivers\lvuvc.sys [4323040] O44 - LFC:[MD5.DE14EE912AC6F94D8510B5E7F4C5659A] - 12/03/2011 - 20:09:53 ---A- . (.Logitech Inc. - Video Codec.) -- D:\WINDOWS\System32\lvcodec2.dll [416352] O44 - LFC:[MD5.1FF3F511A657F8F7C352D1016A2EBF72] - 12/03/2011 - 20:09:33 R--A- . (.Logitech Inc. - Logitech Co-Installer.) -- D:\WINDOWS\System32\lvci1201278.dll [199192] O44 - LFC:[MD5.87ECCE893D8AEC5A9337B917742D339C] - 12/03/2011 - 20:09:33 R--A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Dr.) -- D:\WINDOWS\System32\drivers\lvrs.sys [265496] O44 - LFC:[MD5.44D939EB9030E980D7FA7A208C7637AF] - 12/03/2011 - 20:09:33 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- D:\WINDOWS\System32\drivers\lvselsus.sys [66456] O44 - LFC:[MD5.A75DDC492D2D1D6558AD8003A4ADB73A] - 12/03/2011 - 20:09:10 R--A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- D:\WINDOWS\System32\drivers\lvuvcflt.sys [23832] O44 - LFC:[MD5.C0D44791C969D65E63F250BC8BA0DC57] - 12/03/2011 - 19:28:17 ---A- . (.Adobe Systems Inc - Adobe PDF Port Monitor DLL.) -- D:\WINDOWS\System32\AdobePDF.dll [46928] O44 - LFC:[MD5.EB02C18DE7A07056FE51F19D5FBB8216] - 12/03/2011 - 19:28:17 R--A- . (.Adobe Systems Inc. - Adobe PDF Port Monitor UI DLL.) -- D:\WINDOWS\System32\AdobePDFUI.dll [22872] O44 - LFC:[MD5.B0F1425D589318CD8D787B320C3260A6] - 12/03/2011 - 15:58:28 ---A- . (.Avisioin - USB DLL.) -- D:\WINDOWS\System32\hpgt53tk.dll [68608] O44 - LFC:[MD5.F701739B4193BE467A594431E42BD650] - 12/03/2011 - 15:58:27 ---A- . (.Pas de propriétaire - hp5300_5370 Module.) -- D:\WINDOWS\System32\hpgt53.dll [165888] O44 - LFC:[MD5.1460D50BF977E80FE315688A311A97B3] - 11/03/2011 - 16:43:24 ---A- . (...) -- D:\WINDOWS\System32\TZLog.log [4448] O44 - LFC:[MD5.36ACE489E6101755F44F5E29782F2403] - 11/03/2011 - 16:13:59 ---A- . (...) -- D:\WINDOWS\System32\wpa.bak [13646] O44 - LFC:[MD5.01985D93556733FAB4B27471D48A29DB] - 11/03/2011 - 16:08:09 R--A- . (.ATI Research Inc. - Ati High Definition Audio Function Driver.) -- D:\WINDOWS\System32\drivers\AtiHdmi.sys [141824] O44 - LFC:[MD5.C2A6F7F35E617744A65DBFB0C0A64ADC] - 11/03/2011 - 15:58:27 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- D:\WINDOWS\System32\drivers\rt2870.sys [517632] O44 - LFC:[MD5.64D7EC69A017EA447F911ECE59069D37] - 11/03/2011 - 15:57:11 ---A- . (...) -- D:\WINDOWS\Ascd_tmp.ini [41969] O44 - LFC:[MD5.D47F94D719E80663EDBF933F1CCEAF2A] - 11/03/2011 - 15:34:35 ---A- . (.Windows XP Bundled build C-Centric Single U - CSVer.) -- D:\WINDOWS\System32\CSVer.dll [53248] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/03/2011 - 15:34:00 ---A- . (...) -- D:\WINDOWS\ativpsrm.bin [0] O44 - LFC:[MD5.C15C27BD7648FFC01A04C3C745A0A52D] - 11/03/2011 - 15:33:53 ---A- . (. ATI Technologies Inc. - atiddc.) -- D:\WINDOWS\System32\ATIDDC.DLL [53248] O44 - LFC:[MD5.50D2BEDFEF6800A3B64F032A67053738] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- D:\WINDOWS\System32\ati2evxx.dll [188416] O44 - LFC:[MD5.281D26DF656E53DAB568214EE282EC46] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- D:\WINDOWS\System32\ati2evxx.exe [638976] O44 - LFC:[MD5.0DBE644571AE3708B0D8C8FD5B12C6EB] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Display Driver.) -- D:\WINDOWS\System32\ati2dvag.dll [302080] O44 - LFC:[MD5.CCAF8A0E9714B75087DF06F9DC736E2A] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies Inc. - ATI RageTheater/ImpacTV2 COM interface.) -- D:\WINDOWS\System32\atitvo32.dll [17408] O44 - LFC:[MD5.2A07F610B65C65F39A9873CD2E8A029C] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies Inc. - Central Memory Manager / Queue Server Modul.) -- D:\WINDOWS\System32\ati2cqag.dll [847872] O44 - LFC:[MD5.9564556155BAB48E501173BEC4246488] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies Inc. - ati3duag.dll.) -- D:\WINDOWS\System32\ati3duag.dll [4029824] O44 - LFC:[MD5.DDBB1DBCF9FCDBD25C5C9F338522CCCC] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies Inc. - eRecord Message Resource File.) -- D:\WINDOWS\System32\drivers\ati2erec.dll [53248] O44 - LFC:[MD5.9505C5D2F033614EF8725DCF6DE6013A] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies, Inc. - 32-bit ATI VCO Driver.) -- D:\WINDOWS\System32\ativcoxx.dll [24064] O44 - LFC:[MD5.DE36A08CF6FC35CAF7AB4B39FF77FD94] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies, Inc. - ATI Driver Interface DLL.) -- D:\WINDOWS\System32\Oemdspif.dll [155648] O44 - LFC:[MD5.C33DCDA3C97C68D786E708D5741088A2] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies, Inc. - ATI2MDXX.) -- D:\WINDOWS\System32\Ati2mdxx.exe [26112] O44 - LFC:[MD5.FD62E257BF1A940415197FB964315BA6] - 11/03/2011 - 15:33:53 ---A- . (.ATI Technologies, Inc. - ati2edxx.) -- D:\WINDOWS\System32\ati2edxx.dll [43520] O44 - LFC:[MD5.E6AA8E899A87F5C54301C277D67D1DF3] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices Inc. - ATI CAL DD.) -- D:\WINDOWS\System32\aticaldd.dll [4636672] O44 - LFC:[MD5.E1AD8201CE414E117CB8D44D9CCFF3ED] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices Inc. - ATI CAL compiler runtime.) -- D:\WINDOWS\System32\aticalcl.dll [53248] O44 - LFC:[MD5.25847F6A6E1C4D680B035D4B37695437] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices Inc. - ATI CAL runtime.) -- D:\WINDOWS\System32\aticalrt.dll [57344] O44 - LFC:[MD5.30B2BA5E0703A73DD9A903537C3D6451] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - ATI OpenGL driver.) -- D:\WINDOWS\System32\atioglxx.dll [17252352] O44 - LFC:[MD5.749584902AE80A53EFDA4F8FA03E1713] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - ATIBRTMON.) -- D:\WINDOWS\System32\atibtmon.exe [118784] O44 - LFC:[MD5.F1D4AE214C5A7F3B830BBE7C6076F835] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - ATIODCLI Application.) -- D:\WINDOWS\System32\ATIODCLI.exe [45056] O44 - LFC:[MD5.CE27070AEBDD320A6D30BC077C9A34CA] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - Graphics DEM.) -- D:\WINDOWS\System32\ATIDEMGX.dll [462848] O44 - LFC:[MD5.F22809E3D2DD512A6411B21D58FD30FD] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- D:\WINDOWS\System32\amdpcom32.dll [64512] O44 - LFC:[MD5.F22809E3D2DD512A6411B21D58FD30FD] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- D:\WINDOWS\System32\atimpc32.dll [64512] O44 - LFC:[MD5.5366CC0D48DBCA72187616D31924D4A0] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) -- D:\WINDOWS\System32\ativvamv.dll [1112576] O44 - LFC:[MD5.2B5B6C9596F7D7E0C2D8DDC346622291] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) -- D:\WINDOWS\System32\ativvaxx.dll [2673280] O44 - LFC:[MD5.AC3D63AC924D97699CABC2AD9CCF2749] - 11/03/2011 - 15:33:53 ---A- . (.Advanced Micro Devices, Inc. - Ring 0 x2 component.) -- D:\WINDOWS\System32\atiok3x2.dll [483328] O44 - LFC:[MD5.D272EB2AE464AFA438F9AD19A91A0E07] - 11/03/2011 - 15:33:52 ---A- . (.ATI Technologies Inc. - .INF file installer.) -- D:\WINDOWS\System32\atiiiexx.dll [311296] O44 - LFC:[MD5.C2B6F2161ABD498D2B453050FFC81812] - 11/03/2011 - 15:33:52 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- D:\WINDOWS\System32\drivers\ati2mtag.sys [6406656] O44 - LFC:[MD5.1C83E95123F4B13E64A33C8F858CCD27] - 11/03/2011 - 15:33:52 ---A- . (.ATI Technologies Inc. - Virtual Command And Memory Manager.) -- D:\WINDOWS\System32\atikvmag.dll [651264] O44 - LFC:[MD5.F90349D713FF9DA761465EA5FAC105E0] - 11/03/2011 - 15:33:52 ---A- . (.ATI Technologies, Inc. - ATI Desktop CWDDEDI DLL.) -- D:\WINDOWS\System32\atipdlxx.dll [212992] O44 - LFC:[MD5.6110008AB366B98C4C364DD155D8FF55] - 11/03/2011 - 15:33:52 ---A- . (.Advanced Micro Devices, Inc. - ADL.) -- D:\WINDOWS\System32\atiadlxx.dll [196608] O44 - LFC:[MD5.337E0565819A1A93D2A8AA37B5816EA2] - 11/03/2011 - 15:33:52 ---A- . (.Advanced Micro Devices, Inc. - ATIODE Application.) -- D:\WINDOWS\System32\ATIODE.exe [294912] O44 - LFC:[MD5.6A7ACFDDDE099950852C2F7440503B7E] - 11/03/2011 - 15:33:52 ---A- . (.Advanced Micro Devices, Inc. - atiapfxx Application.) -- D:\WINDOWS\System32\atiapfxx.exe [143360] O44 - LFC:[MD5.B8EE1200F915817C00FCFD7F8CEF1200] - 11/03/2011 - 15:33:40 ---A- . (...) -- D:\WINDOWS\System32\h323log.txt [0] O44 - LFC:[MD5.7C18D06E7204D2989B850E727A53DF27] - 11/03/2011 - 15:32:45 ---A- . (...) -- D:\WINDOWS\System32\pid.PNF [4444] O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 11/03/2011 - 15:29:03 ---A- . (...) -- D:\WINDOWS\system.ini [231] O44 - LFC:[MD5.1E9B88D340481EDA7A9BF53A949E1F42] - 11/03/2011 - 15:28:50 ---A- . (.Digi International - DGSETUP DLL.) -- D:\WINDOWS\System32\dgsetup.dll [86044] O44 - LFC:[MD5.7AE4CDB4AD25A08B711ECC5BE12EF3D7] - 11/03/2011 - 15:28:50 ---A- . (.Digi International, Inc. - Digi RealPort® Driver Upgrade.) -- D:\WINDOWS\System32\dgrpsetu.dll [176157] O44 - LFC:[MD5.F899213C79DEE079DCE1EE730D82594F] - 11/03/2011 - 15:28:50 ---A- . (.Equinox Systems Inc. - Co-installeur série multiport Equinox.) -- D:\WINDOWS\System32\EqnClass.Dll [103424] O44 - LFC:[MD5.FA511331A48B582A7D584FC2408E8C1A] - 11/03/2011 - 15:28:50 ---A- . (.Perle Systems Ltd. - Specialix MPS NT Upgrade CoInstaller.) -- D:\WINDOWS\System32\spxcoins.dll [24661] O44 - LFC:[MD5.4C974E3111172B5596F06B98B5C469E8] - 11/03/2011 - 15:27:04 R--A- . (.Analog Devices, Inc. - SoundMAX coinstaller (32 bit).) -- D:\WINDOWS\System32\PostProc.dll [28672] O44 - LFC:[MD5.18764965B400BFDC2A7F172F709B399D] - 11/03/2011 - 15:27:04 R--A- . (.Sensaura Ltd - Audio3D.) -- D:\WINDOWS\System32\a3d.dll [65536] O44 - LFC:[MD5.F277C43C2E0672EED28CCA0D13CE175F] - 11/03/2011 - 15:27:03 R--A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- D:\WINDOWS\System32\drivers\ADIHdAud.sys [331264] O44 - LFC:[MD5.FFF87A9B1AB36EE4B7BEC98A4CB01B79] - 11/03/2011 - 15:27:03 R--A- . (.Andrea Electronics Corporation - Audio Noise Filtering Driver (32-bit).) -- D:\WINDOWS\System32\drivers\aeaudio.sys [94976] O44 - LFC:[MD5.B6A6B409FDA9D9EBD3AADB838D3D7173] - 11/03/2011 - 15:27:03 R--A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- D:\WINDOWS\System32\drivers\senfilt.sys [392960] O44 - LFC:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 11/03/2011 - 15:02:47 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- D:\WINDOWS\System32\drivers\ASACPI.sys [5810] O44 - LFC:[MD5.651D2787CCF6077E0CFA56B0F5BA84FA] - 11/03/2011 - 14:41:09 ---A- . (...) -- D:\WINDOWS\REGLOCS.OLD [8192] O44 - LFC:[MD5.D804538785707ECA431DA3532B403B21] - 11/03/2011 - 14:40:21 ---A- . (...) -- D:\WINDOWS\System32\$winnt$.inf [261] O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 11/03/2011 - 14:38:50 ---A- . (...) -- D:\WINDOWS\System32\CONFIG.NT [3072] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/03/2011 - 14:38:50 ---A- . (...) -- D:\WINDOWS\control.ini [0] O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 11/03/2011 - 14:38:48 ---A- . (...) -- D:\WINDOWS\System32\amcompat.tlb [16832] O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 11/03/2011 - 14:38:48 ---A- . (...) -- D:\WINDOWS\System32\nscompat.tlb [23392] O44 - LFC:[MD5.8BB99EDB4918E4ECCBB2091B6D1BC92E] - 11/03/2011 - 14:38:39 ---A- . (...) -- D:\WINDOWS\ODBCINST.INI [4205] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 11/03/2011 - 14:38:08 R-HA- . (...) -- D:\WINDOWS\System32\WindowsLogon.manifest [488] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 11/03/2011 - 14:38:08 R-HA- . (...) -- D:\WINDOWS\System32\logonui.exe.manifest [488] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/03/2011 - 14:38:05 R-HA- . (...) -- D:\WINDOWS\System32\cdplayer.exe.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/03/2011 - 14:38:05 R-HA- . (...) -- D:\WINDOWS\System32\ncpa.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/03/2011 - 14:38:05 R-HA- . (...) -- D:\WINDOWS\System32\nwc.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/03/2011 - 14:38:05 R-HA- . (...) -- D:\WINDOWS\System32\sapi.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/03/2011 - 14:38:05 R-HA- . (...) -- D:\WINDOWS\System32\wuaucpl.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/03/2011 - 14:38:05 R-HA- . (...) -- D:\WINDOWS\WindowsShell.Manifest [749] O44 - LFC:[MD5.71ECBA795A063026843F70F31EF02689] - 11/03/2011 - 14:36:54 ---A- . (.Intel Corporation - ISR Debug 32-bit Engine.) -- D:\WINDOWS\System32\isrdbg32.dll [32768] O44 - LFC:[MD5.4E6BC0561AA8CDE50801D44ACFCF3014] - 11/03/2011 - 14:36:21 ---A- . (...) -- D:\WINDOWS\System32\emptyregdb.dat [21892] O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 11/03/2011 - 14:36:12 ---A- . (...) -- D:\WINDOWS\vb.ini [36] O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 11/03/2011 - 14:36:12 ---A- . (...) -- D:\WINDOWS\vbaddin.ini [37] O44 - LFC:[MD5.520A03D1F113D251EFBFA00C164F2087] - 11/03/2011 - 14:35:43 ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- D:\WINDOWS\System32\hticons.dll [44544] O44 - LFC:[MD5.6A1D9675F87094A7FAB33A67A4C25F1C] - 11/03/2011 - 14:35:19 ---A- . (.Hilgraeve, Inc. - Bibliothèque d'applications HyperTerminal.) -- D:\WINDOWS\System32\hypertrm.dll [354304] O44 - LFC:[MD5.33D3A0DDB91D892D20EAF203D51CF53D] - 26/01/2011 - 23:27:54 ---A- . (...) -- D:\WINDOWS\System32\atiapfxx.blb [145280] O44 - LFC:[MD5.675B10600AA335B48A44048BC31BD43E] - 26/01/2011 - 23:26:44 ---A- . (...) -- D:\WINDOWS\System32\ativvaxx.cap [578048] O44 - LFC:[MD5.DADAFE066983AB646E8550013FB7DA13] - 26/01/2011 - 23:26:36 ---A- . (...) -- D:\WINDOWS\System32\ativva5x.dat [3] O44 - LFC:[MD5.CD663D99F1458BAA1840411C01B86EE5] - 26/01/2011 - 23:26:36 ---A- . (...) -- D:\WINDOWS\System32\ativva6x.dat [887724] O44 - LFC:[MD5.4B908E7BD52D998AA09F96019539A1D2] - 25/01/2011 - 23:42:00 ---A- . (...) -- D:\WINDOWS\atiogl.xml [30707] O44 - LFC:[MD5.375A27C97D1248448B0E363C46FDCB0B] - 17/12/2010 - 17:00:44 ---A- . (...) -- D:\WINDOWS\System32\atiicdxx.dat [227587] O44 - LFC:[MD5.835C775A6871D2A2EA6FC343B6B4C9A2] - 10/11/2010 - 02:32:44 ---A- . (...) -- D:\WINDOWS\System32\drivers\LVAFT.cfg [266828] O44 - LFC:[MD5.6A89E8BBE2AF518D4F9497605D1B9622] - 10/11/2010 - 02:31:42 ---A- . (...) -- D:\WINDOWS\System32\lvcoinst.ini [26286] O44 - LFC:[MD5.ED280A0EA3CC38F3CBBC747ACFBEF47D] - 25/05/2010 - 15:06:00 ---A- . (...) -- D:\WINDOWS\transp.gif [49] O44 - LFC:[MD5.9905222AFB5556DD788C9CF70DF1701A] - 30/04/2009 - 23:39:22 R--A- . (...) -- D:\WINDOWS\System32\Repository.reg [34068] O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Bulles de savon.bmp [65978] O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Granit vert.bmp [26582] O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Jour de pêche.bmp [17336] O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Mur de Santa Fe.bmp [65832] O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Plume.bmp [16730] O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Rhododendron.bmp [17362] O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Rivière Sumida.bmp [26680] O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Rosace bleue 16.bmp [1272] O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\AUTOEXEC.NT [1896] O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\C_28594.NLS [66082] O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\C_28595.NLS [66082] O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\C_28597.NLS [66082] O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\bopomofo.uce [22984] O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_10006.nls [66082] O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_10007.nls [66082] O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_10010.nls [66082] O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_10017.nls [66082] O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_10029.nls [66082] O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_10081.nls [66082] O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_10082.nls [66082] O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_20127.nls [66082] O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_28599.nls [66082] O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_28603.nls [66082] O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_737.nls [66594] O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_852.nls [66594] O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_855.nls [66594] O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_857.nls [66594] O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_866.nls [66594] O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_869.nls [66594] O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\c_875.nls [66082] O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\desktop.ini [2] O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\gb2312.uce [24006] O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\ideograf.uce [60458] O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\kanji_1.uce [6948] O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\kanji_2.uce [8484] O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\korean.uce [12876] O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\msdtcprf.h [768] O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\msdtcprf.ini [3914] O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\shiftjis.uce [16740] O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\subrange.uce [93702] O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\tslabels.h [3286] O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\tslabels.ini [27768] O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\usrlogon.cmd [1263] O44 - LFC:[MD5.2CE7B1EEB99C14032C0E2201B004F80E] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\System32\wmimgmt.msc [63488] O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Tasse à café.bmp [17062] O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Vent de prairie.bmp [65954] O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\Zapotec.bmp [9522] O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\desktop.ini [2] O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 14/04/2008 - 13:00:00 -SH-- . (...) -- D:\WINDOWS\winnt.bmp [49102] O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 14/04/2008 - 13:00:00 -SH-- . (...) -- D:\WINDOWS\winnt256.bmp [49102] O44 - LFC:[MD5.A799EA2E17F8C6747801E37F25FE078F] - 14/04/2008 - 13:00:00 R--A- . (...) -- D:\WINDOWS\SET3.tmp [1246130] O44 - LFC:[MD5.7DEBF83AF61B07063EF0CEEADD4B4E59] - 14/04/2008 - 13:00:00 R--A- . (...) -- D:\WINDOWS\SET4.tmp [1088840] O44 - LFC:[MD5.619D9DD12A0BFDB080A86CE19F09CA10] - 14/04/2008 - 13:00:00 R--A- . (...) -- D:\WINDOWS\SET8.tmp [16825] O44 - LFC:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 28/12/2007 - 08:22:02 ---A- . (...) -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS [10296] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- D:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "D:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) -- D:\Program Files\ma-config.com\maconfservice.exe O47 - AAKE:Key Export SP - "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- D:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Enabled] .(.Yahoo! Inc. - Yahoo! Messenger.) -- D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O47 - AAKE:Key Export SP - "D:\Program Files\Opera\opera.exe" [Enabled] .(.Opera Software - Opera Internet Browser.) -- D:\Program Files\Opera\opera.exe O47 - AAKE:Key Export SP - "D:\Program Files\Logitech\Vid HD\Vid.exe" [Enabled] .(.Logitech Inc. - Logitech Vid HD.) -- D:\Program Files\Logitech\Vid HD\Vid.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- D:\WINDOWS\system32\sessmgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- D:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- D:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- D:\WINDOWS\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- D:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="D:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- D:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="D:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- D:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- D:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- D:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- D:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.F277C43C2E0672EED28CCA0D13CE175F] - 24/03/2008 - 02:08:14 R--A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- D:\WINDOWS\system32\drivers\ADIHdAud.sys [331264] O58 - SDL:[MD5.FFF87A9B1AB36EE4B7BEC98A4CB01B79] - 13/07/2007 - 02:26:12 R--A- . (.Andrea Electronics Corporation - Audio Noise Filtering Driver (32-bit).) -- D:\WINDOWS\system32\drivers\aeaudio.sys [94976] O58 - SDL:[MD5.14BA5CA5D11771CE8E8B6CC6830A2436] - 20/04/2010 - 15:05:16 ---A- . (.Agnitum Ltd. - Agnitum Firewall NDIS Driver.) -- D:\WINDOWS\system32\drivers\afw.sys [34280] O58 - SDL:[MD5.1F3D61965A9BD278A205D3062176E45C] - 27/09/2010 - 15:40:28 ---A- . (.Agnitum Ltd. - Agnitum Firewall Core Driver.) -- D:\WINDOWS\system32\drivers\afwcore.sys [267624] O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 03:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- D:\WINDOWS\system32\drivers\ASACPI.sys [5810] O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 28/12/2007 - 08:22:02 ---A- . (...) -- D:\WINDOWS\system32\drivers\ASUSHWIO.SYS [10296] O58 - SDL:[MD5.C2B6F2161ABD498D2B453050FFC81812] - 27/01/2011 - 00:34:30 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- D:\WINDOWS\system32\drivers\ati2mtag.sys [6406656] O58 - SDL:[MD5.01985D93556733FAB4B27471D48A29DB] - 21/05/2008 - 00:53:56 R--A- . (.ATI Research Inc. - Ati High Definition Audio Function Driver.) -- D:\WINDOWS\system32\drivers\AtiHdmi.sys [141824] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- D:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 14/04/2008 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- D:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.23285D9144C76BEE6FEF8E4B8D2FD3C4] - 14/02/2011 - 02:04:48 ---A- . (.Diskeeper Corporation - Diskeeper IntelliWrite Mini-Filter Driver.) -- D:\WINDOWS\system32\drivers\DKRtWrt.sys [38608] O58 - SDL:[MD5.BA3BB79C859292C3FF2A21B05E64696F] - 07/04/2010 - 21:03:44 ---A- . (.ESET - Amon monitor.) -- D:\WINDOWS\system32\drivers\eamon.sys [139192] O58 - SDL:[MD5.3C747A0D8CE29720302972AC6ED09733] - 07/04/2010 - 21:07:08 ---A- . (.ESET - ESET Helper driver.) -- D:\WINDOWS\system32\drivers\ehdrv.sys [114984] O58 - SDL:[MD5.C24FAE2E95936BB8F0D4941C329CC663] - 07/04/2010 - 21:08:08 ---A- . (.ESET - ESET Antivirus Network Redirector.) -- D:\WINDOWS\system32\drivers\epfwtdir.sys [95872] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - 13:00:00 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- D:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.4B606999D47E8BD466DBCF3E6CDE044C] - 30/12/2004 - 15:49:26 ---A- . (.FSPro Labs - Hide Folders XP driver.) -- D:\WINDOWS\system32\drivers\hfxp2.sys [11648] O58 - SDL:[MD5.25EDD75E23C5EF6B33D0FBCCE125A601] - 15/08/2005 - 11:08:26 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- D:\WINDOWS\system32\drivers\imagedrv.sys [5888] O58 - SDL:[MD5.9C4BBACF4E9B9543C3CE23F1FE556941] - 15/08/2005 - 11:08:26 ---A- . (.Ahead Software AG - Nero Image Server.) -- D:\WINDOWS\system32\drivers\imagesrv.sys [127488] O58 - SDL:[MD5.C99BA72106A858CB8B521BB4C02C93ED] - 24/08/2010 - 18:30:18 ---A- . (.Logitech, Inc. - Logitech Consumer Control Filter Driver..) -- D:\WINDOWS\system32\drivers\LBeepKE.sys [10448] O58 - SDL:[MD5.318B3D608FBEC44B7E0C23BF759DCED5] - 24/08/2010 - 18:30:52 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- D:\WINDOWS\system32\drivers\LHidFilt.Sys [38864] O58 - SDL:[MD5.84AF069D219DF3C43DC6792B2BBD7BED] - 24/08/2010 - 18:31:02 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- D:\WINDOWS\system32\drivers\LMouFilt.Sys [37328] O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 27/03/2011 - 17:53:49 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- D:\WINDOWS\system32\drivers\LNonPnP.sys [16400] O58 - SDL:[MD5.8BE71D7EDB8C7494913722059F760DD0] - 07/05/2010 - 18:43:30 ---A- . (...) -- D:\WINDOWS\system32\drivers\LVPr2Mon.sys [25824] O58 - SDL:[MD5.87ECCE893D8AEC5A9337B917742D339C] - 01/05/2009 - 00:01:36 R--A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- D:\WINDOWS\system32\drivers\lvrs.sys [265496] O58 - SDL:[MD5.44D939EB9030E980D7FA7A208C7637AF] - 01/05/2009 - 00:01:48 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- D:\WINDOWS\system32\drivers\lvselsus.sys [66456] O58 - SDL:[MD5.3703406AF0726BADD24C5E552493E5B1] - 10/11/2010 - 02:49:50 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- D:\WINDOWS\system32\drivers\lvuvc.sys [4323040] O58 - SDL:[MD5.A75DDC492D2D1D6558AD8003A4ADB73A] - 01/05/2009 - 00:03:30 R--A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- D:\WINDOWS\system32\drivers\lvuvcflt.sys [23832] O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.D24DFD16A1E2A76034DF5AA18125C35D] - 01/09/2010 - 09:30:58 ---A- . (.Secunia - Secunia PSI Driver.) -- D:\WINDOWS\system32\drivers\psi_mf.sys [15544] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 14/04/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- D:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- D:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.C2A6F7F35E617744A65DBFB0C0A64ADC] - 28/07/2007 - 14:50:36 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- D:\WINDOWS\system32\drivers\rt2870.sys [517632] O58 - SDL:[MD5.E5118CD3FEEDE70318A78D7D7A613DA9] - 02/02/2011 - 15:52:40 ---A- . (.Agnitum Ltd. - Host Protection Component.) -- D:\WINDOWS\system32\drivers\SandBox.sys [710824] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/04/2008 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- D:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.B6A6B409FDA9D9EBD3AADB838D3D7173] - 17/03/2006 - 10:18:58 R--A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- D:\WINDOWS\system32\drivers\senfilt.sys [392960] O58 - SDL:[MD5.A3CC244F1E043C2B7AE32899FF99A0A0] - 06/11/2009 - 12:00:34 ---A- . (.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper FileSystem Filter Driver.) -- D:\WINDOWS\system32\drivers\ssfs0bbc.sys [29808] O58 - SDL:[MD5.E041026DAFA17AF2610AFC4DA8F4EA14] - 06/11/2009 - 12:00:36 ---A- . (.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper Mini Driver.) -- D:\WINDOWS\system32\drivers\sshrmd.sys [23152] O58 - SDL:[MD5.5A40B485825CC31B3A49BB4701B30D35] - 06/11/2009 - 12:00:36 ---A- . (.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper Interdiction Driver.) -- D:\WINDOWS\system32\drivers\ssidrv.sys [176752] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 14/04/2008 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- D:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- D:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.67331FD053F97A874A60374BE6B59523] - 15/08/2007 - 09:22:00 ---A- . (.Marvell - NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller.) -- D:\WINDOWS\system32\drivers\yk51x86.sys [265856] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 14/04/2008 - 13:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntio804.sys [34560] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - D:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe - Agnitum Client Security Service (acssrv) .(.Agnitum Ltd. - Agnitum Outpost Service.) - LEGACY_ACSSRV O64 - Services: CurCS - D:\Windows\System32\drivers\afwcore.sys - afwcore (afwcore) .(.Agnitum Ltd. - Agnitum Firewall Core Driver.) - LEGACY_AFWCORE O64 - Services: CurCS - D:\WINDOWS\system32\Filt\ASWFilt.dll - ASWFilt (ASWFilt) .(.Agnitum Ltd. - Host Protection Component.) - LEGACY_ASWFILT O64 - Services: CurCS - D:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe - Diskeeper (Diskeeper) .(.Diskeeper Corporation - Diskeeper Service.) - LEGACY_DISKEEPER O64 - Services: CurCS - D:\Windows\System32\DRIVERS\DKRtWrt.sys - DKRtWrt (DKRtWrt) .(.Diskeeper Corporation - Diskeeper IntelliWrite Mini-Filter Driver.) - LEGACY_DKRTWRT O64 - Services: CurCS - D:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - D:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2 (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - D:\Windows\System32\DRIVERS\eamon.sys - eamon (eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON O64 - Services: CurCS - D:\Windows\System32\DRIVERS\ehdrv.sys - ehdrv (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV O64 - Services: CurCS - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe - ESET Service (ekrn) .(.ESET - ESET Service.) - LEGACY_EKRN O64 - Services: CurCS - D:\Windows\System32\DRIVERS\epfwtdir.sys - epfwtdir (epfwtdir) .(.ESET - ESET Antivirus Network Redirector.) - LEGACY_EPFWTDIR O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS O64 - Services: CurCS - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - FLEXnet Licensing Service (FLEXnet Licensing Service) .(.Macrovision Europe Ltd. - Activation Licensing Service.) - LEGACY_FLEXNET_L O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - D:\Windows\System32\DRIVERS\HFXP2.sys - HFXP2 (HFXP2) .(.FSPro Labs - Hide Folders XP driver.) - LEGACY_HFXP2 O64 - Services: CurCS - D:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD O64 - Services: CurCS - D:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe - Logitech Bluetooth Service (LBTServ) .(.Logitech, Inc. - Logitech Bluetooth Service.) - LEGACY_LBTSERV O64 - Services: CurCS - D:\Windows\System32\Drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(...) - LEGACY_LVPR2MON O64 - Services: CurCS - D:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe - Process Monitor (LVPrcSrv) .(.Logitech Inc. - LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - D:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service (maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe - NMIndexingService (NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP O64 - Services: CurCS - D:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe - Retrospect WD Service (RetroWDSvc) .(.Dantz Development Corporation - Retrospect.) - LEGACY_RETROWDSVC O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS O64 - Services: CurCS - D:\WINDOWS\system32\drivers\SandBox.sys - SandBox (SandBox) .(.Agnitum Ltd. - Host Protection Component.) - LEGACY_SANDBOX O64 - Services: CurCS - D:\Program Files\Secunia\PSI\PSIA.exe - Secunia PSI Agent (Secunia PSI Agent) .(.Secunia - Secunia PSI Agent.) - LEGACY_SECUNIA_PSI_AGENT O64 - Services: CurCS - D:\Program Files\Secunia\PSI\sua.exe - Secunia Update Agent (Secunia Update Agent) .(.Secunia - Secunia Update Agent.) - LEGACY_SECUNIA_UPDATE_AGENT O64 - Services: CurCS - D:\Windows\System32\DRIVERS\ssfs0bbc.sys - ssfs0bbc (ssfs0bbc) .(.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper FileSystem Filter Driver.) - LEGACY_SSFS0BBC O64 - Services: CurCS - D:\Windows\System32\DRIVERS\sshrmd.sys - Sshrmd (sshrmd) .(.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper Mini Driver.) - LEGACY_SSHRMD O64 - Services: CurCS - D:\Windows\System32\DRIVERS\ssidrv.sys - Ssidrv (ssidrv) .(.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper Interdiction Driver.) - LEGACY_SSIDRV O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP O64 - Services: CurCS - D:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe - Moteur Webroot Spy Sweeper (WebrootSpySweeperService) .(.Webroot Software, Inc. (www.webroot.com) - Spy Sweeper Engine.) - LEGACY_WEBROOTSPYSWEEPERSERVICE O64 - Services: CurCS - D:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe - Webroot Client Service (WRConsumerService) .(.Webroot Software, Inc. - WRConsumerService.) - LEGACY_WRCONSUMERSERVICE ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- D:\Program Files\Opera\Opera.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {394C8FD3-013D-4F3A-A807-9B911DBC1D04} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {5F8EBE9E-FC5C-4313-A1CD-E351A17FF1ED} - (Wikipédia (fr)) - Wikipédia, l'encyclopédie libre O69 - SBI: SearchScopes [HKCU] {91A91733-9F48-4FBB-AEA4-CCA8B341800E} - (eBay) - eBay O69 - SBI: SearchScopes [HKCU] {DDDFA3DE-2923-4955-B80E-32AE657F99C7} - (Yahoo! Search) - Yahoo! Search - Web Search O69 - SBI: SearchScopes [HKCU] {F96E1FA6-7202-460C-A472-1B4AC5CF6EC7} - (Propositions de recherche Amazon.fr) - Amazon.fr: livres, DVD, jeux video, CD, lecteurs MP3, ordinateurs, appareils photo, logiciels et plus encore! ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.0C2636CDC504728836BAAA0FA7F7D30B] [sPRF] (.Pas de propriétaire - Pas de description.) -- D:\Documents and Settings\Administrateur\Application Data\Sys2662.Config.Repository.bin [22] ---\\ Scan Additionnel (O88) Database Version : 2766 - (27/03/2011) [HKLM\Software\Conduit] =>Toolbar.Conduit [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe] =>Adware.Seekmo ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 04/02/2011 2040144 | (acssrv) . (.Agnitum Ltd..) - D:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe SS - | Demand 02/02/2011 72352 | (ASWFilt) . (.Agnitum Ltd..) - D:\WINDOWS\system32\Filt\ASWFilt.dll SR - | Auto 27/01/2011 638976 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - D:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 03/03/2011 2148176 | (Diskeeper) . (.Diskeeper Corporation.) - D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - D:\WINDOWS\System32\dmadmin.exe SS - | Demand 07/04/2010 33560 | (EhttpSrv) . (.ESET.) - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe SR - | Auto 07/04/2010 810120 | (ekrn) . (.ESET.) - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe SS - | Demand 12/03/2011 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SR - | Auto 29/03/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - D:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 28/10/2010 293456 | (LBTServ) . (.Logitech, Inc..) - D:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe SR - | Auto 07/05/2010 162648 | (LVPrcSrv) . (.Logitech Inc..) - D:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe SS - | Demand 10/03/2011 311744 | (maconfservice) . (.CybelSoft.) - D:\Program Files\ma-config.com\maconfservice.exe SS - | Demand 15/01/2007 774144 | (NBService) . (.Nero AG.) - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe SS - | Demand 23/12/2006 262144 | (NMIndexingService) . (.Nero AG.) - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe SR - | Auto 26/01/2004 46592 | (RetroWDSvc) . (.Dantz Development Corporation.) - D:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe SR - | Auto 10/01/2011 993848 | (Secunia PSI Agent) . (.Secunia.) - D:\Program Files\Secunia\PSI\PSIA.exe SR - | Auto 10/01/2011 399416 | (Secunia Update Agent) . (.Secunia.) - D:\Program Files\Secunia\PSI\sua.exe SR - | Auto 06/11/2009 4048240 | (WebrootSpySweeperService) . (.Webroot Software, Inc. (www.webroot.com).) - D:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe SR - | Auto 13/03/2011 1201640 | (WRConsumerService) . (.Webroot Software, Inc..) - D:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by Administrateur at 03/04/2011 13:55:27 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A62BAB8] 3 CLASSPNP[0xBA128FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000076[0x8A693C78] 5 ACPI[0xB9F7E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP2T0L0-11[0x8A6F8940] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Administrateur at 03/04/2011 13:55:29 Use the desktop link 'MBRCheck' to have full report Dump file Name : D:\PhysicalDisk0_MBR.bin End of the scan (1211 lines in 00mn 53s)(0)

Au démarage, j'obtiens ce message: "?8? program not found Une explication? merci.

Merci pour tous les conseils judicieux!

Merci! Adobe : 10,2,152,32 installed Java : 6.24 Secunia PSI : 100% safe

Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 6199 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 29/03/2011 00:31:23 mbam-log-2011-03-29 (00-31-23).txt Type d'examen: Examen complet (D:\|) Elément(s) analysé(s): 213467 Temps écoulé: 26 minute(s), 54 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Premier rapport de scan: ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF D:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:41:51 le 28/03/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Administrateur@EJN-8D39E802FF ( ) ============== RECHERCHE ============== Clé trouvée: HKLM\Software\Conduit ============== SCAN ADDITIONNEL ============== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://abonnes.lemonde.fr/international/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_SearchScopes\{5F8EBE9E-FC5C-4313-A1CD-E351A17FF1ED} - "Wikipédia (fr)" (hxxp://fr.wikipedia.org/w/index.php?title=Sp%C3%A9cial:Recherche&search={searchT...) HKCU_SearchScopes\{91A91733-9F48-4FBB-AEA4-CCA8B341800E} - "eBay" (hxxp://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}) HKCU_SearchScopes\{F96E1FA6-7202-460C-A472-1B4AC5CF6EC7} - "Propositions de recherche Amazon.fr" (hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=amznsearch.fr.ms-21&link%5...) HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{435FAE9B-81A9-49D8-A0B1-A85ED3121976} (D:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchBand300000053.dll) HKLM_ElevationPolicy\{6A4E5109-F35C-469e-BEBC-A9241C14D8B3} - D:\Program Files\Hp\Common\iPAQDetection2.exe (?) HKLM_ElevationPolicy\{96267573-9F34-42A6-9E75-FFEC8686FEFE} - D:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.) HKLM_Extensions\{44627E97-789B-40d4-B5C2-58BD171129A1} - "Réglage rapide de Outpost Firewall Pro" (D:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll,121) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) ======================================== D:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) D:\Program Files\Ad-Remover\Backup: 1 Fichier(s) D:\Ad-Report-SCAN[1].txt - 28/03/2011 22:42:01 (481 Octet(s)) Fin à: 22:42:55, 28/03/2011 ============== E.O.F ============== Deuxième rapport de nettoyage: ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org D:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:46:58 le 28/03/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Administrateur@EJN-8D39E802FF ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Conduit ============== SCAN ADDITIONNEL ============== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_SearchScopes\{5F8EBE9E-FC5C-4313-A1CD-E351A17FF1ED} - "Wikipédia (fr)" (hxxp://fr.wikipedia.org/w/index.php?title=Sp%C3%A9cial:Recherche&search={searchT...) HKCU_SearchScopes\{91A91733-9F48-4FBB-AEA4-CCA8B341800E} - "eBay" (hxxp://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}) HKCU_SearchScopes\{F96E1FA6-7202-460C-A472-1B4AC5CF6EC7} - "Propositions de recherche Amazon.fr" (hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=amznsearch.fr.ms-21&link%5...) HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{435FAE9B-81A9-49D8-A0B1-A85ED3121976} (D:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchBand300000053.dll) HKLM_ElevationPolicy\{6A4E5109-F35C-469e-BEBC-A9241C14D8B3} - D:\Program Files\Hp\Common\iPAQDetection2.exe (?) HKLM_ElevationPolicy\{96267573-9F34-42A6-9E75-FFEC8686FEFE} - D:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.) HKLM_Extensions\{44627E97-789B-40d4-B5C2-58BD171129A1} - "Réglage rapide de Outpost Firewall Pro" (D:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll,121) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) ======================================== D:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) D:\Program Files\Ad-Remover\Backup: 2 Fichier(s) D:\Ad-Report-CLEAN[1].txt - 28/03/2011 22:47:01 (580 Octet(s)) D:\Ad-Report-SCAN[1].txt - 28/03/2011 22:42:01 (2708 Octet(s)) Fin à: 22:48:11, 28/03/2011 ============== E.O.F ==============

Prenez connaissance: http://forum.zebulon.fr/findpost-t181436-p1544025.html http://forum.zebulon.fr/findpost-t181436-p1544027.html Pouvez-vous me venir en aide? Merci.