syphilis

Membres

Afficher le profil Afficher son activité

Compteur de contenus
10
Inscription
le 31 décembre 2010
Dernière visite
le 4 janvier 2011

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par syphilis

Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

rectification: j'ai récupéré internet explorer, il s'ouvre meme sans que je lui demande rien depuis que je lui ai demandé de "start in private bouncing", mais bref, ça doit etre une simple histoire de configuration
- le 3 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

alors... j'ai fais comme préconisé, mais au redémarrage, le rapport n'a pas pu etre inscrit dans le bloc note pour un problème de syntaxe, selon le message d'erreur...de plus internet explorer ne se lance plus, j'ai donc réinstaller une version de mozilla firefox pour pouvoir continuer de naviguer, où des fenetres s'ouvrent à tous bouts de champs... ça devient critique!
- le 3 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

et la suite avec OTL: OTL logfile created on: 03/01/2011 16:41:38 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\FABULEUZ\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 12,00 Gb Total Physical Memory | 10,00 Gb Available Physical Memory | 81,00% Memory free 24,00 Gb Paging File | 22,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 389,43 Gb Free Space | 41,81% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 920,16 Gb Free Space | 98,78% Space Free | Partition Type: NTFS Drive H: | 3,73 Gb Total Space | 2,65 Gb Free Space | 71,06% Space Free | Partition Type: FAT32 Computer Name: FABULEUZ-PC | User Name: FABULEUZ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/01/03 16:38:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr PRC - [2011/01/01 19:00:01 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010/11/19 08:19:00 | 001,579,408 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files (x86)\Fun4IM\BndCore.exe PRC - [2010/11/17 17:19:44 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe PRC - [2010/10/23 12:07:23 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2010/09/06 13:44:10 | 000,689,016 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\bittorrent.exe PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/06/21 12:55:02 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe ========== Modules (SafeList) ========== MOD - [2011/01/03 16:38:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011/01/01 19:00:01 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/11/19 08:18:58 | 001,942,416 | ---- | M] (Bandoo Media Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Fun4IM\Bandoo.exe -- (Fun4IM Coordinator) SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/07/16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dmeoaaew.sys -- (dmeoaaew) DRV:64bit: - [2011/01/01 19:00:09 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010/08/17 13:39:11 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010/06/23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/06/17 22:21:25 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2009/07/16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2007/06/28 10:47:14 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdx64.sys -- (nmwcdx64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 EC A8 49 EF 0D CB 01 [binary data] IE - HKU\S-1-5-21-698820930-825607945-331214559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/06/17 22:40:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/01/03 13:21:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/09/17 03:15:35 | 000,000,000 | ---D | M] (BarQuery) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D5493C6A-FD62-4255-AA85-AB7E7D0F0001} [2010/09/01 16:51:20 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{db34f72a-2801-eaed-3b93-397b7a52fdc3} [2010/10/23 14:43:25 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml O1 HOSTS File: ([2010/06/17 22:18:43 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Fun4IM\Plugins\IE\ieplugin.dll (Bandoo Media Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3:64bit: - HKU\S-1-5-21-698820930-825607945-331214559-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-698820930-825607945-331214559-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3:64bit: - HKU\S-1-5-21-698820930-825607945-331214559-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-698820930-825607945-331214559-1000..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe File not found O4 - HKU\S-1-5-21-698820930-825607945-331214559-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-698820930-825607945-331214559-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell - "" = AutoRun O33 - MountPoints2\{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell\AutoRun\command - "" = E:\RunGame.exe -- File not found O33 - MountPoints2\{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell - "" = AutoRun O33 - MountPoints2\{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell\AutoRun\command - "" = G:\OblivionLauncher.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll () CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2011/01/03 16:38:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr [2011/01/03 14:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011/01/03 09:00:40 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\perrine malwares [2011/01/02 08:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/01/02 08:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2011/01/02 08:06:29 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\AppData\Roaming\Bandoo [2010/12/31 19:02:58 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\AppData\Roaming\Avira [2010/12/31 14:03:58 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\HOW_TO_DESTROY_ANGELS_-_EP [2010/12/31 11:04:10 | 001,633,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2010/12/31 11:04:10 | 001,502,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2010/12/31 11:04:10 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2010/12/31 11:04:10 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2010/12/31 11:04:10 | 000,819,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2010/12/31 11:04:10 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2010/12/31 11:04:10 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010/12/31 11:04:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010/12/31 11:04:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2010/12/31 11:04:10 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2010/12/31 11:04:10 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2010/12/31 11:04:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2010/12/31 11:04:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2010/12/31 11:04:10 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2010/12/31 11:04:10 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2010/12/31 11:04:10 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2010/12/31 11:04:10 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2010/12/31 11:04:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2010/12/31 11:04:09 | 000,690,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010/12/31 11:04:09 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010/12/31 11:04:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2010/12/31 11:04:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010/12/31 11:04:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010/12/31 11:04:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010/12/31 11:04:07 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2010/12/31 11:04:07 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2010/12/31 11:04:07 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2010/12/31 11:04:07 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2010/12/31 11:04:07 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010/12/31 11:04:07 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2010/12/31 11:04:07 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010/12/31 11:04:07 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2010/12/31 11:04:07 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2010/12/31 11:04:07 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2010/12/31 11:04:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2010/12/31 11:04:07 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2010/12/31 11:04:07 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2010/12/31 11:04:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2010/12/31 11:04:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2010/12/31 11:04:07 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2010/12/31 11:04:07 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010/12/31 11:04:07 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2010/12/31 11:04:07 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2010/12/31 11:04:07 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010/12/31 11:04:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2010/12/31 11:04:07 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2010/12/31 11:04:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2010/12/31 11:04:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2010/12/31 11:04:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2010/12/31 11:04:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2010/12/31 11:04:07 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2010/12/31 11:04:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2010/12/31 11:04:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2010/12/31 11:04:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2010/12/31 11:04:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010/12/31 11:04:06 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2010/12/31 11:04:06 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2010/12/31 11:04:06 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2010/12/31 11:04:06 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2010/12/31 11:04:06 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2010/12/31 11:04:06 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2010/12/31 11:04:06 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2010/12/31 11:04:06 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2010/12/31 11:04:06 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2010/12/31 11:04:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2010/12/31 11:04:06 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2010/12/31 11:04:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010/12/31 11:04:06 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2010/12/31 11:04:06 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2010/12/31 11:04:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2010/12/31 11:04:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2010/12/31 11:04:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2010/12/31 11:04:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010/12/31 11:04:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2010/12/31 11:04:06 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2010/12/31 11:04:06 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2010/12/31 11:04:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2010/12/31 11:04:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2010/12/31 11:03:37 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2010/12/31 11:03:36 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2010/12/31 11:03:36 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2010/12/31 11:03:36 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2010/12/31 11:03:36 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2010/12/31 11:03:36 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2010/12/31 11:03:36 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2010/12/31 11:03:19 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2010/12/31 11:03:19 | 000,899,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2010/12/31 11:03:19 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2010/12/31 11:03:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2010/12/31 11:03:18 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2010/12/31 11:03:18 | 001,543,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2010/12/31 11:03:18 | 001,076,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2010/12/31 11:03:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2010/12/31 11:03:01 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2010/12/31 11:03:01 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2010/12/31 11:03:01 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2010/12/31 11:03:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2010/12/31 11:02:43 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2010/12/31 11:02:43 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2010/12/31 11:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feedback Tool [2010/12/31 10:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2010/12/31 10:52:58 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010/12/31 10:52:58 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010/12/31 10:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/12/31 10:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010/12/21 20:45:44 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\factures [2010/12/21 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\Desktop\divers [2010/12/21 20:04:48 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010/12/21 20:04:48 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010/12/21 20:04:48 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010/12/21 20:04:48 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010/12/21 20:04:48 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010/12/21 20:04:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010/12/21 20:04:48 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010/12/21 20:04:48 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010/12/21 20:04:47 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010/12/21 20:04:47 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010/12/21 20:04:44 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010/12/21 20:04:43 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010/12/21 20:04:43 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010/12/21 20:04:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010/12/21 20:03:25 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010/12/15 12:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\icons [2010/12/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fun4IM [2010/12/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Fun4IM [2010/12/15 12:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fun4IM [2010/12/06 12:27:22 | 000,000,000 | ---D | C] -- C:\Users\FABULEUZ\AppData\Roaming\Mozilla ========== Files - Modified Within 30 Days ========== [2011/01/03 16:38:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FABULEUZ\Desktop\OTL.scr [2011/01/03 16:34:02 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011/01/03 16:21:46 | 617,866,682 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\august.avi [2011/01/03 16:05:03 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/03 15:57:02 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011/01/03 15:53:03 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011/01/03 14:33:48 | 002,672,312 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe [2011/01/03 13:46:46 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/03 13:46:46 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/03 13:46:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/03 13:46:46 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/03 13:46:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/03 13:28:21 | 000,019,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/03 13:28:21 | 000,019,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/03 13:21:14 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/03 13:20:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/03 13:20:49 | 1066,754,046 | -HS- | M] () -- C:\hiberfil.sys [2011/01/03 13:07:20 | 812,187,198 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\august brass band.avi [2011/01/03 12:28:42 | 850,703,238 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\bon kam.avi [2011/01/03 11:22:54 | 2789,372,086 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\kam.avi [2011/01/03 08:16:50 | 000,000,382 | ---- | M] () -- C:\Users\FABULEUZ\defogger_reenable [2011/01/02 20:52:09 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini [2011/01/01 19:00:09 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010/12/31 19:00:14 | 000,001,449 | ---- | M] () -- C:\Users\FABULEUZ\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/12/31 14:02:35 | 069,723,698 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\HOW_TO_DESTROY_ANGELS_-_EP.zip [2010/12/31 13:54:20 | 039,356,510 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\La Gare 16 D2.m4v [2010/12/31 10:53:08 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/12/30 08:06:09 | 004,866,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010/12/27 11:56:27 | 000,166,056 | ---- | M] () -- C:\Users\FABULEUZ\Desktop\bon_a_priori_je_ne_peux_plus_envoyer_de_piece_jointe_par_mozilla_mais.....heureusement_explorer_est_la_haha!!.zip [2010/12/16 13:00:50 | 000,013,049 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\Folder.jpg [2010/12/16 13:00:50 | 000,013,049 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Large.jpg [2010/12/16 13:00:49 | 000,003,166 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\AlbumArtSmall.jpg [2010/12/16 13:00:49 | 000,003,166 | -HS- | M] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Small.jpg ========== Files Created - No Company Name ========== [2011/01/03 16:17:25 | 617,866,682 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\august.avi [2011/01/03 14:33:48 | 002,672,312 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe [2011/01/03 14:16:45 | 039,356,510 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\La Gare 16 D2.m4v [2011/01/03 13:03:54 | 812,187,198 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\august brass band.avi [2011/01/03 12:24:56 | 850,703,238 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\bon kam.avi [2011/01/03 11:01:09 | 2789,372,086 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\kam.avi [2011/01/03 08:16:50 | 000,000,382 | ---- | C] () -- C:\Users\FABULEUZ\defogger_reenable [2010/12/31 14:02:35 | 069,723,698 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\HOW_TO_DESTROY_ANGELS_-_EP.zip [2010/12/31 11:04:10 | 000,072,533 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2010/12/31 11:04:10 | 000,072,533 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2010/12/31 10:53:08 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/12/27 11:56:25 | 000,166,056 | ---- | C] () -- C:\Users\FABULEUZ\Desktop\bon_a_priori_je_ne_peux_plus_envoyer_de_piece_jointe_par_mozilla_mais.....heureusement_explorer_est_la_haha!!.zip [2010/12/16 13:00:51 | 000,013,049 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\Folder.jpg [2010/12/16 13:00:51 | 000,013,049 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Large.jpg [2010/12/16 13:00:51 | 000,003,166 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\AlbumArtSmall.jpg [2010/12/16 13:00:51 | 000,003,166 | -HS- | C] () -- C:\Users\FABULEUZ\Desktop\AlbumArt_{11AD0C50-892B-41BA-AED0-8000D58A7217}_Small.jpg [2010/12/15 12:02:15 | 000,000,298 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2010/12/15 12:01:51 | 000,000,298 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010/12/15 12:01:35 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2010/10/23 13:26:14 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010/08/23 09:34:17 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\Utils.dll [2010/08/20 17:35:34 | 000,001,456 | ---- | C] () -- C:\Users\FABULEUZ\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/08/20 16:42:02 | 000,000,132 | ---- | C] () -- C:\Users\FABULEUZ\AppData\Roaming\Adobe GIF Format CS5 Prefs [2010/06/20 19:56:35 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/06/19 18:41:58 | 000,000,224 | ---- | C] () -- C:\Windows\FORGE32.INI [2010/06/17 23:08:43 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2010/06/17 21:53:48 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll [2010/06/16 17:59:19 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010/06/16 17:57:17 | 000,024,206 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS ========== LOP Check ========== [2010/10/12 10:47:33 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\DAEMON Tools Lite [2010/10/12 11:00:01 | 000,000,000 | ---D | M] -- C:\Users\Administrateur\AppData\Roaming\TuneUp Software [2010/08/03 09:50:35 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\36-image converter [2010/08/03 09:54:57 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Any Image [2010/10/08 19:32:39 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Audacity [2011/01/02 08:06:29 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Bandoo [2011/01/03 16:42:41 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\BitTorrent [2010/06/17 22:24:42 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\DAEMON Tools Lite [2010/09/11 18:31:01 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\HTML Executable [2010/08/23 10:26:04 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\OpenOffice.org [2010/06/17 23:08:43 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\PACE Anti-Piracy [2010/09/16 12:33:53 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Poser Pro [2010/09/16 12:36:17 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Queue Manager [2010/06/17 23:09:10 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010/09/13 10:26:44 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\TuneUp Software [2010/09/02 17:43:51 | 000,000,000 | ---D | M] -- C:\Users\FABULEUZ\AppData\Roaming\Uniblue [2010/11/21 14:57:45 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/01/03 15:53:03 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011/01/03 15:57:02 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011/01/03 16:34:02 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > [1997/03/25 18:21:22 | 000,265,396 | R--- | M] () -- C:\DOS4GW.EXE [1997/03/25 18:21:22 | 001,643,223 | R--- | M] () -- C:\HOSPITAL.EXE [2002/03/21 23:00:00 | 000,005,120 | ---- | M] () -- C:\vieux jeux.exe < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %appdata% *.exe /s > < MD5 for: AGP440.SYS > [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CDROM.SYS > [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: CSRSS.EXE > [2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe < MD5 for: EXPLORER.EXE > [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NDIS.SYS > [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys < MD5 for: NETLOGON.DLL > [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: TCPIP.SYS > [2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys [2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys [2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys < MD5 for: USERINIT.EXE > [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < %systemroot%\*. /mp /s > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:EEE39B00 @Alternate Data Stream - 1232 bytes -> C:\ProgramData\Microsoft:dgahiEprLljUVLQrU @Alternate Data Stream - 1223 bytes -> C:\Program Files\Common Files\System:KtR1tMU0RvjCnLjjGPOHpcYhx @Alternate Data Stream - 1095 bytes -> C:\ProgramData\Microsoft:2YhhLnHkrjm4rRDmOW3JWjB @Alternate Data Stream - 1093 bytes -> C:\Program Files\Common Files\Microsoft Shared:vh8R7UKznwW13qNrhinLCb41H @Alternate Data Stream - 1074 bytes -> C:\ProgramData\Microsoft:SDOyeYl1wleId3SCmOp < End of report > et enfin, OTL Extras logfile created on: 03/01/2011 16:41:38 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\FABULEUZ\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 12,00 Gb Total Physical Memory | 10,00 Gb Available Physical Memory | 81,00% Memory free 24,00 Gb Paging File | 22,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 389,43 Gb Free Space | 41,81% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 920,16 Gb Free Space | 98,78% Space Free | Partition Type: NTFS Drive H: | 3,73 Gb Total Space | 2,65 Gb Free Space | 71,06% Space Free | Partition Type: FAT32 Computer Name: FABULEUZ-PC | User Name: FABULEUZ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02] "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A99968BE-C155-474C-0089-33239DEE1CE2}" = Need For Speed Underground "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.2 - Français "{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}" = WinZip 15.0 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ASIO4ALL" = ASIO4ALL "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BitTorrent" = BitTorrent "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "CoreAAC" = CoreAAC "eMule" = eMule "ffdshow_is1" = ffdshow "FL Studio 8" = FL Studio 8 "FL Studio 9" = FL Studio 9 "Forms Data Loader Free Edition_is1" = Forms Data Loader Free Edition "GOM ENCODER" = GOM ENCODER "GOM Player" = GOM Player "Hardcore" = Hardcore "Hitman: Contracts" = Hitman: Contracts "IL Download Manager" = IL Download Manager "InstallShield_{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10ème Edition "PoiZone" = PoiZone "Road To Fame_is1" = Road To Fame "S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl "Sawer" = Sawer "Steam App 50130" = Mafia II "TOWeb-SetupID-0003_is1" = Lauyan TOWeb V3 "Toxic Biohazard" = Toxic Biohazard "VLC media player" = VLC media player 1.0.5 "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-698820930-825607945-331214559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 31/12/2010 13:12:29 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228, horodatage : 0x44045dcb Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x78457453 ID du processus défaillant : 0xa80 Heure de début de l’application défaillante : 0x01cba8f248cf4757 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe Chemin d’accès du module défaillant: unknown ID de rapport : 2587ecd8-1501-11e0-befa-e0cb4ea68c46 Error - 31/12/2010 20:28:54 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 01/01/2011 23:58:27 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 02/01/2011 08:37:45 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228, horodatage : 0x44045dcb Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x02000080 ID du processus défaillant : 0xe60 Heure de début de l’application défaillante : 0x01cbaa6db55682e9 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe Chemin d’accès du module défaillant: unknown ID de rapport : 190e64a0-166d-11e0-8707-e0cb4ea68c46 Error - 02/01/2011 11:24:55 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228, horodatage : 0x44045dcb Nom du module défaillant : Oblivion.exe, version : 0.1.0.228, horodatage : 0x44045dcb Code d’exception : 0xc0000005 Décalage d’erreur : 0x002c7c6c ID du processus défaillant : 0x100 Heure de début de l’application défaillante : 0x01cbaa85b5c9d88a Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe ID de rapport : 73356df1-1684-11e0-8707-e0cb4ea68c46 Error - 02/01/2011 12:27:48 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Oblivion.exe, version : 0.1.0.228, horodatage : 0x44045dcb Nom du module défaillant : Oblivion.exe, version : 0.1.0.228, horodatage : 0x44045dcb Code d’exception : 0xc0000005 Décalage d’erreur : 0x002c7c6c ID du processus défaillant : 0x834 Heure de début de l’application défaillante : 0x01cbaa9358eff545 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Bethesda Softworks\Oblivion\Oblivion.exe ID de rapport : 3bc78e1c-168d-11e0-8707-e0cb4ea68c46 Error - 02/01/2011 21:38:33 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 03/01/2011 03:27:19 | Computer Name = FABULEUZ-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante gmer.exe, version : 1.0.15.15530, horodatage : 0x4cd7c3b7 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus défaillant : 0xdbc Heure de début de l’application défaillante : 0x01cbab177d28ea06 Chemin d’accès de l’application défaillante : C:\Users\FABULEUZ\Desktop\gmer.exe Chemin d’accès du module défaillant: unknown ID de rapport : e5646f2d-170a-11e0-959a-e0cb4ea68c46 Error - 03/01/2011 09:33:53 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842832 Description = La création du contexte d’activation a échoué pour « C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Error - 03/01/2011 09:33:56 | Computer Name = FABULEUZ-PC | Source = SideBySide | ID = 16842832 Description = La création du contexte d’activation a échoué pour « C:\Users\FABULEUZ\Desktop\esetsmartinstaller_enu.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. [ Media Center Events ] Error - 29/08/2010 19:15:20 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 01:15:20 - Erreur de connexion à Internet. 01:15:20 - Impossible de contacter le service.. Error - 29/08/2010 19:15:27 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 01:15:25 - Erreur de connexion à Internet. 01:15:25 - Impossible de contacter le service.. Error - 29/08/2010 20:15:30 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 02:15:30 - Erreur de connexion à Internet. 02:15:30 - Impossible de contacter le service.. Error - 29/08/2010 20:15:37 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 02:15:35 - Erreur de connexion à Internet. 02:15:35 - Impossible de contacter le service.. Error - 30/08/2010 17:19:50 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 23:19:50 - Erreur de connexion à Internet. 23:19:50 - Impossible de contacter le service.. Error - 30/08/2010 17:20:00 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 23:19:55 - Erreur de connexion à Internet. 23:19:55 - Impossible de contacter le service.. Error - 28/12/2010 22:34:17 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 03:34:17 - Erreur de connexion à Internet. 03:34:17 - Impossible de contacter le service.. Error - 28/12/2010 23:35:03 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 04:35:02 - Erreur de connexion à Internet. 04:35:02 - Impossible de contacter le service.. Error - 29/12/2010 00:35:48 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 05:35:47 - Erreur de connexion à Internet. 05:35:47 - Impossible de contacter le service.. Error - 29/12/2010 01:36:33 | Computer Name = FABULEUZ-PC | Source = MCUpdate | ID = 0 Description = 06:36:32 - Erreur de connexion à Internet. 06:36:32 - Impossible de contacter le service.. [ System Events ] Error - 02/01/2011 07:05:15 | Computer Name = FABULEUZ-PC | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 12:03:51 le ?02/?01/?2011 n’était pas prévu. Error - 02/01/2011 07:05:22 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Fun4IM Coordinator. Error - 02/01/2011 07:05:22 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000 Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 03/01/2011 03:16:59 | Computer Name = FABULEUZ-PC | Source = DCOM | ID = 10010 Description = Error - 03/01/2011 03:18:03 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Fun4IM Coordinator. Error - 03/01/2011 03:18:03 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000 Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 03/01/2011 08:14:54 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Fun4IM Coordinator. Error - 03/01/2011 08:14:54 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000 Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 03/01/2011 08:21:04 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Fun4IM Coordinator. Error - 03/01/2011 08:21:04 | Computer Name = FABULEUZ-PC | Source = Service Control Manager | ID = 7000 Description = Le service Fun4IM Coordinator n’a pas pu démarrer en raison de l’erreur : %%1053 < End of report > à bientot
- le 3 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

voici le rapport du scan d'ESET C:\Users\FABULEUZ\Downloads\pdf_converter.exe a variant of Win32/SweetIM.A application
- le 3 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

et avec MBRcheck,j obtiens effectivement le message en vert "Windows 7 Mbr code dtected" un rapport s'est également enregistré sur mon bureau...si vous en avez besoin, je vous le poste merci
- le 3 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

bonjour, voici le rapport gmer, comme demandé: GMER 1.0.15.15530 - GMER - Rootkit Detector and Remover Rootkit scan 2011-01-03 08:47:02 Windows 6.1.7600 Running: gmer.exe ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files (x86)\Alcohol Soft\Alcohol 52\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x04 0x7B 0x20 0xC1 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xFA 0xD8 0x5A 0xE3 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x95 0x91 0x0C 0xDC ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x72 0xD6 0x35 0xDB ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x84 0x95 0x5C 0x59 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x55 0x2F 0xD7 0xC9 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files (x86)\Alcohol Soft\Alcohol 52\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x04 0x7B 0x20 0xC1 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xFA 0xD8 0x5A 0xE3 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x95 0x91 0x0C 0xDC ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x72 0xD6 0x35 0xDB ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x84 0x95 0x5C 0x59 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x55 0x2F 0xD7 0xC9 ... ---- EOF - GMER 1.0.15 ---- je ne sais pas si c'est normal, mais je crois que tout n'a pas été analysé: dans la colonne de droite,seules les catégories service, registry, et files étaient cochées, les autres étaient grisées...
- le 3 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

et voilà le petit dernier que vous m'avez demandé, celui de ZHPdiag: Rapport de ZHPDiag v1.27.1471 par Nicolas Coolman, Update du 30/12/2010 Run by FABULEUZ at 02/01/2011 08:26:50 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v9.0.7930.16406 ---\\ System Information Windows 7 Business Edition, 64-bit (Build 7600) Processor: Intel64 Family 6 Model 26 Stepping 5, GenuineIntel Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 12279 MB (85% free) System Restore: Désactivé (Disabled) System drive C: has 407 GB (43%) free of 931 GB ---\\ Logged in mode Computer Name: FABULEUZ-PC User Name: FABULEUZ All Users Names: FABULEUZ, Administrateur, Unselected Option: O1,O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 407 Go of 931 Go) D:\ CD-ROM drive (Not Inserted) E:\ CD-ROM drive (Free 0 Go of 1 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 920 Go of 932 Go) G:\ CD-ROM drive (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK ---\\ Recherche particulière de fichiers génériques [MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] ---\\ Processus lancés [MD5.F34E7705751BB413283434697BF8E55D] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.3DD25048297A24AB4B3BFC17ABA5D0DB] - (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe [1242448] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.B661327C64FACCF3EB14DE1D1D2190CC] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [869688] [MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304] [MD5.3DC8DFE611053A3D862C549F6E4B052A] - (.Bandoo Media Inc. - Fun4IM Core.) -- C:\PROGRA~2\Fun4IM\BndCore.exe [1579408] [MD5.E71E84BD9910750E421708112ADFC822] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [621568] ---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (9.00.7930.16406 (WIN7_IE9_Beta.100831-2345)) -- C:\Windows\System32\ieframe.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe O4 - HKCU\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [switchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.) O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe After Effects CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe After Effects CS5\Support Files\AfterFX.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Bridge CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Contribute CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\App\Contribute.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Fireworks CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Fireworks.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Flash Professional CS5.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files (x86)\Adobe\Adobe Flash CS5\Flash.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Illustrator CS5.lnk . (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Photoshop CS5 (64 Bit).lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Premiere Pro CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Chessmaster 10ème Edition.lnk . (.Ubisoft Entertainment.) -- C:\Program Files (x86)\Ubisoft\Chessmaster 10ème Edition\Chessmaster.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 8\FL.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\FL Studio 9.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 9\FL.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\VLC Player.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\VLC Player\vlc.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe After Effects CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe After Effects CS5\Support Files\AfterFX.exe (.not file.) O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Bridge CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Contribute CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\App\Contribute.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Fireworks CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Fireworks.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Flash Professional CS5.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files (x86)\Adobe\Adobe Flash CS5\Flash.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Illustrator CS5.lnk . (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Photoshop CS5 (64 Bit).lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (.not file.) O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Premiere Pro CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe (.not file.) O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Chessmaster 10ème Edition.lnk . (.Ubisoft Entertainment.) -- C:\Program Files (x86)\Ubisoft\Chessmaster 10ème Edition\Chessmaster.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 8\FL.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\FL Studio 9.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 9\FL.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\VLC Player.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\VLC Player\vlc.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM ENCODER.lnk . (.Gretech Corporation.) -- C:\Program Files (x86)\GRETECH\GomEncoder\GomEnc.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk . (.Gretech Corp..) -- C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Fun4IM Coordinator) . (.Bandoo Media Inc. - Fun4IM Coordinator.) - C:\PROGRA~2\Fun4IM\Bandoo.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: (nvsvc) - Clé orpheline O23 - Service: (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-FABULEUZ-PC-FABULEUZ] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance] (.Pas de propriétaire.) -- C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{22116563-108C-42c0-A7CE-60161B75E508}] (.Pas de propriétaire.) -- C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}] (.Pas de propriétaire.) -- C:\Windows\Fhewya.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}] (.Pas de propriétaire.) -- C:\Users\FABULEUZ\AppData\Local\Temp\Ffr.exe (.not file.) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (dmeoaaew) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\dmeoaaew.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD} O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM] -- {925D058B-564A-443A-B4B2-7E90C6432E55} O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45} O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM] -- {8557397C-A42D-486F-97B3-A2CBC2372593} O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: Nokia Connectivity Cable Driver - (.Pas de propriétaire.) [HKLM] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F} O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASIO4ALL v2 by Wuschel] [HKCU\Software\ASUS] [HKCU\Software\Adobe] [HKCU\Software\Alcohol Soft] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software\{AAEDC5DC-05CC-DED7-78DB-C3BD57412D82}] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow\b4a4f807] [HKCU\Software\AppDataLow] [HKCU\Software\Audacity] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreAAC] [HKCU\Software\DT Soft] [HKCU\Software\Dimension] [HKCU\Software\ESET] [HKCU\Software\Electronic Arts] [HKCU\Software\Enkord] [HKCU\Software\FMJ-Software] [HKCU\Software\Flowmix] [HKCU\Software\GNU] [HKCU\Software\GRETECH] [HKCU\Software\GameShadow] [HKCU\Software\Google] [HKCU\Software\H3O8CABBPI] [HKCU\Software\Hewlett-Packard] [HKCU\Software\Hyperspace] [HKCU\Software\Image-Line] [HKCU\Software\JP595IR86O] [HKCU\Software\JavaSoft] [HKCU\Software\Jone Stone Productions] [HKCU\Software\Lauyan] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Minnetonka Audio Software] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nbeshine] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\NtWqIVLZEWZU] [HKCU\Software\OpenOffice.org] [HKCU\Software\PACE Anti-Piracy] [HKCU\Software\Policies] [HKCU\Software\RAD Game Tools] [HKCU\Software\Realtek] [HKCU\Software\SOFTWIN] [HKCU\Software\SecuROM] [HKCU\Software\SoftVoice] [HKCU\Software\Softonic] [HKCU\Software\Sonic Foundry] [HKCU\Software\Synthetic Aperture] [HKCU\Software\Syntrillium] [HKCU\Software\Sysinternals] [HKCU\Software\TuneUp] [HKCU\Software\UIC Phoenxsoftware] [HKCU\Software\VSO] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinZip Computing] [HKCU\Software\Winferno] [HKCU\Software\Wow6432Node] [HKCU\Software\XML] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\eMule] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\EA GAMES] [HKLM\Software\ESET] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Imagineer Systems Ltd] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\Synthetic Aperture] [HKLM\Software\TuneUp] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD: 17/06/2010 - 23:01:20 ----D- C:\Program Files\Adobe O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files O43 - CFD: 14/07/2009 - 16:35:42 ----D- C:\Program Files\DVD Maker O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 21/06/2010 - 12:55:04 ----D- C:\Program Files\Google O43 - CFD: 31/12/2010 - 18:58:40 ----D- C:\Program Files\Internet Explorer O43 - CFD: 16/08/2010 - 19:16:20 ----D- C:\Program Files\Interplay O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild O43 - CFD: 09/09/2010 - 18:36:50 ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 17/06/2010 - 08:49:50 ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender O43 - CFD: 14/07/2009 - 16:35:40 ----D- C:\Program Files\Windows Journal O43 - CFD: 21/12/2010 - 20:31:02 ----D- C:\Program Files\Windows Mail O43 - CFD: 31/10/2010 - 13:36:00 ----D- C:\Program Files\Windows Media Player O43 - CFD: 16/06/2010 - 17:23:24 ----D- C:\Program Files\Windows NT O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar O43 - CFD: 17/06/2010 - 23:02:00 ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files\PACE Anti-Piracy O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\System O43 - CFD: 22/06/2010 - 11:23:10 ----D- C:\ProgramData\Adobe O43 - CFD: 17/06/2010 - 22:59:14 ----D- C:\ProgramData\ALM O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data O43 - CFD: 31/12/2010 - 10:53:00 ----D- C:\ProgramData\Avira O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Bureau O43 - CFD: 17/06/2010 - 22:21:08 ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents O43 - CFD: 16/08/2010 - 18:40:00 ----D- C:\ProgramData\eMule O43 - CFD: 02/09/2010 - 16:54:06 ----D- C:\ProgramData\Enkord O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites O43 - CFD: 15/12/2010 - 12:02:28 ----D- C:\ProgramData\Fun4IM O43 - CFD: 21/06/2010 - 12:55:30 ----D- C:\ProgramData\Google O43 - CFD: 20/06/2010 - 20:00:56 ----D- C:\ProgramData\GRETECH O43 - CFD: 18/06/2010 - 15:17:02 ----D- C:\ProgramData\Lauyan O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 29/11/2010 - 16:16:56 -S-AD- C:\ProgramData\Microsoft O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Modèles O43 - CFD: 09/09/2010 - 18:39:38 ----D- C:\ProgramData\NVIDIA O43 - CFD: 09/09/2010 - 18:36:16 ----D- C:\ProgramData\NVIDIA Corporation O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\ProgramData\PACE Anti-Piracy O43 - CFD: 17/06/2010 - 23:08:10 ----D- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu O43 - CFD: 17/06/2010 - 08:40:26 ----D- C:\ProgramData\Sun O43 - CFD: 06/09/2010 - 15:10:46 ---AD- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates O43 - CFD: 31/10/2010 - 13:43:56 ----D- C:\ProgramData\TuneUp Software O43 - CFD: 20/06/2010 - 19:57:18 ----D- C:\ProgramData\Winferno O43 - CFD: 30/11/2010 - 06:38:20 ----D- C:\ProgramData\WinZip O43 - CFD: 16/08/2010 - 09:40:36 ----D- C:\ProgramData\Yahoo! O43 - CFD: 17/06/2010 - 23:02:00 ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files\PACE Anti-Piracy O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\System O43 - CFD: 17/06/2010 - 22:59:52 ----D- C:\Program Files (x86)\Adobe O43 - CFD: 12/09/2010 - 10:09:02 ----D- C:\Program Files (x86)\Alcohol Soft O43 - CFD: 11/10/2010 - 17:35:44 ----D- C:\Program Files (x86)\Anti-Blaxx 1.18 O43 - CFD: 20/06/2010 - 18:25:08 ----D- C:\Program Files (x86)\ASIO4ALL v2 O43 - CFD: 29/11/2010 - 16:17:10 ----D- C:\Program Files (x86)\Auxiliary Power O43 - CFD: 31/12/2010 - 10:53:00 ----D- C:\Program Files (x86)\Avira O43 - CFD: 23/10/2010 - 14:43:26 ----D- C:\Program Files (x86)\Babylon O43 - CFD: 23/10/2010 - 11:26:10 ----D- C:\Program Files (x86)\Bethesda Softworks O43 - CFD: 29/10/2010 - 11:46:04 ----D- C:\Program Files (x86)\bitComposer Games O43 - CFD: 06/09/2010 - 15:17:20 ----D- C:\Program Files (x86)\BitTorrent O43 - CFD: 02/11/2010 - 18:08:02 ----D- C:\Program Files (x86)\Common Files O43 - CFD: 20/06/2010 - 20:00:40 ----D- C:\Program Files (x86)\CoreAAC O43 - CFD: 14/10/2010 - 09:28:22 ----D- C:\Program Files (x86)\CureROM O43 - CFD: 11/10/2010 - 17:01:10 ----D- C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 21/10/2010 - 12:53:22 ----D- C:\Program Files (x86)\DAEMON Tools Toolbar O43 - CFD: 17/09/2010 - 11:19:54 ----D- C:\Program Files (x86)\DAZ O43 - CFD: 02/09/2010 - 15:21:10 ----D- C:\Program Files (x86)\directx O43 - CFD: 21/10/2010 - 16:53:56 ----D- C:\Program Files (x86)\EA GAMES O43 - CFD: 14/10/2010 - 10:59:52 ----D- C:\Program Files (x86)\Eidos O43 - CFD: 16/08/2010 - 18:39:54 ----D- C:\Program Files (x86)\eMule O43 - CFD: 31/12/2010 - 11:02:24 ----D- C:\Program Files (x86)\Feedback Tool O43 - CFD: 23/10/2010 - 18:29:56 ----D- C:\Program Files (x86)\ffdshow O43 - CFD: 11/10/2010 - 18:12:12 ----D- C:\Program Files (x86)\FlexCell O43 - CFD: 25/11/2010 - 15:29:16 ----D- C:\Program Files (x86)\FMOD SoundSystem O43 - CFD: 11/10/2010 - 18:12:12 ----D- C:\Program Files (x86)\Forms Data Loader Free O43 - CFD: 23/10/2010 - 18:25:52 ----D- C:\Program Files (x86)\Free Offers from Freeze.com O43 - CFD: 15/12/2010 - 12:02:32 ----D- C:\Program Files (x86)\Fun4IM O43 - CFD: 12/09/2010 - 18:21:24 ----D- C:\Program Files (x86)\GCH Guitar academy O43 - CFD: 21/06/2010 - 12:55:24 ----D- C:\Program Files (x86)\Google O43 - CFD: 20/06/2010 - 20:00:46 ----D- C:\Program Files (x86)\GRETECH O43 - CFD: 15/12/2010 - 12:02:48 ----D- C:\Program Files (x86)\icons O43 - CFD: 27/10/2010 - 18:28:56 ----D- C:\Program Files (x86)\Image-Line O43 - CFD: 24/10/2010 - 09:53:08 --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 16/06/2010 - 18:00:04 ----D- C:\Program Files (x86)\Intel O43 - CFD: 31/12/2010 - 18:58:40 ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 17/06/2010 - 08:39:48 ----D- C:\Program Files (x86)\Java O43 - CFD: 23/08/2010 - 10:23:58 ----D- C:\Program Files (x86)\JRE O43 - CFD: 18/06/2010 - 15:17:04 ----D- C:\Program Files (x86)\Lauyan O43 - CFD: 09/09/2010 - 18:14:08 ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 31/12/2010 - 19:24:48 ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\My Company Name O43 - CFD: 31/10/2010 - 13:49:26 ----D- C:\Program Files (x86)\Need For Speed Hot Pursuit 2 O43 - CFD: 31/10/2010 - 16:08:42 ----D- C:\Program Files (x86)\nfs O43 - CFD: 29/10/2010 - 09:24:44 ----D- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 23/08/2010 - 10:23:58 ----D- C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 20/06/2010 - 18:24:32 ----D- C:\Program Files (x86)\Outsim O43 - CFD: 11/09/2010 - 13:18:12 ----D- C:\Program Files (x86)\RADVideo O43 - CFD: 17/06/2010 - 08:49:36 ----D- C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 13/09/2010 - 12:51:02 ----D- C:\Program Files (x86)\Road To Fame O43 - CFD: 28/11/2010 - 12:21:04 --H-D- C:\Program Files (x86)\Roland O43 - CFD: 16/09/2010 - 12:14:18 ----D- C:\Program Files (x86)\Smith Micro O43 - CFD: 28/09/2010 - 11:19:24 ----D- C:\Program Files (x86)\Softonic_France O43 - CFD: 02/01/2011 - 08:06:16 ----D- C:\Program Files (x86)\Steam O43 - CFD: 17/06/2010 - 08:50:50 --H-D- C:\Program Files (x86)\Temp O43 - CFD: 02/11/2010 - 18:40:52 ----D- C:\Program Files (x86)\THQ O43 - CFD: 10/09/2010 - 13:26:00 ----D- C:\Program Files (x86)\Ubisoft O43 - CFD: 03/08/2010 - 09:49:42 ----D- C:\Program Files (x86)\UIC Phoenxsoftware O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 20/06/2010 - 19:36:06 ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 31/12/2010 - 11:43:06 ----D- C:\Program Files (x86)\VLC Player O43 - CFD: 12/09/2010 - 11:00:02 ----D- C:\Program Files (x86)\vso O43 - CFD: 27/10/2010 - 18:29:06 ----D- C:\Program Files (x86)\VstPlugins O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 21/12/2010 - 20:31:00 ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 31/10/2010 - 13:36:00 ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 30/11/2010 - 06:37:44 ----D- C:\Program Files (x86)\WinZip O43 - CFD: 02/01/2011 - 08:26:54 ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 17/06/2010 - 22:53:00 ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 17/06/2010 - 22:32:40 ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 16/09/2010 - 13:52:54 ----D- C:\Program Files (x86)\Common Files\DAZ O43 - CFD: 10/09/2010 - 13:22:30 ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 17/06/2010 - 08:40:26 ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 16/09/2010 - 12:16:40 ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 28/10/2010 - 16:41:50 ----D- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 02/11/2010 - 18:08:02 ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A8A21B98733044F7060C65CF437F07DE] - 02/01/2011 - 08:13:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19040] O44 - LFC:[MD5.A8A21B98733044F7060C65CF437F07DE] - 02/01/2011 - 08:13:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19040] O44 - LFC:[MD5.532F3E7C41715DA3071738E7920444CA] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.175DCB6819A736A4BB3192F18CE12362] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [106190] O44 - LFC:[MD5.003F92AF268A404B320D464824814227] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [130548] O44 - LFC:[MD5.70835F86BAAB994905C10A40D096EF61] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [615810] O44 - LFC:[MD5.C227A2CB11876C29127D0430C4CC6CE1] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [704242] O44 - LFC:[MD5.070000000000000000000000B8EE1800] - 02/01/2011 - 08:09:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1614553] O44 - LFC:[MD5.1A5F269E443B0B7B375185D1442639DB] - 02/01/2011 - 08:05:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [11028] O44 - LFC:[MD5.92CFE8F17E787BE19BEC4BA2ED2BEBB6] - 02/01/2011 - 08:05:48 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.579F662EC3D8401FA7D7F68BDE58BD83] - 31/12/2010 - 11:06:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\IE9_main.log [5428] O44 - LFC:[MD5.71177AB27204CC7DA01E6CC6A3B2371E] - 31/12/2010 - 11:04:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\ieuinit.inf [72533] O44 - LFC:[MD5.71177AB27204CC7DA01E6CC6A3B2371E] - 31/12/2010 - 11:04:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ieuinit.inf [72533] O44 - LFC:[MD5.FB6D9C2A0FC44E91117720B31C2D012B] - 30/12/2010 - 08:06:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [4866160] O44 - LFC:[MD5.7F319E86085C6D5F50A48C3F4A1772AB] - 28/12/2010 - 21:26:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\BlendSettings.ini [23] O44 - LFC:[MD5.D441A1E6486513FDCAEB1938D75DB91A] - 21/12/2010 - 20:32:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [47158] O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 21/12/2010 - 20:04:44 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104] O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080] O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294400] ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell\AutoRun\command. (.Electronic Arts Inc. - rungame MFC Application.) -- E:\RunGame.exe O51 - MPSK:{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\OblivionLauncher.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [106576] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28752] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.19B006B181E3875FD254F7B67ACF1E7C] - 16/07/2009 - 04:38:40 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [15416] O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 01/01/2011 - 19:00:09 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120] O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 17/08/2010 - 13:39:11 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888] O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410688] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.AD8C3895155EE8D057F073856B2D5851] - 28/06/2007 - 10:47:14 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\nmwcdx64.sys [173056] O58 - SDL:[MD5.E55CAB397F77D5208DB18A78B1B7C0D5] - 10/07/2010 - 04:38:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 258.96.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13187176] O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 14/07/2009 - 02:48:27 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [149056] O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 14/07/2009 - 02:45:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [167488] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.4B42BC58294E83A6A92EC8B88C14C4A3] - 23/06/2010 - 09:10:56 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [344680] O58 - SDL:[MD5.D42D651676883181400E22957A7E0B1E] - 22/05/2009 - 19:04:22 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1762080] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.2D0000000000000000000000B8EE1800] - 17/06/2010 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 28/12/2007 - 08:22:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296] ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - (.not file.) - ehdrv (ehdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_EHDRV O64 - Services: CurCS - (.not file.) - epfwwfpr (epfwwfpr) .(.Pas de propriétaire - Pas de description.) - LEGACY_EPFWWFPR O64 - Services: CurCS - C:\Windows\system32\Drivers\EXFAT.sys - (.not file.) - exFAT File System Driver (exfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_EXFAT O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - (.not file.) - UnlockerDriver5 (UnlockerDriver5) .(.Pas de propriétaire - Pas de description.) - LEGACY_UNLOCKERDRIVER5 O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - {searchTerms} - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - {searchTerms} - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - {searchTerms} - Recherche Google O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON Search) - DAEMON-Search.com :: SEARCH O69 - SBI: SearchScopes [HKCU] {F0A89676-EE10-41DB-8AA7-8E2A016F48BE} - (Yahoo! Search) - {searchterms} - Yahoo! France Résultats de recherche ---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84) [MD5.E4CC410BD005958125CD87C5F6E66371] [sPRF] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\FABULEUZ\AppData\Local\Temp\GLF93C8.tmp.tbMedi.dll [3908192] [MD5.D20AF64D70A5DA7D77DB105755BE6DCB] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\FABULEUZ\AppData\Local\Temp\InstallHelper.dll [1323520] [MD5.24DF7F7E1A7F839B569149F76EF0C321] [sPRF] (.2K Czech - Mafia II Application.) -- C:\Users\FABULEUZ\AppData\Local\Temp\mafia2.exe [24261920] [MD5.D0E80D812DBB66C8B949FA5E4FA82E1C] [sPRF] (.Secure Digital Services Limited - OfferBox Browser setup.) -- C:\Users\FABULEUZ\AppData\Local\Temp\OB.exe [1729296] [MD5.E13ED373938A428A7F737A6B4BC740C1] [sPRF] (.GMER - GMER Driver http://www.gmer.net.) -- C:\Users\FABULEUZ\AppData\Local\Temp\pwliakog.sys [94848] [MD5.82EC7DCC8D7C2D3E0AA19A49FD7117B5] [sPRF] (.Acresso Software Inc. - InstallScript Setup Launcher.) -- C:\Users\FABULEUZ\AppData\Local\Temp\setup.exe [807560] [MD5.0487A88CE05C6B6D80E51BD1BC803BCC] [sPRF] (.Discordia Limited - Windows Searchqu Toolbar 2.0.) -- C:\Users\FABULEUZ\AppData\Local\Temp\SetupDataMngr_Searchqu.exe [2457944] [MD5.72707C24A3C8D13865B7B0360D8D8DFD] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\FABULEUZ\AppData\LocalLow\cookieman.exe [46080] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 17/08/2010 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 01/01/2011 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SS - | Auto 19/11/2010 1942416 | (Fun4IM Coordinator) . (.Bandoo Media Inc..) - C:\PROGRA~2\Fun4IM\Bandoo.exe SS - | Auto 21/06/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 21/06/2010 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 21/06/2010 0 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe SS - | Demand 16/07/2009 316664 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by FABULEUZ at 02/01/2011 08:27:59 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by FABULEUZ at 02/01/2011 08:27:59 Use the desktop link 'MBRCheck' to have full report ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.2D0000000000000000000000B8EE1800] - 17/06/2010 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544] End of the scan (794 lines in 01mn 09s)(0) merci de votre aide... et voilà le petit dernier que vous m'avez demandé, celui de ZHPdiag: Rapport de ZHPDiag v1.27.1471 par Nicolas Coolman, Update du 30/12/2010 Run by FABULEUZ at 02/01/2011 08:26:50 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v9.0.7930.16406 ---\\ System Information Windows 7 Business Edition, 64-bit (Build 7600) Processor: Intel64 Family 6 Model 26 Stepping 5, GenuineIntel Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 12279 MB (85% free) System Restore: Désactivé (Disabled) System drive C: has 407 GB (43%) free of 931 GB ---\\ Logged in mode Computer Name: FABULEUZ-PC User Name: FABULEUZ All Users Names: FABULEUZ, Administrateur, Unselected Option: O1,O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 407 Go of 931 Go) D:\ CD-ROM drive (Not Inserted) E:\ CD-ROM drive (Free 0 Go of 1 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 920 Go of 932 Go) G:\ CD-ROM drive (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK ---\\ Recherche particulière de fichiers génériques [MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] ---\\ Processus lancés [MD5.F34E7705751BB413283434697BF8E55D] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.3DD25048297A24AB4B3BFC17ABA5D0DB] - (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe [1242448] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.B661327C64FACCF3EB14DE1D1D2190CC] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [869688] [MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304] [MD5.3DC8DFE611053A3D862C549F6E4B052A] - (.Bandoo Media Inc. - Fun4IM Core.) -- C:\PROGRA~2\Fun4IM\BndCore.exe [1579408] [MD5.E71E84BD9910750E421708112ADFC822] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [621568] ---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (9.00.7930.16406 (WIN7_IE9_Beta.100831-2345)) -- C:\Windows\System32\ieframe.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe O4 - HKCU\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [switchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.) O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe After Effects CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe After Effects CS5\Support Files\AfterFX.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Bridge CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Contribute CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\App\Contribute.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Fireworks CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Fireworks.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Flash Professional CS5.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files (x86)\Adobe\Adobe Flash CS5\Flash.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Illustrator CS5.lnk . (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Photoshop CS5 (64 Bit).lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Premiere Pro CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Chessmaster 10ème Edition.lnk . (.Ubisoft Entertainment.) -- C:\Program Files (x86)\Ubisoft\Chessmaster 10ème Edition\Chessmaster.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 8\FL.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\FL Studio 9.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 9\FL.exe O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\VLC Player.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\VLC Player\vlc.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe After Effects CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe After Effects CS5\Support Files\AfterFX.exe (.not file.) O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Bridge CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Contribute CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\App\Contribute.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Fireworks CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Fireworks.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Flash Professional CS5.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files (x86)\Adobe\Adobe Flash CS5\Flash.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Illustrator CS5.lnk . (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Photoshop CS5 (64 Bit).lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (.not file.) O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Premiere Pro CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe (.not file.) O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Chessmaster 10ème Edition.lnk . (.Ubisoft Entertainment.) -- C:\Program Files (x86)\Ubisoft\Chessmaster 10ème Edition\Chessmaster.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 8\FL.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\FL Studio 9.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 9\FL.exe O4 - Global Startup: C:\Users\FABULEUZ\Desktop\VLC Player.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\VLC Player\vlc.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM ENCODER.lnk . (.Gretech Corporation.) -- C:\Program Files (x86)\GRETECH\GomEncoder\GomEnc.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk . (.Gretech Corp..) -- C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Fun4IM Coordinator) . (.Bandoo Media Inc. - Fun4IM Coordinator.) - C:\PROGRA~2\Fun4IM\Bandoo.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: (nvsvc) - Clé orpheline O23 - Service: (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-FABULEUZ-PC-FABULEUZ] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance] (.Pas de propriétaire.) -- C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{22116563-108C-42c0-A7CE-60161B75E508}] (.Pas de propriétaire.) -- C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}] (.Pas de propriétaire.) -- C:\Windows\Fhewya.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}] (.Pas de propriétaire.) -- C:\Users\FABULEUZ\AppData\Local\Temp\Ffr.exe (.not file.) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (dmeoaaew) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\dmeoaaew.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD} O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM] -- {925D058B-564A-443A-B4B2-7E90C6432E55} O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45} O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM] -- {8557397C-A42D-486F-97B3-A2CBC2372593} O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: Nokia Connectivity Cable Driver - (.Pas de propriétaire.) [HKLM] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F} O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASIO4ALL v2 by Wuschel] [HKCU\Software\ASUS] [HKCU\Software\Adobe] [HKCU\Software\Alcohol Soft] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software\{AAEDC5DC-05CC-DED7-78DB-C3BD57412D82}] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow\b4a4f807] [HKCU\Software\AppDataLow] [HKCU\Software\Audacity] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreAAC] [HKCU\Software\DT Soft] [HKCU\Software\Dimension] [HKCU\Software\ESET] [HKCU\Software\Electronic Arts] [HKCU\Software\Enkord] [HKCU\Software\FMJ-Software] [HKCU\Software\Flowmix] [HKCU\Software\GNU] [HKCU\Software\GRETECH] [HKCU\Software\GameShadow] [HKCU\Software\Google] [HKCU\Software\H3O8CABBPI] [HKCU\Software\Hewlett-Packard] [HKCU\Software\Hyperspace] [HKCU\Software\Image-Line] [HKCU\Software\JP595IR86O] [HKCU\Software\JavaSoft] [HKCU\Software\Jone Stone Productions] [HKCU\Software\Lauyan] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Minnetonka Audio Software] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nbeshine] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\NtWqIVLZEWZU] [HKCU\Software\OpenOffice.org] [HKCU\Software\PACE Anti-Piracy] [HKCU\Software\Policies] [HKCU\Software\RAD Game Tools] [HKCU\Software\Realtek] [HKCU\Software\SOFTWIN] [HKCU\Software\SecuROM] [HKCU\Software\SoftVoice] [HKCU\Software\Softonic] [HKCU\Software\Sonic Foundry] [HKCU\Software\Synthetic Aperture] [HKCU\Software\Syntrillium] [HKCU\Software\Sysinternals] [HKCU\Software\TuneUp] [HKCU\Software\UIC Phoenxsoftware] [HKCU\Software\VSO] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinZip Computing] [HKCU\Software\Winferno] [HKCU\Software\Wow6432Node] [HKCU\Software\XML] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\eMule] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\EA GAMES] [HKLM\Software\ESET] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Imagineer Systems Ltd] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\Synthetic Aperture] [HKLM\Software\TuneUp] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD: 17/06/2010 - 23:01:20 ----D- C:\Program Files\Adobe O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files O43 - CFD: 14/07/2009 - 16:35:42 ----D- C:\Program Files\DVD Maker O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 21/06/2010 - 12:55:04 ----D- C:\Program Files\Google O43 - CFD: 31/12/2010 - 18:58:40 ----D- C:\Program Files\Internet Explorer O43 - CFD: 16/08/2010 - 19:16:20 ----D- C:\Program Files\Interplay O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild O43 - CFD: 09/09/2010 - 18:36:50 ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 17/06/2010 - 08:49:50 ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender O43 - CFD: 14/07/2009 - 16:35:40 ----D- C:\Program Files\Windows Journal O43 - CFD: 21/12/2010 - 20:31:02 ----D- C:\Program Files\Windows Mail O43 - CFD: 31/10/2010 - 13:36:00 ----D- C:\Program Files\Windows Media Player O43 - CFD: 16/06/2010 - 17:23:24 ----D- C:\Program Files\Windows NT O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar O43 - CFD: 17/06/2010 - 23:02:00 ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files\PACE Anti-Piracy O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\System O43 - CFD: 22/06/2010 - 11:23:10 ----D- C:\ProgramData\Adobe O43 - CFD: 17/06/2010 - 22:59:14 ----D- C:\ProgramData\ALM O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data O43 - CFD: 31/12/2010 - 10:53:00 ----D- C:\ProgramData\Avira O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Bureau O43 - CFD: 17/06/2010 - 22:21:08 ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents O43 - CFD: 16/08/2010 - 18:40:00 ----D- C:\ProgramData\eMule O43 - CFD: 02/09/2010 - 16:54:06 ----D- C:\ProgramData\Enkord O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites O43 - CFD: 15/12/2010 - 12:02:28 ----D- C:\ProgramData\Fun4IM O43 - CFD: 21/06/2010 - 12:55:30 ----D- C:\ProgramData\Google O43 - CFD: 20/06/2010 - 20:00:56 ----D- C:\ProgramData\GRETECH O43 - CFD: 18/06/2010 - 15:17:02 ----D- C:\ProgramData\Lauyan O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 29/11/2010 - 16:16:56 -S-AD- C:\ProgramData\Microsoft O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Modèles O43 - CFD: 09/09/2010 - 18:39:38 ----D- C:\ProgramData\NVIDIA O43 - CFD: 09/09/2010 - 18:36:16 ----D- C:\ProgramData\NVIDIA Corporation O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\ProgramData\PACE Anti-Piracy O43 - CFD: 17/06/2010 - 23:08:10 ----D- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu O43 - CFD: 17/06/2010 - 08:40:26 ----D- C:\ProgramData\Sun O43 - CFD: 06/09/2010 - 15:10:46 ---AD- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates O43 - CFD: 31/10/2010 - 13:43:56 ----D- C:\ProgramData\TuneUp Software O43 - CFD: 20/06/2010 - 19:57:18 ----D- C:\ProgramData\Winferno O43 - CFD: 30/11/2010 - 06:38:20 ----D- C:\ProgramData\WinZip O43 - CFD: 16/08/2010 - 09:40:36 ----D- C:\ProgramData\Yahoo! O43 - CFD: 17/06/2010 - 23:02:00 ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files\PACE Anti-Piracy O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\System O43 - CFD: 17/06/2010 - 22:59:52 ----D- C:\Program Files (x86)\Adobe O43 - CFD: 12/09/2010 - 10:09:02 ----D- C:\Program Files (x86)\Alcohol Soft O43 - CFD: 11/10/2010 - 17:35:44 ----D- C:\Program Files (x86)\Anti-Blaxx 1.18 O43 - CFD: 20/06/2010 - 18:25:08 ----D- C:\Program Files (x86)\ASIO4ALL v2 O43 - CFD: 29/11/2010 - 16:17:10 ----D- C:\Program Files (x86)\Auxiliary Power O43 - CFD: 31/12/2010 - 10:53:00 ----D- C:\Program Files (x86)\Avira O43 - CFD: 23/10/2010 - 14:43:26 ----D- C:\Program Files (x86)\Babylon O43 - CFD: 23/10/2010 - 11:26:10 ----D- C:\Program Files (x86)\Bethesda Softworks O43 - CFD: 29/10/2010 - 11:46:04 ----D- C:\Program Files (x86)\bitComposer Games O43 - CFD: 06/09/2010 - 15:17:20 ----D- C:\Program Files (x86)\BitTorrent O43 - CFD: 02/11/2010 - 18:08:02 ----D- C:\Program Files (x86)\Common Files O43 - CFD: 20/06/2010 - 20:00:40 ----D- C:\Program Files (x86)\CoreAAC O43 - CFD: 14/10/2010 - 09:28:22 ----D- C:\Program Files (x86)\CureROM O43 - CFD: 11/10/2010 - 17:01:10 ----D- C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 21/10/2010 - 12:53:22 ----D- C:\Program Files (x86)\DAEMON Tools Toolbar O43 - CFD: 17/09/2010 - 11:19:54 ----D- C:\Program Files (x86)\DAZ O43 - CFD: 02/09/2010 - 15:21:10 ----D- C:\Program Files (x86)\directx O43 - CFD: 21/10/2010 - 16:53:56 ----D- C:\Program Files (x86)\EA GAMES O43 - CFD: 14/10/2010 - 10:59:52 ----D- C:\Program Files (x86)\Eidos O43 - CFD: 16/08/2010 - 18:39:54 ----D- C:\Program Files (x86)\eMule O43 - CFD: 31/12/2010 - 11:02:24 ----D- C:\Program Files (x86)\Feedback Tool O43 - CFD: 23/10/2010 - 18:29:56 ----D- C:\Program Files (x86)\ffdshow O43 - CFD: 11/10/2010 - 18:12:12 ----D- C:\Program Files (x86)\FlexCell O43 - CFD: 25/11/2010 - 15:29:16 ----D- C:\Program Files (x86)\FMOD SoundSystem O43 - CFD: 11/10/2010 - 18:12:12 ----D- C:\Program Files (x86)\Forms Data Loader Free O43 - CFD: 23/10/2010 - 18:25:52 ----D- C:\Program Files (x86)\Free Offers from Freeze.com O43 - CFD: 15/12/2010 - 12:02:32 ----D- C:\Program Files (x86)\Fun4IM O43 - CFD: 12/09/2010 - 18:21:24 ----D- C:\Program Files (x86)\GCH Guitar academy O43 - CFD: 21/06/2010 - 12:55:24 ----D- C:\Program Files (x86)\Google O43 - CFD: 20/06/2010 - 20:00:46 ----D- C:\Program Files (x86)\GRETECH O43 - CFD: 15/12/2010 - 12:02:48 ----D- C:\Program Files (x86)\icons O43 - CFD: 27/10/2010 - 18:28:56 ----D- C:\Program Files (x86)\Image-Line O43 - CFD: 24/10/2010 - 09:53:08 --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 16/06/2010 - 18:00:04 ----D- C:\Program Files (x86)\Intel O43 - CFD: 31/12/2010 - 18:58:40 ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 17/06/2010 - 08:39:48 ----D- C:\Program Files (x86)\Java O43 - CFD: 23/08/2010 - 10:23:58 ----D- C:\Program Files (x86)\JRE O43 - CFD: 18/06/2010 - 15:17:04 ----D- C:\Program Files (x86)\Lauyan O43 - CFD: 09/09/2010 - 18:14:08 ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 31/12/2010 - 19:24:48 ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\My Company Name O43 - CFD: 31/10/2010 - 13:49:26 ----D- C:\Program Files (x86)\Need For Speed Hot Pursuit 2 O43 - CFD: 31/10/2010 - 16:08:42 ----D- C:\Program Files (x86)\nfs O43 - CFD: 29/10/2010 - 09:24:44 ----D- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 23/08/2010 - 10:23:58 ----D- C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 20/06/2010 - 18:24:32 ----D- C:\Program Files (x86)\Outsim O43 - CFD: 11/09/2010 - 13:18:12 ----D- C:\Program Files (x86)\RADVideo O43 - CFD: 17/06/2010 - 08:49:36 ----D- C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 13/09/2010 - 12:51:02 ----D- C:\Program Files (x86)\Road To Fame O43 - CFD: 28/11/2010 - 12:21:04 --H-D- C:\Program Files (x86)\Roland O43 - CFD: 16/09/2010 - 12:14:18 ----D- C:\Program Files (x86)\Smith Micro O43 - CFD: 28/09/2010 - 11:19:24 ----D- C:\Program Files (x86)\Softonic_France O43 - CFD: 02/01/2011 - 08:06:16 ----D- C:\Program Files (x86)\Steam O43 - CFD: 17/06/2010 - 08:50:50 --H-D- C:\Program Files (x86)\Temp O43 - CFD: 02/11/2010 - 18:40:52 ----D- C:\Program Files (x86)\THQ O43 - CFD: 10/09/2010 - 13:26:00 ----D- C:\Program Files (x86)\Ubisoft O43 - CFD: 03/08/2010 - 09:49:42 ----D- C:\Program Files (x86)\UIC Phoenxsoftware O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 20/06/2010 - 19:36:06 ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 31/12/2010 - 11:43:06 ----D- C:\Program Files (x86)\VLC Player O43 - CFD: 12/09/2010 - 11:00:02 ----D- C:\Program Files (x86)\vso O43 - CFD: 27/10/2010 - 18:29:06 ----D- C:\Program Files (x86)\VstPlugins O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 21/12/2010 - 20:31:00 ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 31/10/2010 - 13:36:00 ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 30/11/2010 - 06:37:44 ----D- C:\Program Files (x86)\WinZip O43 - CFD: 02/01/2011 - 08:26:54 ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 17/06/2010 - 22:53:00 ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 17/06/2010 - 22:32:40 ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 16/09/2010 - 13:52:54 ----D- C:\Program Files (x86)\Common Files\DAZ O43 - CFD: 10/09/2010 - 13:22:30 ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 17/06/2010 - 08:40:26 ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 16/09/2010 - 12:16:40 ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 28/10/2010 - 16:41:50 ----D- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 02/11/2010 - 18:08:02 ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A8A21B98733044F7060C65CF437F07DE] - 02/01/2011 - 08:13:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19040] O44 - LFC:[MD5.A8A21B98733044F7060C65CF437F07DE] - 02/01/2011 - 08:13:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19040] O44 - LFC:[MD5.532F3E7C41715DA3071738E7920444CA] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.175DCB6819A736A4BB3192F18CE12362] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [106190] O44 - LFC:[MD5.003F92AF268A404B320D464824814227] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [130548] O44 - LFC:[MD5.70835F86BAAB994905C10A40D096EF61] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [615810] O44 - LFC:[MD5.C227A2CB11876C29127D0430C4CC6CE1] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [704242] O44 - LFC:[MD5.070000000000000000000000B8EE1800] - 02/01/2011 - 08:09:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1614553] O44 - LFC:[MD5.1A5F269E443B0B7B375185D1442639DB] - 02/01/2011 - 08:05:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [11028] O44 - LFC:[MD5.92CFE8F17E787BE19BEC4BA2ED2BEBB6] - 02/01/2011 - 08:05:48 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.579F662EC3D8401FA7D7F68BDE58BD83] - 31/12/2010 - 11:06:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\IE9_main.log [5428] O44 - LFC:[MD5.71177AB27204CC7DA01E6CC6A3B2371E] - 31/12/2010 - 11:04:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\ieuinit.inf [72533] O44 - LFC:[MD5.71177AB27204CC7DA01E6CC6A3B2371E] - 31/12/2010 - 11:04:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ieuinit.inf [72533] O44 - LFC:[MD5.FB6D9C2A0FC44E91117720B31C2D012B] - 30/12/2010 - 08:06:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [4866160] O44 - LFC:[MD5.7F319E86085C6D5F50A48C3F4A1772AB] - 28/12/2010 - 21:26:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\BlendSettings.ini [23] O44 - LFC:[MD5.D441A1E6486513FDCAEB1938D75DB91A] - 21/12/2010 - 20:32:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [47158] O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 21/12/2010 - 20:04:44 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104] O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080] O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294400] ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell\AutoRun\command. (.Electronic Arts Inc. - rungame MFC Application.) -- E:\RunGame.exe O51 - MPSK:{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\OblivionLauncher.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [106576] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28752] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.19B006B181E3875FD254F7B67ACF1E7C] - 16/07/2009 - 04:38:40 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [15416] O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 01/01/2011 - 19:00:09 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120] O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 17/08/2010 - 13:39:11 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888] O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410688] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.AD8C3895155EE8D057F073856B2D5851] - 28/06/2007 - 10:47:14 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\nmwcdx64.sys [173056] O58 - SDL:[MD5.E55CAB397F77D5208DB18A78B1B7C0D5] - 10/07/2010 - 04:38:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 258.96.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13187176] O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 14/07/2009 - 02:48:27 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [149056] O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 14/07/2009 - 02:45:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [167488] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.4B42BC58294E83A6A92EC8B88C14C4A3] - 23/06/2010 - 09:10:56 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [344680] O58 - SDL:[MD5.D42D651676883181400E22957A7E0B1E] - 22/05/2009 - 19:04:22 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1762080] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.2D0000000000000000000000B8EE1800] - 17/06/2010 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 28/12/2007 - 08:22:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296] ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - (.not file.) - ehdrv (ehdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_EHDRV O64 - Services: CurCS - (.not file.) - epfwwfpr (epfwwfpr) .(.Pas de propriétaire - Pas de description.) - LEGACY_EPFWWFPR O64 - Services: CurCS - C:\Windows\system32\Drivers\EXFAT.sys - (.not file.) - exFAT File System Driver (exfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_EXFAT O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - (.not file.) - UnlockerDriver5 (UnlockerDriver5) .(.Pas de propriétaire - Pas de description.) - LEGACY_UNLOCKERDRIVER5 O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - {searchTerms} - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - {searchTerms} - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - {searchTerms} - Recherche Google O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON Search) - DAEMON-Search.com :: SEARCH O69 - SBI: SearchScopes [HKCU] {F0A89676-EE10-41DB-8AA7-8E2A016F48BE} - (Yahoo! Search) - {searchterms} - Yahoo! France Résultats de recherche ---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84) [MD5.E4CC410BD005958125CD87C5F6E66371] [sPRF] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\FABULEUZ\AppData\Local\Temp\GLF93C8.tmp.tbMedi.dll [3908192] [MD5.D20AF64D70A5DA7D77DB105755BE6DCB] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\FABULEUZ\AppData\Local\Temp\InstallHelper.dll [1323520] [MD5.24DF7F7E1A7F839B569149F76EF0C321] [sPRF] (.2K Czech - Mafia II Application.) -- C:\Users\FABULEUZ\AppData\Local\Temp\mafia2.exe [24261920] [MD5.D0E80D812DBB66C8B949FA5E4FA82E1C] [sPRF] (.Secure Digital Services Limited - OfferBox Browser setup.) -- C:\Users\FABULEUZ\AppData\Local\Temp\OB.exe [1729296] [MD5.E13ED373938A428A7F737A6B4BC740C1] [sPRF] (.GMER - GMER Driver http://www.gmer.net.) -- C:\Users\FABULEUZ\AppData\Local\Temp\pwliakog.sys [94848] [MD5.82EC7DCC8D7C2D3E0AA19A49FD7117B5] [sPRF] (.Acresso Software Inc. - InstallScript Setup Launcher.) -- C:\Users\FABULEUZ\AppData\Local\Temp\setup.exe [807560] [MD5.0487A88CE05C6B6D80E51BD1BC803BCC] [sPRF] (.Discordia Limited - Windows Searchqu Toolbar 2.0.) -- C:\Users\FABULEUZ\AppData\Local\Temp\SetupDataMngr_Searchqu.exe [2457944] [MD5.72707C24A3C8D13865B7B0360D8D8DFD] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\FABULEUZ\AppData\LocalLow\cookieman.exe [46080] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 17/08/2010 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 01/01/2011 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SS - | Auto 19/11/2010 1942416 | (Fun4IM Coordinator) . (.Bandoo Media Inc..) - C:\PROGRA~2\Fun4IM\Bandoo.exe SS - | Auto 21/06/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 21/06/2010 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 21/06/2010 0 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe SS - | Demand 16/07/2009 316664 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by FABULEUZ at 02/01/2011 08:27:59 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by FABULEUZ at 02/01/2011 08:27:59 Use the desktop link 'MBRCheck' to have full report ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.2D0000000000000000000000B8EE1800] - 17/06/2010 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544] End of the scan (794 lines in 01mn 09s)(0) merci de votre aide...
- le 2 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

ensuite le rapport d'AD remover après nettoyage: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 22/12/10 à 11:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 08:03:24 le 02/01/2011, Mode normal Microsoft Windows 7 Professionnel (X64) FABULEUZ@FABULEUZ-PC (System manufacturer System Product Name) ============== ACTION(S) ============== Fichier supprimé: C:\Windows\system32\c0e801a6.exe Dossier supprimé: C:\Program Files (x86)\InstallPedia Fichier supprimé: C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchquWebSearch.xml Dossier supprimé: C:\Program Files (x86)\Windows Searchqu Toolbar Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk Dossier supprimé: C:\Users\FABULEUZ\AppData\Roaming\Bandoo Dossier supprimé: C:\ProgramData\Bandoo Dossier supprimé: C:\Users\FABULEUZ\AppData\LocalLow\Conduit Dossier supprimé: C:\Users\FABULEUZ\AppData\LocalLow\SearchquTB Dossier supprimé: C:\Users\FABULEUZ\AppData\Roaming\OfferBox Dossier supprimé: C:\Users\Administrateur\AppData\Roaming\OfferBox Dossier supprimé: C:\Program Files (x86)\OfferBox (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070} Clé supprimée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5} Clé supprimée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217} Clé supprimée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F} Clé supprimée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62} Clé supprimée: HKLM\Software\Classes\CLSID\{33390146-9f73-6b9c-d2c8-bb5b58991cc4} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33390146-9f73-6b9c-d2c8-bb5b58991cc4} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{33390146-9f73-6b9c-d2c8-bb5b58991cc4} Clé supprimée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531} Clé supprimée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8} Clé supprimée: HKLM\Software\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé supprimée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7} Clé supprimée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB} Clé supprimée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101} Clé supprimée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1} Clé supprimée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44} Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Clé supprimée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B} Clé supprimée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417} Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Clé supprimée: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA} Clé supprimée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786} Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c0e801a6 Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1 Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1 Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1 Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1 Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore.1 Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1 Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr.1 Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr.1 Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1 Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1 Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1 Clé supprimée: HKLM\Software\Classes\Toolbar.CT1460988 Clé supprimée: HKLM\Software\Classes\Toolbar.CT2391419 Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115 Clé supprimée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Clé supprimée: HKLM\Software\OfferBox Clé supprimée: HKLM\Software\InstallPedia Clé supprimée: HKLM\Software\SearchquMediabarTb Clé supprimée: HKLM\Software\bandoo Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKLM\Software\Freeze.com Clé supprimée: HKCU\Software\OfferBox Clé supprimée: HKCU\Software\Conduit Clé supprimée: HKCU\Software\AppDataLow\Software\searchqutb Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|IP Network Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.13 (fr)] ** -- C:\Users\FABULEUZ\AppData\Roaming\Mozilla\FireFox\Profiles\8wkitryo.default\Prefs.js -- browser.startup.homepage_override.mstone, rv:1.9.2.13 ======================================== ** Internet Explorer Version [9.0.7930.16406] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\SysWOW64\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 493 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 02/01/2011 (8704 Octet(s)) C:\Ad-Report-SCAN[1].txt - 02/01/2011 (8353 Octet(s)) Fin à: 08:04:19, 02/01/2011 ============== E.O.F ==============
- le 2 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a répondu à un(e) sujet de syphilis dans Analyses et éradication malwares

bonjour, tout d'abord bonne année... et c'est parti: voici le rapport de scan d'AD remover: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 22/12/10 à 11:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 08:02:01 le 02/01/2011, Mode normal Microsoft Windows 7 Professionnel (X64) FABULEUZ@FABULEUZ-PC (System manufacturer System Product Name) ============== RECHERCHE ============== Fichier trouvé: C:\Windows\system32\c0e801a6.exe Dossier trouvé: C:\Program Files (x86)\InstallPedia Fichier trouvé: C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchquWebSearch.xml Dossier trouvé: C:\Program Files (x86)\Windows Searchqu Toolbar Fichier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk Dossier trouvé: C:\Users\FABULEUZ\AppData\Roaming\Bandoo Dossier trouvé: C:\ProgramData\Bandoo Dossier trouvé: C:\Users\FABULEUZ\AppData\LocalLow\Conduit Dossier trouvé: C:\Users\FABULEUZ\AppData\LocalLow\SearchquTB Dossier trouvé: C:\Users\FABULEUZ\AppData\Roaming\OfferBox Dossier trouvé: C:\Users\Administrateur\AppData\Roaming\OfferBox Dossier trouvé: C:\Program Files (x86)\OfferBox Clé trouvée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070} Clé trouvée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5} Clé trouvée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217} Clé trouvée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F} Clé trouvée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62} Clé trouvée: HKLM\Software\Classes\CLSID\{33390146-9f73-6b9c-d2c8-bb5b58991cc4} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33390146-9f73-6b9c-d2c8-bb5b58991cc4} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{33390146-9f73-6b9c-d2c8-bb5b58991cc4} Clé trouvée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531} Clé trouvée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8} Clé trouvée: HKLM\Software\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020} Clé trouvée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7} Clé trouvée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB} Clé trouvée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101} Clé trouvée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1} Clé trouvée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44} Clé trouvée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Clé trouvée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B} Clé trouvée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417} Clé trouvée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Clé trouvée: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA} Clé trouvée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786} Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c0e801a6 Clé trouvée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator Clé trouvée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1 Clé trouvée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI Clé trouvée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1 Clé trouvée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult Clé trouvée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1 Clé trouvée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier Clé trouvée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1 Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore.1 Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1 Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr.1 Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr.1 Clé trouvée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin Clé trouvée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1 Clé trouvée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl Clé trouvée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1 Clé trouvée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl Clé trouvée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1 Clé trouvée: HKLM\Software\Classes\Toolbar.CT1460988 Clé trouvée: HKLM\Software\Classes\Toolbar.CT2391419 Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115 Clé trouvée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE Clé trouvée: HKLM\Software\Classes\AppID\BandooCore.EXE Clé trouvée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Clé trouvée: HKLM\Software\OfferBox Clé trouvée: HKLM\Software\InstallPedia Clé trouvée: HKLM\Software\SearchquMediabarTb Clé trouvée: HKLM\Software\bandoo Clé trouvée: HKLM\Software\Conduit Clé trouvée: HKLM\Software\Freeze.com Clé trouvée: HKCU\Software\OfferBox Clé trouvée: HKCU\Software\Conduit Clé trouvée: HKCU\Software\AppDataLow\Software\searchqutb Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403} Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|IP Network Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.13 (fr)] ** -- C:\Users\FABULEUZ\AppData\Roaming\Mozilla\FireFox\Profiles\8wkitryo.default\Prefs.js -- browser.startup.homepage_override.mstone, rv:1.9.2.13 ======================================== ** Internet Explorer Version [9.0.7930.16406] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Show_ToolBar: yes Start Page: hxxp://google.fr/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\SysWOW64\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 02/01/2011 (8224 Octet(s)) Fin à: 08:02:37, 02/01/2011 ============== E.O.F ==============
- le 2 janvier 2011
- 13 réponses
Fenêtres publicitaires intempestives

syphilis a posté un sujet dans Analyses et éradication malwares

bonjour je suis depuis un moment confrontée à un problème de malware, si je me fie aux informations que j'ai grapillé sur le forum... des fenetres publicitaires s'ouvrent indépendament de ma volonté pendant la navigation et aussi hors navigation, surtout la nuit j'ai l'impression. Il arrive qu'au matin un dizaine de fenetres publicitaires soient ouvertes sur l'ordinateur, et ça commence à me rendre folle! merci à toute aide qui puisse m'etre apportée... ci joint un rapport (log) hijackthis comme conseillé dans la procédure d'éradication de malwares que j'ai lue sur le forum: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:09:25, on 31/12/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\PROGRA~2\Fun4IM\BndCore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\FABULEUZ\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: lightspeedincome - {33390146-9f73-6b9c-d2c8-bb5b58991cc4} - C:\Windows\SysWow64\e84fe9b1.dll (file missing) O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Fun4IM\Plugins\IE\ieplugin.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [iP Network] C:\Program Files (x86)\InstallPedia\networker.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - AppInit_DLLs: c:\progra~2\fun4im\bndhook.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Fun4IM Coordinator - Bandoo Media Inc. - C:\PROGRA~2\Fun4IM\Bandoo.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 22423 bytes merci beaucoup d'avance de l'aide qui pourrait m'etre apportée
- le 31 décembre 2010
- 13 réponses

Connexion

syphilis

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par syphilis

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Fenêtres publicitaires intempestives

Zebulon

Outils en ligne

Naviguer