Aller au contenu

grenadedopium

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    91

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par grenadedopium

  1. grenadedopium
    Trois remarques par rapport à combofix : 1)L'étape 5 a duré 25 mns 2)J'ai été obligé de redémarrer pour que tout fonctionne correctement à nouveau . 3)20 dossiers nouveaux (pour la plupart vide sont dans C:\) 4)Un message avira guard apparaît dans la zone de notification quand j'ouvre C:\ ComboFix 11-03-27.02 - chris 28/03/2011 17:35:09.1.1 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.1976.1221 [GMT 2:00] Lancé depuis: c:\users\chris\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-02-28 au 2011-03-28 )))))))))))))))))))))))))))))))))))) . . 2011-03-28 16:14 . 2011-03-28 16:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-03-27 03:08 . 2011-03-27 03:08 -------- d-----w- c:\windows\system32\RTCOM 2011-03-27 02:45 . 2011-03-27 02:45 -------- d-----w- c:\program files\Media Player Classic - Home Cinema 2011-03-27 02:40 . 2011-03-27 02:40 -------- d-----w- c:\users\chris\AppData\Roaming\VistaCodecs 2011-03-27 02:40 . 2011-03-27 02:40 -------- d-----w- c:\program files\VistaCodecPack 2011-03-27 02:37 . 2011-03-27 02:41 -------- d-----w- c:\programdata\VistaCodecs 2011-03-27 01:20 . 2011-03-27 01:20 -------- d-----w- c:\program files\DAEMON Tools Lite 2011-03-27 01:19 . 2011-03-27 01:29 -------- d-----w- c:\users\chris\AppData\Roaming\DAEMON Tools Lite 2011-03-27 01:19 . 2011-03-27 01:19 -------- d-----w- c:\programdata\DAEMON Tools Lite 2011-03-26 21:20 . 2011-03-26 21:20 -------- d-----w- c:\users\chris\AppData\Roaming\Avira 2011-03-26 18:12 . 2011-03-26 18:12 -------- d-----w- c:\users\chris\AppData\Roaming\InstallShield 2011-03-25 17:01 . 2011-03-25 17:15 -------- d--h--w- c:\program files\Temp 2011-03-25 00:48 . 2011-02-04 11:09 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-03-25 00:48 . 2011-02-04 11:09 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-03-25 00:48 . 2011-03-25 00:48 -------- d-----w- c:\programdata\Avira 2011-03-25 00:48 . 2011-03-25 00:48 -------- d-----w- c:\program files\Avira 2011-03-24 20:46 . 2011-03-24 21:07 -------- d-----w- c:\program files\Wise Registry Cleaner 2011-03-23 13:01 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll 2011-03-23 13:01 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll 2011-03-23 13:01 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-03-22 10:22 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA6555E8-FA72-4F57-9584-9A01CB784E7F}\mpengine.dll 2011-03-21 18:16 . 2011-03-28 16:14 -------- d-----w- c:\users\chris\AppData\Local\temp 2011-03-19 00:32 . 2010-12-30 14:01 80416 ----a-w- c:\windows\system32\RtNicProp32.dll 2011-03-19 00:32 . 2010-12-30 14:01 309352 ----a-w- c:\windows\system32\drivers\Rtlh86.sys 2011-03-19 00:20 . 2011-03-19 00:20 -------- d-----w- c:\windows\system32\sda 2011-03-19 00:19 . 2010-10-29 15:11 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2011-03-19 00:19 . 2010-10-29 15:11 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll 2011-03-19 00:19 . 2010-10-29 15:11 313960 ----a-w- c:\windows\system32\RtsUStor.dll 2011-03-16 19:41 . 2011-03-28 00:06 -------- d-----w- c:\users\chris\AppData\Roaming\Media Player Classic 2011-03-15 23:33 . 2011-03-24 13:58 -------- d-----w- c:\program files\trend micro 2011-03-12 15:06 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll 2011-03-12 14:55 . 2011-03-12 15:05 -------- d--h--w- c:\windows\msdownld.tmp 2011-03-09 21:01 . 2011-03-09 21:59 3 ----a-w- c:\windows\treeskp.sys 2011-03-09 21:01 . 2011-03-09 21:59 3 ----a-w- c:\windows\sbacknt.bin 2011-03-09 19:28 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll 2011-03-09 19:28 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll 2011-03-09 19:28 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll 2011-03-09 19:28 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax 2011-03-09 19:27 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll 2011-03-09 19:27 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe 2011-03-08 01:49 . 2011-02-05 06:20 94208 ----a-w- c:\program files\Internet Explorer\fr\iediag.resources.dll . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-27 03:02 . 2009-01-08 12:12 319456 ----a-w- c:\windows\DIFxAPI.dll 2011-03-27 01:20 . 2011-01-18 13:00 431672 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-02-28 07:09 . 2009-01-08 12:07 53248 ----a-w- c:\windows\system32\CSVer.dll 2011-02-24 23:18 . 2011-02-24 23:18 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-02-10 15:51 . 2011-02-10 15:51 3075072 ----a-w- c:\windows\system32\x264vfw.dll 2011-02-09 23:45 . 2011-02-09 23:41 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2011-02-09 14:56 . 2009-01-08 12:12 1284712 ----a-w- c:\windows\RtlExUpd.dll 2011-02-02 20:40 . 2010-05-09 00:53 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-02 16:11 . 2009-11-25 13:50 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-01-20 16:37 . 2011-02-09 18:32 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-01-20 16:08 . 2011-02-09 18:32 478720 ----a-w- c:\windows\system32\dxgi.dll 2011-01-20 16:08 . 2011-02-09 18:32 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2011-01-20 16:08 . 2011-02-09 18:32 189952 ----a-w- c:\windows\system32\d3d10core.dll 2011-01-20 16:08 . 2011-02-09 18:32 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2011-01-20 16:08 . 2011-02-09 18:32 1029120 ----a-w- c:\windows\system32\d3d10.dll 2011-01-20 16:07 . 2011-02-09 18:32 37376 ----a-w- c:\windows\system32\cdd.dll 2011-01-20 16:07 . 2011-02-09 18:32 258048 ----a-w- c:\windows\system32\winspool.drv 2011-01-20 16:07 . 2011-02-09 18:32 586240 ----a-w- c:\windows\system32\stobject.dll 2011-01-20 16:06 . 2011-02-09 18:32 2873344 ----a-w- c:\windows\system32\mf.dll 2011-01-20 16:06 . 2011-02-09 18:32 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2011-01-20 16:04 . 2011-02-09 18:32 209920 ----a-w- c:\windows\system32\mfplat.dll 2011-01-20 16:04 . 2011-02-09 18:32 98816 ----a-w- c:\windows\system32\mfps.dll 2011-01-20 14:28 . 2011-02-09 18:32 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2011-01-20 14:27 . 2011-02-09 18:32 876032 ----a-w- c:\windows\system32\XpsPrint.dll 2011-01-20 14:26 . 2011-02-09 18:32 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2011-01-20 14:25 . 2011-02-09 18:32 847360 ----a-w- c:\windows\system32\OpcServices.dll 2011-01-20 14:24 . 2011-02-09 18:32 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2011-01-20 14:15 . 2011-02-09 18:32 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2011-01-20 14:14 . 2011-02-09 18:32 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll 2011-01-20 14:14 . 2011-02-09 18:32 302592 ----a-w- c:\windows\system32\mfmp4src.dll 2011-01-20 14:14 . 2011-02-09 18:32 261632 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-01-20 14:12 . 2011-02-09 18:32 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2011-01-20 14:11 . 2011-02-09 18:32 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2011-01-20 13:47 . 2011-02-09 18:32 683008 ----a-w- c:\windows\system32\d2d1.dll 2011-01-08 08:47 . 2011-02-09 18:31 34304 ----a-w- c:\windows\system32\atmlib.dll 2011-01-08 06:28 . 2011-02-09 18:31 292352 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 13:57 . 2011-02-09 18:33 2039808 ----a-w- c:\windows\system32\win32k.sys 2010-12-30 14:01 . 2009-12-03 08:27 100896 ----a-w- c:\windows\system32\RTNUninst32.dll 2010-12-29 00:23 . 2010-12-29 00:23 79360 ----a-w- c:\windows\system32\ff_vfw.dll 2010-12-29 00:19 . 2010-12-29 00:19 45056 ----a-w- c:\windows\system32\ff_acm.acm 2011-03-22 15:46 . 2011-03-09 23:37 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Google Update"="c:\users\chris\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-03-11 136176] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2009-03-03 107248] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768] "RtHDVCpl"="RtHDVCpl.exe" [2011-03-27 6265376] "Skytel"="Skytel.exe" [2011-03-27 1833504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys] 2008-07-07 15:26 1038136 ----a-w- c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1755130069-18621656-2337756405-1000] "EnableNotificationsRef"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 135664] R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 103040] R3 NETw5v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752] R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2009-02-03 28224] R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-02-04 135336] S2 ETService;Empowering Technology Service;c:\program files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [2008-07-16 24576] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504] S2 SetupARService;SetupARService;c:\program files\Realtek\Audio\SetupAfterRebootService.exe [2011-03-25 24576] S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-07-29 418816] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-29 197224] S4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] . . --- Autres Services/Pilotes en mémoire --- . *Deregistered* - klmd25 *Deregistered* - sptd . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . Contenu du dossier 'Tâches planifiées' . 2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 00:52] . 2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 00:52] . 2011-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000Core.job - c:\users\chris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 00:19] . 2011-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000UA.job - c:\users\chris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 00:19] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html Trusted Zone: mappy.com Trusted Zone: orange.fr Trusted Zone: voila.fr\rw.search.ke Trusted Zone: weborama.fr\orange FF - ProfilePath - c:\users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\005noqo4.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-03-28 18:14 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'Explorer.exe'(1524) c:\program files\OrangeHSS\Launcher\Inactivity.Dll . Heure de fin: 2011-03-28 18:19:07 ComboFix-quarantined-files.txt 2011-03-28 16:19 . Avant-CF: 34 978 037 760 octets libres Après-CF: 34 954 387 456 octets libres . - - End Of File - - A761F5645F062E5CFE76EE58EE99F08C
  2. grenadedopium
    Results of screen317's Security Check version 0.99.10 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Wise Registry Cleaner 5.9.4 Java 6 Update 24 Adobe Reader X (10.0.1) - Français Mozilla Firefox (x86 fr..) ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log````````````
  3. grenadedopium
    Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6194 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8080.16413 28/03/2011 16:14:30 mbam-log-2011-03-28 (16-14-30).txt Type d'examen: Examen rapide Elément(s) analysé(s): 146124 Temps écoulé: 3 minute(s), 32 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  4. grenadedopium
    Je tenais à vous signaler que sptd ( C:\Windows\System32\Drivers\sptd.sys. md5: 614deea4bdcec3fd5a07bdc705723ad7) fait partie de deamon tool dont je me sers pour jouer à des jeux vidéos , en libre téléchargement (abandonware france) et que je désire le conserver .Merci de tenir compte de ma demande .
  5. grenadedopium
    Je tenais à vous signaler que sptd ( C:\Windows\System32\Drivers\sptd.sys. md5: 614deea4bdcec3fd5a07bdc705723ad7) fait partie de deamon tool dont je me sers pour jouer à des jeux vidéos , en libre téléchargement (abandonware france) et que je désire le conserver .Merci de tenir compte de ma demande .
  6. grenadedopium
    Bonjour , merci pour votre aide . 2011/03/28 16:00:55.0261 3144 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/03/28 16:00:55.0651 3144 ================================================================================ 2011/03/28 16:00:55.0651 3144 SystemInfo: 2011/03/28 16:00:55.0651 3144 2011/03/28 16:00:55.0651 3144 OS Version: 6.0.6002 ServicePack: 2.0 2011/03/28 16:00:55.0651 3144 Product type: Workstation 2011/03/28 16:00:55.0651 3144 ComputerName: PC-DE-CHRIS 2011/03/28 16:00:55.0651 3144 UserName: chris 2011/03/28 16:00:55.0651 3144 Windows directory: C:\Windows 2011/03/28 16:00:55.0651 3144 System windows directory: C:\Windows 2011/03/28 16:00:55.0651 3144 Processor architecture: Intel x86 2011/03/28 16:00:55.0651 3144 Number of processors: 1 2011/03/28 16:00:55.0651 3144 Page size: 0x1000 2011/03/28 16:00:55.0651 3144 Boot type: Normal boot 2011/03/28 16:00:55.0651 3144 ================================================================================ 2011/03/28 16:01:02.0764 3144 Initialize success 2011/03/28 16:01:16.0914 1832 ================================================================================ 2011/03/28 16:01:16.0914 1832 Scan started 2011/03/28 16:01:16.0914 1832 Mode: Manual; 2011/03/28 16:01:16.0914 1832 ================================================================================ 2011/03/28 16:01:17.0506 1832 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/03/28 16:01:17.0584 1832 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/03/28 16:01:17.0709 1832 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/03/28 16:01:17.0834 1832 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/03/28 16:01:17.0881 1832 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/03/28 16:01:17.0959 1832 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/03/28 16:01:18.0084 1832 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/03/28 16:01:18.0115 1832 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/03/28 16:01:18.0177 1832 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/03/28 16:01:18.0208 1832 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/03/28 16:01:18.0333 1832 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/03/28 16:01:18.0364 1832 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/03/28 16:01:18.0411 1832 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/03/28 16:01:18.0598 1832 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/03/28 16:01:18.0645 1832 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/03/28 16:01:18.0692 1832 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/03/28 16:01:18.0754 1832 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/03/28 16:01:18.0879 1832 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/03/28 16:01:18.0926 1832 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\Windows\system32\DRIVERS\avipbb.sys 2011/03/28 16:01:18.0988 1832 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/03/28 16:01:19.0129 1832 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/03/28 16:01:19.0176 1832 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/03/28 16:01:19.0222 1832 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/03/28 16:01:19.0269 1832 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/03/28 16:01:19.0394 1832 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/03/28 16:01:19.0441 1832 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/03/28 16:01:19.0472 1832 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/03/28 16:01:19.0519 1832 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/03/28 16:01:19.0628 1832 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/03/28 16:01:19.0831 1832 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/03/28 16:01:19.0956 1832 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/03/28 16:01:20.0018 1832 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/03/28 16:01:20.0205 1832 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/03/28 16:01:20.0330 1832 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/03/28 16:01:20.0377 1832 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/03/28 16:01:20.0408 1832 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/03/28 16:01:20.0517 1832 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/03/28 16:01:20.0658 1832 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/03/28 16:01:20.0736 1832 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/03/28 16:01:20.0782 1832 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/03/28 16:01:20.0907 1832 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/03/28 16:01:20.0970 1832 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/03/28 16:01:21.0094 1832 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/03/28 16:01:21.0157 1832 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/03/28 16:01:21.0328 1832 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/03/28 16:01:21.0453 1832 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/03/28 16:01:21.0562 1832 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/03/28 16:01:21.0672 1832 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/03/28 16:01:21.0734 1832 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/03/28 16:01:21.0796 1832 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/03/28 16:01:21.0937 1832 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/03/28 16:01:21.0999 1832 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/03/28 16:01:22.0062 1832 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/03/28 16:01:22.0171 1832 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/03/28 16:01:22.0233 1832 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/03/28 16:01:22.0311 1832 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/03/28 16:01:22.0436 1832 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/03/28 16:01:22.0545 1832 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/03/28 16:01:22.0592 1832 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/03/28 16:01:22.0670 1832 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys 2011/03/28 16:01:22.0779 1832 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/03/28 16:01:22.0857 1832 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/03/28 16:01:22.0935 1832 hwdatacard (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/03/28 16:01:23.0091 1832 hwusbfake (1d4d6d24256f61e6b08a3cf8184a78b8) C:\Windows\system32\DRIVERS\ewusbfake.sys 2011/03/28 16:01:23.0154 1832 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/03/28 16:01:23.0263 1832 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/03/28 16:01:23.0341 1832 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/03/28 16:01:23.0512 1832 igfx (0627fc0c422cd6e0f23e1b0d1d9f0899) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/03/28 16:01:23.0684 1832 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/03/28 16:01:23.0746 1832 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys 2011/03/28 16:01:23.0871 1832 IntcAzAudAddService (9b89f2e3d705651dec1f01033b9d6b24) C:\Windows\system32\drivers\RTKVHDA.sys 2011/03/28 16:01:24.0027 1832 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/03/28 16:01:24.0090 1832 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/03/28 16:01:24.0136 1832 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/03/28 16:01:24.0199 1832 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/03/28 16:01:24.0308 1832 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/03/28 16:01:24.0355 1832 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/03/28 16:01:24.0402 1832 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/03/28 16:01:24.0464 1832 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/03/28 16:01:24.0573 1832 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/03/28 16:01:24.0620 1832 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/03/28 16:01:24.0667 1832 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/03/28 16:01:24.0698 1832 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 2011/03/28 16:01:24.0823 1832 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/03/28 16:01:24.0948 1832 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/03/28 16:01:25.0041 1832 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/03/28 16:01:25.0088 1832 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/03/28 16:01:25.0213 1832 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/03/28 16:01:25.0275 1832 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/03/28 16:01:25.0322 1832 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/03/28 16:01:25.0416 1832 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/03/28 16:01:25.0540 1832 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/03/28 16:01:25.0618 1832 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/03/28 16:01:25.0650 1832 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/03/28 16:01:25.0743 1832 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys 2011/03/28 16:01:25.0790 1832 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/03/28 16:01:25.0837 1832 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/03/28 16:01:25.0930 1832 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/03/28 16:01:26.0008 1832 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/03/28 16:01:26.0071 1832 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/03/28 16:01:26.0180 1832 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/03/28 16:01:26.0242 1832 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/03/28 16:01:26.0274 1832 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/03/28 16:01:26.0367 1832 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/03/28 16:01:26.0430 1832 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/03/28 16:01:26.0492 1832 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/03/28 16:01:26.0586 1832 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/03/28 16:01:26.0648 1832 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/03/28 16:01:26.0695 1832 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/03/28 16:01:26.0742 1832 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/03/28 16:01:26.0866 1832 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/03/28 16:01:26.0929 1832 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/03/28 16:01:27.0022 1832 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/03/28 16:01:27.0100 1832 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/03/28 16:01:27.0225 1832 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/03/28 16:01:27.0303 1832 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/03/28 16:01:27.0412 1832 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/03/28 16:01:27.0475 1832 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/03/28 16:01:27.0553 1832 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/03/28 16:01:27.0646 1832 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/03/28 16:01:27.0709 1832 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/03/28 16:01:27.0756 1832 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/03/28 16:01:27.0896 1832 netr28 (ebbd48d3f4361773b812ca67a9cfc69b) C:\Windows\system32\DRIVERS\netr28.sys 2011/03/28 16:01:28.0130 1832 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys 2011/03/28 16:01:28.0333 1832 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/03/28 16:01:28.0395 1832 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/03/28 16:01:28.0442 1832 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/03/28 16:01:28.0582 1832 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/03/28 16:01:28.0723 1832 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/03/28 16:01:28.0770 1832 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/03/28 16:01:28.0832 1832 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/03/28 16:01:28.0879 1832 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/03/28 16:01:29.0004 1832 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/03/28 16:01:29.0128 1832 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2011/03/28 16:01:29.0191 1832 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/03/28 16:01:29.0300 1832 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/03/28 16:01:29.0347 1832 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/03/28 16:01:29.0404 1832 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys 2011/03/28 16:01:29.0560 1832 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys 2011/03/28 16:01:29.0638 1832 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/03/28 16:01:29.0775 1832 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 2011/03/28 16:01:29.0842 1832 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/03/28 16:01:29.0982 1832 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/03/28 16:01:30.0166 1832 Ph3xIB32 (9f2f541c52cd7a452e235e885f7d95de) C:\Windows\system32\DRIVERS\Ph3xIB32.sys 2011/03/28 16:01:30.0368 1832 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/03/28 16:01:30.0415 1832 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/03/28 16:01:30.0493 1832 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/03/28 16:01:30.0586 1832 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 2011/03/28 16:01:30.0649 1832 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/03/28 16:01:30.0789 1832 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/03/28 16:01:30.0836 1832 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/03/28 16:01:30.0867 1832 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/03/28 16:01:30.0930 1832 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/03/28 16:01:31.0039 1832 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/03/28 16:01:31.0086 1832 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/03/28 16:01:31.0148 1832 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/03/28 16:01:31.0257 1832 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/03/28 16:01:31.0320 1832 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/03/28 16:01:31.0366 1832 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/03/28 16:01:31.0507 1832 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/03/28 16:01:31.0600 1832 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/03/28 16:01:31.0663 1832 RSUSBSTOR (247b0a8164069cd4fe6f3094c581b13b) C:\Windows\system32\Drivers\RtsUStor.sys 2011/03/28 16:01:31.0788 1832 RTL8169 (fa43357fa184dab79edc6c0316603588) C:\Windows\system32\DRIVERS\Rtlh86.sys 2011/03/28 16:01:31.0912 1832 RTSTOR (01c64783db1f40e1e3df67dd36199b35) C:\Windows\system32\drivers\RTSTOR.SYS 2011/03/28 16:01:31.0975 1832 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/03/28 16:01:32.0037 1832 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/03/28 16:01:32.0178 1832 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/03/28 16:01:32.0209 1832 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/03/28 16:01:32.0256 1832 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/03/28 16:01:32.0334 1832 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/03/28 16:01:32.0443 1832 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/03/28 16:01:32.0490 1832 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/03/28 16:01:32.0536 1832 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/03/28 16:01:32.0692 1832 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/03/28 16:01:32.0770 1832 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/03/28 16:01:32.0880 1832 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/03/28 16:01:32.0973 1832 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/03/28 16:01:33.0129 1832 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/03/28 16:01:33.0238 1832 sptd (614deea4bdcec3fd5a07bdc705723ad7) C:\Windows\System32\Drivers\sptd.sys 2011/03/28 16:01:33.0238 1832 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 614deea4bdcec3fd5a07bdc705723ad7 2011/03/28 16:01:33.0238 1832 sptd - detected Locked file (1) 2011/03/28 16:01:33.0348 1832 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2011/03/28 16:01:33.0394 1832 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2011/03/28 16:01:33.0488 1832 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2011/03/28 16:01:33.0597 1832 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/03/28 16:01:33.0644 1832 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys 2011/03/28 16:01:33.0831 1832 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/03/28 16:01:33.0956 1832 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/03/28 16:01:34.0003 1832 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/03/28 16:01:34.0034 1832 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/03/28 16:01:34.0112 1832 SynTP (d2aa5d5fdb821eb5f9366c5e3bc2d9ea) C:\Windows\system32\DRIVERS\SynTP.sys 2011/03/28 16:01:34.0252 1832 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/03/28 16:01:34.0393 1832 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/03/28 16:01:34.0502 1832 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/03/28 16:01:34.0549 1832 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/03/28 16:01:34.0596 1832 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/03/28 16:01:34.0705 1832 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/03/28 16:01:34.0767 1832 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/03/28 16:01:34.0861 1832 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/03/28 16:01:34.0970 1832 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/03/28 16:01:35.0032 1832 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/03/28 16:01:35.0079 1832 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/03/28 16:01:35.0204 1832 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/03/28 16:01:35.0298 1832 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/03/28 16:01:35.0360 1832 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/03/28 16:01:35.0500 1832 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/03/28 16:01:35.0547 1832 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/03/28 16:01:35.0594 1832 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/03/28 16:01:35.0641 1832 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/03/28 16:01:35.0766 1832 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/03/28 16:01:35.0812 1832 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/03/28 16:01:35.0859 1832 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/03/28 16:01:35.0953 1832 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/03/28 16:01:36.0000 1832 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/03/28 16:01:36.0062 1832 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/03/28 16:01:36.0109 1832 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/03/28 16:01:36.0218 1832 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/03/28 16:01:36.0265 1832 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/03/28 16:01:36.0296 1832 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/03/28 16:01:36.0343 1832 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/03/28 16:01:36.0390 1832 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/03/28 16:01:36.0499 1832 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/03/28 16:01:36.0514 1832 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/03/28 16:01:36.0592 1832 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/03/28 16:01:36.0624 1832 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/03/28 16:01:36.0686 1832 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/03/28 16:01:36.0811 1832 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/03/28 16:01:36.0858 1832 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/03/28 16:01:36.0889 1832 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/03/28 16:01:36.0936 1832 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/03/28 16:01:36.0982 1832 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/03/28 16:01:37.0216 1832 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/03/28 16:01:37.0357 1832 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/03/28 16:01:37.0450 1832 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/03/28 16:01:37.0544 1832 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/03/28 16:01:37.0684 1832 ================================================================================ 2011/03/28 16:01:37.0684 1832 Scan finished 2011/03/28 16:01:37.0684 1832 ================================================================================ 2011/03/28 16:01:37.0684 1596 Detected object count: 1 2011/03/28 16:01:50.0008 1596 Locked file(sptd) - User select action: Skip 2011/03/28 16:02:00.0928 1996 Deinitialize success
  7. grenadedopium
    Bonjour , par suite de rapport ZHPDiag il a été constaté une infection , je vous envoie le dialogue suivi avec tonton qui a constaté l'infection : http://forum.zebulon.fr/rapport-zhpdiag-t184073.html [Résolu]
  8. grenadedopium

    rapport ZHPDiag

    grenadedopium a répondu à un(e) sujet de grenadedopium dans Windows Vista

    Salut , je viens de renvoyer un ZHPDiag (après l'avoir supprimé et l'avoir réinstallé)voici le rapport , je constate que deux lignes que j'avais nettoyé sont revenues , cela fait deux fois de suite (donc en tout je les ai déjà nettoyé trois fois) : ---\\ Scan Additionnel (O88) Database Version : 2539 - (26/03/2011) [HKCR\.bk1] =>Adware.VirtualGirl [HKCR\.bk2] =>Adware.VirtualGirl Le rapport complet : Rapport de ZHPDiag v1.27.1842 par Nicolas Coolman, Update du 26/03/2011 Run by chris at 27/03/2011 17:30:47 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8080.16413 (Defaut) MFIE: Mozilla Firefox 4.0 v4.0 GCIE: Google Chrome v10.0.648.204 ---\\ System Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1976 MB (58% free) System Restore: Activé (Enable) System drive C: has 34 GB (24%) free of 136 GB ---\\ Logged in mode Computer Name: PC-DE-CHRIS User Name: chris All Users Names: chris, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Users\chris\AppData\Roaming %LocalAppData%=C:\Users\chris\AppData\Local %StartMenu%=C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 34 Go of 136 Go) D:\ CD-ROM drive (Not Inserted) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.111CB0C322A2387E16ED1B013533598D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/03/2011 02:48:05.) -- C:\Windows\System32\wininet.dll [1125376] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880] ---\\ Processus lancés [MD5.8C6BC84B3513BE42EC204FEE5FB29446] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512] [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.62B33087950E8A6A9DC180F25E7781B5] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6265376] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [MD5.5704BCBC4541A349448EDC6018096B40] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe [602864] [MD5.74CE4D042D4224C0D508536F6C68750B] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112] [MD5.0E6A738CEAA8FC532ED1911FBFBB44BA] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\systray\systrayapp.exe [135168] [MD5.E1A5B90C225FDA2748E3D2A0B0DC953A] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe [712704] [MD5.7AA3ED493EDA7B983D5CC19FFB09F2D3] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe [364544] [MD5.6DBD5667129BC95009BF9318BFC74FB8] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe [28672] [MD5.B7CC2474D4CBC38467A178224605BC3A] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe [65536] [MD5.453B783EAEC289407002AE37752D229D] - (.Google Inc. - Google Chrome.) -- C:\Users\chris\AppData\Local\Google\Chrome\Application\chrome.exe [1004088] [MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [MD5.2120390C05B928261DB0C4387E801088] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642048] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [chris] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [chris] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [chris] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\chris\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.3.25 (Activé) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R0 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8080.16413 (WIN7_IE9_RC.110204-2115)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\chris\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.) -- C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe O4 - Global Startup: C:\Users\chris\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files\Image-Line\FL Studio 8\FL.exe O4 - Global Startup: C:\Users\chris\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\chris\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\chris\Desktop\I-Doser.lnk . (.I-Doser.com.) -- C:\Program Files\IDoser v4\IDoser.exe O4 - Global Startup: C:\Users\chris\Desktop\Malwarebytes' Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - Global Startup: C:\Users\chris\Desktop\Media Player Classic - Home Cinema.lnk . (.MPC-HC Team.) -- C:\Program Files\Media Player Classic - Home Cinema\mpc-hc.exe O4 - Global Startup: C:\Users\chris\Desktop\Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\MOVIEMK.exe O4 - Global Startup: C:\Users\chris\Desktop\Sound Recorder.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SoundRecorder.exe O4 - Global Startup: C:\Users\chris\Desktop\Windows Defender - Raccourci.lnk - Clé orpheline O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SnippingTool.exe O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] http.mappy.com O15 - Trusted Zone: [HKCU\...\Domains\www] http.mappy.com O15 - Trusted Zone: [HKCU\...\Domains] http.orange.fr O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{ED79942A-6177-458E-8002-BA82A8257CC9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{EFCD3F43-C9BF-4092-A759-93EFA21D0E31}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CS1\Services\Tcpip\..\{ED79942A-6177-458E-8002-BA82A8257CC9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{EFCD3F43-C9BF-4092-A759-93EFA21D0E31}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CS2\Services\Tcpip\..\{ED79942A-6177-458E-8002-BA82A8257CC9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{EFCD3F43-C9BF-4092-A759-93EFA21D0E31}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe O23 - Service: C:\Windows\System32\SessEnv.dll (SetupARService) . (.Realtek Semiconductor. - SetupAfterRebootService.) - C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000UA.job [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000Core] (.Google Inc..) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000UA] (.Google Inc..) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [{159967BB-BC1C-404B-B28D-5D6A6B8DE4A1}] (.Pas de propriétaire.) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.) [MD5.00000000000000000000000000000000] [APT] [{53A5F318-D9F7-4C66-B831-19B23FFC4C28}] (.Pas de propriétaire.) -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl" -c Adobe Gamma (.not file.) [MD5.00000000000000000000000000000000] [APT] [{6511FBEE-8ECE-4822-B8EA-F45297EF1136}] (.Pas de propriétaire.) -- C:\Windows\system32\DivXControlPanelApplet.cpl (.not file.) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: Adobe Photoshop Elements 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop Elements 6 O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001} O42 - Logiciel: Audacity 1.3.10 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1 O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CANON iMAGE GATEWAY Task O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Camera Assistant Software Lite - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {23E0B6EB-43AD-4DDE-9692-3838C08FF24B} O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- Canon Internet Library for ZoomBrowser EX O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- MovieEditTask O42 - Logiciel: Canon Utilities CameraWindow - (.Canon Inc..) [HKLM] -- CameraWindowLauncher O42 - Logiciel: Canon Utilities CameraWindow DC - (.Canon Inc..) [HKLM] -- CameraWindowDC O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CameraWindowDVC6 O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..) [HKLM] -- MyCamera O42 - Logiciel: Canon Utilities MyCamera DC - (.Canon Inc..) [HKLM] -- MyCameraDC O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM] -- PhotoStitch O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- RemoteCaptureTask O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM] -- ZoomBrowser EX O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM] -- ZoomBrowser EX Memory Card Utility O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O42 - Logiciel: EasyBits Magic Desktop - (.Pas de propriétaire.) [HKLM] -- EasyBits Magic Desktop O42 - Logiciel: FFmpeg for Audacity on Windows - (.Pas de propriétaire.) [HKLM] -- FFmpeg for Audacity on Windows_is1 O42 - Logiciel: FL Studio 8 - (.Image-Line bvba.) [HKLM] -- FL Studio 8 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: I-Doser v4 - (.Pas de propriétaire.) [HKCU] -- I-Doser v4 O42 - Logiciel: IL Download Manager - (.Image-Line bvba.) [HKLM] -- IL Download Manager O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Internet 3G+ Bouygues Telecom - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet 3G+ Bouygues Telecom O42 - Logiciel: Java 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Media Player Classic - Home Cinema v1.5.0.2827 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 O42 - Logiciel: MetaBoli - (.Pas de propriétaire.) [HKLM] -- {709817E4-5439-4206-8738-796B34B623BD} O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262} O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673} O42 - Logiciel: Microsoft Works 9.0 SE - (.Pas de propriétaire.) [HKLM] -- Works9SE O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 fr) O42 - Logiciel: Myst Masterpiece Edition - (.Pas de propriétaire.) [HKLM] -- Myst Masterpiece Edition O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {3559CDE0-11FC-4D7B-A65C-D646035B1036} O42 - Logiciel: Orange - Logiciels Internet - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- {F4EA67C9-6748-4C1E-9AFF-04149AC75D95} O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- {CA786CFF-1D31-4804-B436-F3405B14357F} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Setup My PC - (.Pas de propriétaire.) [HKLM] -- {28518520-F25C-48C3-A224-861F331602F4} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Toxic Biohazard - (.Image-Line bvba.) [HKLM] -- Toxic Biohazard O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Vista Codec Package - (.Shark007.) [HKLM] -- {F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} O42 - Logiciel: Wise Registry Cleaner 5.9.4 - (.ZhiQing Soft, Inc..) [HKLM] -- Wise Registry Cleaner_is1 O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AC3filter] [HKCU\Software\Ahead] [HKCU\Software\Antanda] [HKCU\Software\AppDataLow\Aurigma] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Audacity] [HKCU\Software\Avanquest] [HKCU\Software\Avira] [HKCU\Software\Binary Noise] [HKCU\Software\Borland] [HKCU\Software\Canon] [HKCU\Software\Canon_Inc_IC] [HKCU\Software\Chicony] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreVorbis] [HKCU\Software\DT Soft] [HKCU\Software\DivXNetworks] [HKCU\Software\EasyBits] [HKCU\Software\FRANCE TELECOM] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\Image-Line] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Orange] [HKCU\Software\Packard Bell] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\S3R521] [HKCU\Software\SecuROM] [HKCU\Software\Smart Projects] [HKCU\Software\SoftVoice] [HKCU\Software\Softonic] [HKCU\Software\Stdin2] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TCP Optimizer] [HKCU\Software\Trolltech] [HKCU\Software\WinRAR SFX] [HKCU\Software\Windows Live Writer] [HKCU\Software\adobe] [HKCU\Software\e-merge] [HKCU\Software\emerge] [HKCU\Software\madFlac] [HKCU\Software\winace] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\AppDataLow] [HKLM\Software\Avira] [HKLM\Software\Canon] [HKLM\Software\Canon_Inc_IC] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DT Soft] [HKLM\Software\Digital River] [HKLM\Software\EasyBits] [HKLM\Software\FFmpeg for Audacity] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Huawei technologies] [HKLM\Software\Image-Line] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Mozilla] [HKLM\Software\MusicNet] [HKLM\Software\NeroDigital] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\OemSetup] [HKLM\Software\OrangePlayerTemp] [HKLM\Software\Outsim] [HKLM\Software\PACKARD BELL] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Propellerhead Software] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek USB 2.0 Card Reader] [HKLM\Software\Realtek] [HKLM\Software\Red Orb] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\Uniblue] [HKLM\Software\VST] [HKLM\Software\WOW6432Node] [HKLM\Software\Waves Audio] [HKLM\Software\WiseCleaner] [HKLM\Software\X-AVCSD] [HKLM\Software\Xerox] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 18/01/2011 - 04:56:34 - [3511045] ----D- C:\Program Files\7-Zip O43 - CFD: 13/03/2011 - 17:28:58 - [502455169] ----D- C:\Program Files\Adobe O43 - CFD: 22/12/2009 - 18:20:22 - [33887555] ----D- C:\Program Files\Audacity 1.3 Beta (Unicode) O43 - CFD: 25/03/2011 - 02:48:38 - [112556262] ----D- C:\Program Files\Avira O43 - CFD: 15/03/2010 - 20:34:24 - [1526697] ----D- C:\Program Files\Camera Assistant Software Lite O43 - CFD: 15/09/2010 - 23:14:08 - [190796662] ----D- C:\Program Files\Canon O43 - CFD: 02/03/2011 - 23:33:34 - [3653664] ----D- C:\Program Files\CCleaner O43 - CFD: 21/03/2011 - 20:03:22 - [1215224325] ----D- C:\Program Files\Common Files O43 - CFD: 27/03/2011 - 03:20:32 - [17040104] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 18/01/2011 - 04:32:16 - [4507970] ----D- C:\Program Files\DOSBox-0.74 O43 - CFD: 19/11/2009 - 01:11:56 - [86314120] ----D- C:\Program Files\EasyBits For Kids O43 - CFD: 12/02/2010 - 00:39:24 - [20448221] ----D- C:\Program Files\FFmpeg for Audacity O43 - CFD: 17/10/2009 - 22:40:32 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 25/03/2011 - 03:24:16 - [2908240] ----D- C:\Program Files\Google O43 - CFD: 08/01/2009 - 14:38:30 - [4710899] ----D- C:\Program Files\HDReg O43 - CFD: 27/09/2010 - 18:22:26 - [7161126] ----D- C:\Program Files\IDoser v4 O43 - CFD: 29/12/2009 - 19:54:12 - [271949659] ----D- C:\Program Files\Image-Line O43 - CFD: 26/03/2011 - 22:50:40 - [41972251] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 08/01/2009 - 14:07:12 - [96760] ----D- C:\Program Files\Intel O43 - CFD: 19/10/2009 - 22:35:54 - [24888323] ----D- C:\Program Files\Internet 3G+ Bouygues Telecom O43 - CFD: 08/03/2011 - 03:50:42 - [6116020] ----D- C:\Program Files\Internet Explorer O43 - CFD: 21/02/2011 - 23:03:08 - [88363038] ----D- C:\Program Files\Java O43 - CFD: 19/10/2009 - 10:59:54 - [4272] ----D- C:\Program Files\Kit Internet Mobile Bouygues Telecom O43 - CFD: 22/02/2011 - 21:37:52 - [4968439] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 27/03/2011 - 04:45:44 - [31835553] ----D- C:\Program Files\Media Player Classic - Home Cinema O43 - CFD: 21/10/2010 - 13:56:16 - [526291] ----D- C:\Program Files\Microsoft O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games O43 - CFD: 08/01/2009 - 14:23:08 - [369967689] ----D- C:\Program Files\Microsoft Office O43 - CFD: 08/01/2009 - 14:21:18 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant O43 - CFD: 16/12/2010 - 22:05:12 - [146453974] ----D- C:\Program Files\Microsoft Works O43 - CFD: 26/06/2010 - 01:50:56 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 12/08/2010 - 23:45:28 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 24/03/2011 - 03:05:18 - [32966208] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 08/01/2009 - 13:54:00 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 29/07/2009 - 21:42:42 - [360210626] ----D- C:\Program Files\Nero O43 - CFD: 15/11/2010 - 16:51:50 - [388492020] ----D- C:\Program Files\OrangeHSS O43 - CFD: 27/12/2009 - 21:59:20 - [3551543] ----D- C:\Program Files\Outsim O43 - CFD: 27/03/2011 - 01:40:52 - [1332570091] ----D- C:\Program Files\PACKARD BELL O43 - CFD: 27/03/2011 - 01:55:32 - [315665774] ----D- C:\Program Files\Realtek O43 - CFD: 12/02/2011 - 22:36:14 - [1007807] ----D- C:\Program Files\Red Orb O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 26/11/2009 - 01:16:20 - [50980] ----D- C:\Program Files\Registry Mechanic O43 - CFD: 11/02/2010 - 13:03:34 - [60435509] ----D- C:\Program Files\Securitoo O43 - CFD: 08/01/2009 - 14:14:58 - [13835389] ----D- C:\Program Files\Synaptics O43 - CFD: 25/03/2011 - 19:15:46 - [0] --H-D- C:\Program Files\Temp O43 - CFD: 24/03/2011 - 15:58:42 - [388608] ----D- C:\Program Files\trend micro O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 27/03/2011 - 04:40:54 - [53404602] ----D- C:\Program Files\VistaCodecPack O43 - CFD: 27/12/2009 - 22:01:26 - [1536000] ----D- C:\Program Files\VstPlugins O43 - CFD: 01/12/2009 - 04:37:18 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 01/12/2009 - 04:37:18 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 01/12/2009 - 04:37:14 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 01/12/2009 - 04:37:18 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 09/02/2011 - 23:56:48 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 13/10/2010 - 20:01:22 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 17/10/2009 - 22:40:32 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 01/12/2009 - 04:37:16 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 04/12/2009 - 03:43:24 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 01/12/2009 - 04:37:18 - [7614028] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 24/03/2011 - 23:07:32 - [3900473] ----D- C:\Program Files\Wise Registry Cleaner O43 - CFD: 27/03/2011 - 17:30:54 - [3613857] ----D- C:\Program Files\ZHPDiag O43 - CFD: 13/03/2011 - 16:46:16 - [141916401] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 15/09/2010 - 23:07:18 - [1162529] ----D- C:\Program Files\Common Files\Canon O43 - CFD: 08/01/2009 - 14:19:02 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 12/11/2010 - 19:30:16 - [7902934] ----D- C:\Program Files\Common Files\France Telecom O43 - CFD: 08/01/2009 - 14:11:58 - [2028645] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 21/02/2011 - 23:03:50 - [1247175] ----D- C:\Program Files\Common Files\Java O43 - CFD: 08/01/2009 - 14:27:36 - [655185] ----D- C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 10/03/2011 - 00:54:52 - [431783350] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 29/07/2009 - 21:43:46 - [137801226] ----D- C:\Program Files\Common Files\Nero O43 - CFD: 25/11/2009 - 21:18:40 - [402108219] ----D- C:\Program Files\Common Files\PC Tools O43 - CFD: 27/11/2009 - 16:44:18 - [4673856] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 21/02/2011 - 19:14:00 - [0] ----D- C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 01/12/2009 - 04:37:16 - [42750094] ----D- C:\Program Files\Common Files\System O43 - CFD: 15/03/2011 - 02:09:58 - [673458307] ----D- C:\ProgramData\Adobe O43 - CFD: 25/11/2009 - 15:07:34 - [11535872] ----D- C:\ProgramData\Apple O43 - CFD: 11/03/2011 - 03:37:22 - [217] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 25/03/2011 - 02:48:38 - [322781] ----D- C:\ProgramData\Avira O43 - CFD: 17/10/2009 - 22:40:32 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 27/03/2011 - 03:19:50 - [1348] ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 17/10/2009 - 22:40:32 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 18/10/2009 - 00:09:36 - [7722] ----D- C:\ProgramData\FLEXnet O43 - CFD: 11/03/2011 - 03:44:00 - [994528] ----D- C:\ProgramData\Google O43 - CFD: 26/02/2010 - 14:02:44 - [14200582] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 17/10/2009 - 22:40:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 10/03/2011 - 00:52:48 - [159499474] -S--D- C:\ProgramData\Microsoft O43 - CFD: 13/03/2011 - 16:57:30 - [57040] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 17/10/2009 - 22:40:32 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 29/07/2009 - 21:42:42 - [8860740] ----D- C:\ProgramData\Nero O43 - CFD: 22/12/2009 - 17:21:06 - [4048778] ----D- C:\ProgramData\Propellerhead Software O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 30/03/2010 - 19:48:02 - [294] ----D- C:\ProgramData\Sun O43 - CFD: 18/10/2009 - 00:07:54 - [64] ----D- C:\ProgramData\Symantec O43 - CFD: 26/11/2009 - 01:16:24 - [0] ---AD- C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 27/03/2011 - 04:41:48 - [26653022] ----D- C:\ProgramData\VistaCodecs O43 - CFD: 19/10/2009 - 22:11:00 - [3802] ----D- C:\ProgramData\Xerox O43 - CFD: 15/09/2010 - 23:10:54 - [0] ----D- C:\ProgramData\ZoomBrowser O43 - CFD: 15/03/2011 - 02:33:16 - [1362745] ----D- C:\Users\chris\AppData\Roaming\Adobe O43 - CFD: 12/02/2010 - 01:34:22 - [22767] ----D- C:\Users\chris\AppData\Roaming\Audacity O43 - CFD: 26/03/2011 - 23:20:12 - [0] ----D- C:\Users\chris\AppData\Roaming\Avira O43 - CFD: 11/12/2009 - 03:53:24 - [14323] ----D- C:\Users\chris\AppData\Roaming\Blender Foundation O43 - CFD: 27/03/2011 - 03:29:52 - [0] ----D- C:\Users\chris\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 19/05/2010 - 15:34:24 - [492] ----D- C:\Users\chris\AppData\Roaming\dvdcss O43 - CFD: 18/10/2009 - 00:49:30 - [0] ----D- C:\Users\chris\AppData\Roaming\Google O43 - CFD: 17/10/2009 - 22:47:00 - [0] ----D- C:\Users\chris\AppData\Roaming\Identities O43 - CFD: 26/03/2011 - 20:12:36 - [0] ----D- C:\Users\chris\AppData\Roaming\InstallShield O43 - CFD: 18/10/2009 - 10:06:12 - [2299] ----D- C:\Users\chris\AppData\Roaming\Macromedia O43 - CFD: 26/02/2010 - 14:02:52 - [0] ----D- C:\Users\chris\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\chris\AppData\Roaming\Media Center Programs O43 - CFD: 11/02/2010 - 15:08:04 - [205916] ----D- C:\Users\chris\AppData\Roaming\Media Player O43 - CFD: 24/03/2011 - 03:36:06 - [107] ----D- C:\Users\chris\AppData\Roaming\Media Player Classic O43 - CFD: 20/03/2011 - 00:30:30 - [1693852] -S--D- C:\Users\chris\AppData\Roaming\Microsoft O43 - CFD: 26/11/2009 - 11:33:00 - [13331712] ----D- C:\Users\chris\AppData\Roaming\Mozilla O43 - CFD: 18/10/2009 - 12:23:12 - [135583] ----D- C:\Users\chris\AppData\Roaming\Nero O43 - CFD: 18/10/2009 - 00:41:04 - [37] ----D- C:\Users\chris\AppData\Roaming\Packard Bell O43 - CFD: 22/12/2009 - 17:20:50 - [4376] ----D- C:\Users\chris\AppData\Roaming\Propellerhead Software O43 - CFD: 21/02/2011 - 20:54:48 - [87598] ----D- C:\Users\chris\AppData\Roaming\QuickScan O43 - CFD: 16/01/2011 - 20:43:16 - [0] ----D- C:\Users\chris\AppData\Roaming\ScummVM O43 - CFD: 10/02/2011 - 01:41:52 - [3092] R-H-D- C:\Users\chris\AppData\Roaming\SecuROM O43 - CFD: 19/11/2009 - 00:41:50 - [13824] ----D- C:\Users\chris\AppData\Roaming\Template O43 - CFD: 11/01/2011 - 00:58:24 - [697213] ----D- C:\Users\chris\AppData\Roaming\Uniblue O43 - CFD: 27/03/2011 - 04:40:52 - [943] ----D- C:\Users\chris\AppData\Roaming\VistaCodecs O43 - CFD: 18/10/2009 - 11:13:32 - [0] ----D- C:\Users\chris\AppData\Roaming\Windows Live Writer O43 - CFD: 16/09/2010 - 00:21:40 - [0] ----D- C:\Users\chris\AppData\Roaming\ZoomBrowser EX ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.B4BED5191723D95AE740614A04B6E2C8] - 27/03/2011 - 16:27:59 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1483970] O44 - LFC:[MD5.256FCEF85B87BD7E60837FF3EF19B12E] - 27/03/2011 - 16:27:59 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103194] O44 - LFC:[MD5.51837908047E86797FBEF6288F1E965A] - 27/03/2011 - 16:27:59 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [125636] O44 - LFC:[MD5.3A6F66B607EA2B20043B204D9815BB3C] - 27/03/2011 - 16:27:59 ---A- . (...) -- C:\Windows\System32\perfh009.dat [591320] O44 - LFC:[MD5.E19EC1C4C320857251193E9F9890AC32] - 27/03/2011 - 16:27:59 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [673938] O44 - LFC:[MD5.18EF12005489397700FCFD7FECEF1200] - 27/03/2011 - 16:26:39 ---A- . (...) -- C:\Windows\WindowsUpdate.log [27945] O44 - LFC:[MD5.18EF12005489397700FCFD7FECEF1200] - 27/03/2011 - 16:23:05 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0] O44 - LFC:[MD5.02AF5F7C09C051BA09A7D79A05D5E850] - 27/03/2011 - 16:22:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 27/03/2011 - 04:25:21 ---A- . (...) -- C:\Windows\NeroDigital.ini [69] O44 - LFC:[MD5.4109EC23281CE3252BEE074AB55E3048] - 27/03/2011 - 04:07:09 ---A- . (...) -- C:\Windows\PFRO.log [328] O44 - LFC:[MD5.950F61ED7C6DBFAD41059F754AF35469] - 27/03/2011 - 04:02:41 ---A- . (.Realtek Semiconductor Corp. - Hide Windows.) -- C:\Windows\HideWin.exe [319488] O44 - LFC:[MD5.0640026E67033DDD7B841F8A84980147] - 27/03/2011 - 04:01:56 ---A- . (.Waves Audio Ltd. - General Library for Plug-Ins.) -- C:\Windows\System32\WavesLib.dll [1777664] O44 - LFC:[MD5.E067361E60FCAE24790B88135895F3C8] - 27/03/2011 - 04:01:55 ---A- . (.SRS Labs, Inc. - WOW HD COM object for Windows.) -- C:\Windows\System32\SRSWOW.dll [135168] O44 - LFC:[MD5.E6652ABA3FB568DFA8D5884350291F77] - 27/03/2011 - 04:01:54 ---A- . (.Realtek Semiconductor Corp. - Driver Update and remove for Windows x64 or.) -- C:\Windows\RtlUpd.exe [1202720] O44 - LFC:[MD5.95C7002D4AE0520FE9A7F20C79643488] - 27/03/2011 - 04:01:54 ---A- . (.Realtek Semiconductor Corp. - Realtek APO API.) -- C:\Windows\System32\RtkApoApi.dll [285216] O44 - LFC:[MD5.0D5D16F0E08CF8D8A60A57A93BF57C63] - 27/03/2011 - 04:01:54 ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Coinstaller.) -- C:\Windows\System32\RtkCoInst.dll [40992] O44 - LFC:[MD5.49E7DAF070C4BA5B6F3A2221804F9334] - 27/03/2011 - 04:01:54 ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\System32\RTSndMgr.cpl [547360] O44 - LFC:[MD5.3CBD93374ED2CE9DFD6B11DB2A95A4FA] - 27/03/2011 - 04:01:54 ---A- . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\SkyTel.exe [1833504] O44 - LFC:[MD5.9B89F2E3D705651DEC1F01033B9D6B24] - 27/03/2011 - 04:01:54 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2161496] O44 - LFC:[MD5.D175A215DF2ECC0D3B3AFBDFFEAE4087] - 27/03/2011 - 04:01:54 ---A- . (.SRS Labs, Inc. - COM object implementing SRS Headphone 360.) -- C:\Windows\System32\SRSHP360.dll [167936] O44 - LFC:[MD5.BA21C4B843B4B1DD787A660E17589F4D] - 27/03/2011 - 04:01:54 ---A- . (.SRS Labs, Inc. - TruSurround HD and HD4 COM object for Windo.) -- C:\Windows\System32\SRSTSHD.dll [185776] O44 - LFC:[MD5.E5639080A7FFA5F03642F4D4CDB1E9CE] - 27/03/2011 - 04:01:54 ---A- . (.SRS Labs, Inc. - TruSurroundXT Module.) -- C:\Windows\System32\SRSTSXT.dll [339968] O44 - LFC:[MD5.62B33087950E8A6A9DC180F25E7781B5] - 27/03/2011 - 04:01:53 ---A- . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6265376] O44 - LFC:[MD5.7458B8F9AC005CA29BCD6C133B2E4DF4] - 27/03/2011 - 04:01:53 ---A- . (.Waves Audio Ltd. - Pas de description.) -- C:\Windows\System32\MaxxAudioEQ.dll [1933312] O44 - LFC:[MD5.26AE7FE6953D584D349A91A72849A771] - 27/03/2011 - 04:01:52 ---A- . (.Waves Audio Ltd. - MaxxAudio APO.) -- C:\Windows\System32\MaxxAudioAPO.dll [126976] O44 - LFC:[MD5.7CF199602D9CD57F308BC1553E0BBBA6] - 27/03/2011 - 04:01:52 ---A- . (.Waves Audio Ltd. - MaxxAudio APO.) -- C:\Windows\System32\MaxxAudioAPO20.dll [159744] O44 - LFC:[MD5.EE2978E5668B3FE3F78896035FA70F70] - 27/03/2011 - 04:01:52 ---A- . (.Windows ® Codename Longhorn DDK provider - Fortemedia SAMSoft sAPO.) -- C:\Windows\System32\FMAPO.dll [143360] O44 - LFC:[MD5.6A714E92C31CC703F292299C6E5BF1EB] - 27/03/2011 - 04:01:51 ---A- . (...) -- C:\Windows\USetup.iss [553] O44 - LFC:[MD5.897A0B638624D6F30B3CEDE680084F57] - 26/03/2011 - 22:57:53 ---A- . (...) -- C:\Windows\System32\Ikeext.etl [131072] O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 25/03/2011 - 01:48:43 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 25/03/2011 - 01:48:41 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [135096] O44 - LFC:[MD5.47B879406246FFDCED59E18D331A0E7D] - 25/03/2011 - 01:48:41 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [61960] O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 21/03/2011 - 19:10:25 ---A- . (...) -- C:\Windows\system.ini [215] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 21/03/2011 - 18:55:22 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\Windows\SWXCACLS.exe [212480] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 21/03/2011 - 12:21:40 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [31232] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 21/03/2011 - 12:21:40 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 21/03/2011 - 12:21:40 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [136704] O44 - LFC:[MD5.7FD1956E221C3750E0532A48E8EDD305] - 19/03/2011 - 01:32:50 ---A- . (.Pas de propriétaire - About Page.) -- C:\Windows\System32\RtNicProp32.dll [80416] O44 - LFC:[MD5.FA43357FA184DAB79EDC6C0316603588] - 19/03/2011 - 01:32:50 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\drivers\Rtlh86.sys [309352] O44 - LFC:[MD5.247B0A8164069CD4FE6F3094C581B13B] - 19/03/2011 - 01:19:09 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [197224] O44 - LFC:[MD5.385051031AAF36C31AE533ABAF5676AC] - 19/03/2011 - 01:19:07 ---A- . (.Realtek Semiconductor Corp. - Realtek Card Reader Icon Dll.) -- C:\Windows\System32\RtsUStoricon.dll [9888360] O44 - LFC:[MD5.A02522AE191D19AC4D6DEE2DE8B7AB46] - 19/03/2011 - 01:19:07 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Card Reader DLL.) -- C:\Windows\System32\RtsUStor.dll [313960] O44 - LFC:[MD5.87D3733D84EC014303C109BE8D618015] - 13/03/2011 - 19:34:41 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [310696] O44 - LFC:[MD5.F899139DF5E1059396431415E770C6DD] - 09/03/2011 - 22:59:40 ---A- . (...) -- C:\Windows\sbacknt.bin [3] O44 - LFC:[MD5.F899139DF5E1059396431415E770C6DD] - 09/03/2011 - 22:59:40 ---A- . (...) -- C:\Windows\treeskp.sys [3] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 08/03/2011 - 02:48:14 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 08/03/2011 - 02:48:14 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 08/03/2011 - 02:48:04 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.D47F94D719E80663EDBF933F1CCEAF2A] - 28/02/2011 - 08:09:40 ---A- . (.Windows XP Bundled build C-Centric Single U - CSVer.) -- C:\Windows\System32\CSVer.dll [53248] O44 - LFC:[MD5.C82B2FE6A7AD83FB3328780EFADED6EB] - 27/02/2011 - 03:17:52 ---A- . (...) -- C:\Windows\System32\QuickTime.qtp [34763] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 15:58:12 ---A- . (...) -- C:\Windows\PEV.exe [256512] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\Windows\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\Windows\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\Windows\zip.exe [68096] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\Windows\system32\EZUPBH~1.DLL ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm O52 - TDSD: \Drivers32\"vidc.x264"="x264vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\x264vfw.dll O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"msacm.ac3filter"="ac3filter.acm" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ac3filter.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"ac3filter.acm"="AC3Filter ACM codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ac3filter.acm ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe O53 - SMSR:HKLM\...\startupreg\SmpcSys [Key] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableStatusMessages"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 04/02/2011 - 12:09:08 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 04/02/2011 - 12:09:08 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [135096] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.C1258ADCBE6E51A3C06C234D2BDB81B5] - 09/08/2007 - 03:06:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\system32\drivers\ewdcsc.sys [23424] O58 - SDL:[MD5.1D4D6D24256F61E6B08A3CF8184A78B8] - 30/12/2008 - 10:57:52 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys [103040] O58 - SDL:[MD5.92CA47DA32009CCC00A5ADED04ABBD78] - 13/12/2008 - 10:27:50 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [102784] O58 - SDL:[MD5.0F40E249E4DD0CE47C7CA19C5C8FB48A] - 17/02/2009 - 19:38:12 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\system32\drivers\ewusbnet.sys [112128] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.0627FC0C422CD6E0F23E1B0D1D9F0899] - 11/07/2008 - 03:20:10 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [2381312] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 16/07/2008 - 12:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392] O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 16/07/2008 - 12:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.62C212678CA063DA233ED4B0B6FC9162] - 14/04/2008 - 08:36:42 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\system32\drivers\mod7700.sys [621056] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.EBBD48D3F4361773B812CA67A9CFC69B] - 29/07/2008 - 04:48:56 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr28.sys [418816] O58 - SDL:[MD5.E559EA9138C77B5D1FDA8C558764A25F] - 28/04/2008 - 23:29:26 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys [3658752] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.9F2F541C52CD7A452E235E885F7D95DE] - 03/04/2007 - 10:43:28 ---A- . (.Philips Semiconductors GmbH - Ph3xIBxx.) -- C:\Windows\system32\drivers\Ph3xIB32.sys [1131136] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.9B89F2E3D705651DEC1F01033B9D6B24] - 27/03/2011 - 04:01:54 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2161496] O58 - SDL:[MD5.FA43357FA184DAB79EDC6C0316603588] - 30/12/2010 - 15:01:08 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [309352] O58 - SDL:[MD5.01C64783DB1F40E1E3DF67DD36199B35] - 20/02/2008 - 21:01:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [60416] O58 - SDL:[MD5.247B0A8164069CD4FE6F3094C581B13B] - 29/10/2010 - 16:11:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [197224] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.18EF12005489397700FCFD7FECEF1200] - 27/03/2011 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [431672] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/06/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.D2AA5D5FDB821EB5F9366C5E3BC2D9EA] - 08/06/2007 - 03:53:56 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [187448] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\system32\Alg.exe (ALG) .(.Microsoft Corporation - Service de la passerelle de la couche Appli.) - LEGACY_ALG O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\system32\browser.dll (Browser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BROWSER O64 - Services: CurCS - C:\Users\chris\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - Microsoft .NET Framework NGEN v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V O64 - Services: CurCS - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK O64 - Services: CurCS - C:\Windows\system32\cryptsvc.dll (CryptSvc) .(.Microsoft Corporation - Services de chiffrement.) - LEGACY_CRYPTSVC O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\System32\dnsapi.dll (Dnscache) .(.Microsoft Corporation - DNS DLL de l'API Client.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\Windows\system32\dot3svc.dll (dot3svc) .(.Microsoft Corporation - Service de configuration automatique de rés.) - LEGACY_DOT3SVC O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - C:\Windows\System32\drivers\ecache.sys - ReadyBoost Caching Driver (Ecache) .(.Microsoft Corporation - Special Memory Device Cache.) - LEGACY_ECACHE O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL O64 - Services: CurCS - C:\Windows\system32\emdmgmt.dll (EMDMgmt) .(.Microsoft Corporation - Service ReadyBoost.) - LEGACY_EMDMGMT O64 - Services: CurCS - (.not file.) - EraserUtilDrv10822 (EraserUtilDrv10822) .(...) - LEGACY_ERASERUTILDRV10822 O64 - Services: CurCS - (.not file.) - EraserUtilDrvI9 (EraserUtilDrvI9) .(...) - LEGACY_ERASERUTILDRVI9 O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - C:\Windows\system32\svchost.exe - Easybits Shared Services for Windows (ezSharedSvc) .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_EZSHAREDSVC O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\fdrespub.dll (FDResPub) .(.Microsoft Corporation - Service de publication des ressources de dé.) - LEGACY_FDRESPUB O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\hidserv.dll (hidserv) .(.Microsoft Corporation - Service HID.) - LEGACY_HIDSERV O64 - Services: CurCS - C:\Windows\system32\kmsvc.dll (hkmsvc) .(.Microsoft Corporation - Service Gestion des clés.) - LEGACY_HKMSVC O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - (.not file.) - IDSVix86 (IDSVix86) .(...) - LEGACY_IDSVIX86 O64 - Services: CurCS - C:\Windows\system32\ikeext.dll (IKEEXT) .(.Microsoft Corporation - Extension IKE.) - LEGACY_IKEEXT O64 - Services: CurCS - C:\Windows\system32\drivers\int15.sys - int15 (int15) .(.Acer, Inc. - int15.) - LEGACY_INT15 O64 - Services: CurCS - C:\Windows\system32\iphlpsvc.dll (iphlpsvc) .(.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - LEGACY_IPHLPSVC O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25 O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (LanmanServer) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\lmhsvc.dll (lmhosts) .(.Microsoft Corporation - DLL des services de transport NetBIOS sur T.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\iscsidsc.dll (MSiSCSI) .(.Microsoft Corporation - Api de découverte iSCSI.) - LEGACY_MSISCSI O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\system32\qagentrt.dll (napagent) .(.Microsoft Corporation - Exécution du service Agent de quarantaine.) - LEGACY_NAPAGENT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - Filtre NativeWiFi (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG O64 - Services: CurCS - (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15 O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe - Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) .(.Nero AG - Nero BackItUp.) - LEGACY_NERO_BACKITUP_SCHEDULER_3 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll (NetTcpPortSharing) .(.Microsoft Corporation - Bibliothèque des ressources de l’installate.) - LEGACY_NETTCPPORTSHARING O64 - Services: CurCS - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe - NMIndexingService (NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\p2psvc.dll (p2psvc) .(.Microsoft Corporation - Services pair à pair.) - LEGACY_P2PSVC O64 - Services: CurCS - C:\Windows\System32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50 O64 - Services: CurCS - C:\Windows\System32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50 O64 - Services: CurCS - C:\Windows\system32\pcasvc.dll (PcaSvc) .(.Microsoft Corporation - Service de l’Assistant Compatibilité des pr.) - LEGACY_PCASVC O64 - Services: CurCS - C:\Windows\System32\drivers\pci.sys - Pilote de bus PCI (pci) .(.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) - LEGACY_PCI O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(...) - LEGACY_PROCEXP113 O64 - Services: CurCS - C:\Windows\system32\psbase.dll (ProtectedStorage) .(.Microsoft Corporation - Fournisseur par défaut du stockage protégé.) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\system32\qwave.dll (QWAVE) .(.Microsoft Corporation - Windows.) - LEGACY_QWAVE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\Windows\system32\rasauto.dll (RasAuto) .(.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) - LEGACY_RASAUTO O64 - Services: CurCS - C:\Windows\system32\rasmans.dll (RasMan) .(.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\Windows\system32\samsrv.dll (SamSs) .(.Microsoft Corporation - DLL Serveur SAM.) - LEGACY_SAMSS O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Sens.dll (SENS) .(.Microsoft Corporation - Service de notification d’événements systèm.) - LEGACY_SENS O64 - Services: CurCS - C:\Windows\system32\ipnathlp.dll (SharedAccess) .(.Microsoft Corporation - Composants de l'application d'assistance à.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB O64 - Services: CurCS - C:\Windows\system32\snmptrap.exe (SNMPTRAP) .(.Microsoft Corporation - Interruption SNMP.) - LEGACY_SNMPTRAP O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Application sous-système spouleur.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\ssdpsrv.dll (SSDPSRV) .(.Microsoft Corporation - DLL du service SSDP.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\Windows\system32\wiaservc.dll (stisvc) .(.Microsoft Corporation - Service de périphériques d'images fixes.) - LEGACY_STISVC O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(...) - LEGACY_SYMNDISV O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI O64 - Services: CurCS - C:\Windows\system32\TabSvc.dll (TabletInputService) .(.Microsoft Corporation - Service Microsoft Panneau de saisie Tablet.) - LEGACY_TABLETINPUTSERVICE O64 - Services: CurCS - C:\Windows\system32\tapisrv.dll (TapiSrv) .(.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\system32\tbssvc.dll (TBS) .(.Microsoft Corporation - Service TBS.) - LEGACY_TBS O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\System32\termsrv.dll (TermService) .(.Microsoft Corporation - Gestionnaire des connexions distantes Termi.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\Windows\system32\trkwks.dll (TrkWks) .(.Microsoft Corporation - Client de suivi de lien distribué.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - C:\Windows\system32\upnphost.dll (upnphost) .(.Microsoft Corporation - Hôte de périphérique UPnP.) - LEGACY_UPNPHOST O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\system32\wcncsvc.dll (wcncsvc) .(.Microsoft Corporation - Windows Connect Now - Service de registre d.) - LEGACY_WCNCSVC O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\Windows\system32\webclnt.dll (WebClient) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\Windows\System32\wersvc.dll (WerSvc) .(.Microsoft Corporation - Service de rapport d'erreurs Windows.) - LEGACY_WERSVC O64 - Services: CurCS - C:\Windows\System32\svchost.exe - @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_WINDEFEND O64 - Services: CurCS - C:\Windows\System32\wlansvc.dll (Wlansvc) .(.Microsoft Corporation - DLL du service de configuration automatique.) - LEGACY_WLANSVC O64 - Services: CurCS - C:\Windows\system32\wbem\wmiapsrv.exe (wmiApSrv) .(.Microsoft Corporation - Adaptateur inverse de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL O64 - Services: CurCS - C:\Windows\System32\wscsvc.dll (wscsvc) .(.Microsoft Corporation - Service Centre de sécurité de Windows.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\Windows\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Indexeur Microsoft Windows Search.) - LEGACY_WSEARCH O64 - Services: CurCS - C:\Windows\system32\wudfsvc.dll (wudfsvc) .(.Microsoft Corporation - Windows Driver Foundation - Service d’infra.) - LEGACY_WUDFSVC ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {2EC779A7-634F-4D91-ACE2-771E08908A51} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - Google ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.8F9B5F4F87207BE1CF810DDC95124F92] [sPRF] (.Ask.com - Install Checker.) -- C:\Users\chris\AppData\Local\Temp\installChecker.exe [248664] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "{8FDBDFE5-3312-418E-9688-C61655939FFA}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe O87 - FAEL: "{9BEC27CC-BB2B-4A12-BCBF-1C5648C0EE3E}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe O87 - FAEL: "{2661AEDF-49C1-480F-9BD6-A348E6D1F912}" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{B149A6E9-8E8E-4A46-BD8E-7BA3A39AAEB7}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "{CBC6A8C6-0FF5-4677-8B92-367D36C5EF8A}" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "{98307EDB-A29D-46B0-A0BE-2766947B9A19}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "{3A6A12BB-B7E6-493A-84B5-C7A82F6EA419}" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "{3E95BA31-95D1-46D5-A5CA-ADBDB90037AF}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "{7779E3F0-A69B-456C-8433-6F437275A6B2}" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe ---\\ Scan Additionnel (O88) Database Version : 2539 - (26/03/2011) [HKCR\.bk1] =>Adware.VirtualGirl [HKCR\.bk2] =>Adware.VirtualGirl ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe SR - | Auto 04/02/2011 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 04/02/2011 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 16/07/2008 24576 | (ETService) . (...) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe SS - | Demand 08/01/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Disabled 03/03/2009 65536 | (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe SS - | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 18/02/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SS - | Disabled 28/04/2008 529704 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe SR - | Auto 25/03/2011 24576 | (SetupARService) . (.Realtek Semiconductor..) - C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by chris at 27/03/2011 17:32:46 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x849381E8]<< 1 ntkrnlpa!IofCallDriver[0x81850912] -> \Device\Harddisk0\DR0[0x84AC4030] 3 CLASSPNP[0x8779F8B3] -> ntkrnlpa!IofCallDriver[0x81850912] -> \Device\Ide\IdeDeviceP0T0L0-0[0x83C0BB98] \Driver\atapi[0x83C05F38] -> IRP_MJ_CREATE -> 0x849381E8 kernel: MBR read successfully detected hooks: \Driver\atapi -> 0x849381e8 user & kernel MBR OK Warning: possible MBR rootkit infection ! Use "ZHPFix" command "MBRFix" to clear infection ! ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by chris at 27/03/2011 17:32:48 Use the desktop link 'MBRCheck' to have full report Dump file Name : C:\PhysicalDisk0_MBR.bin ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O58 - SDL:[MD5.18EF12005489397700FCFD7FECEF1200] - 27/03/2011 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [431672] End of the scan (1181 lines in 02mn 00s)(0)
  9. grenadedopium

    rapport ZHPDiag

    grenadedopium a répondu à un(e) sujet de grenadedopium dans Windows Vista

    je l'avais déjà fait il y a pas très longtemps , ça n'avait pas changé la qualité des applications . Où se trouve le rapport chkdsk ?
  10. grenadedopium

    rapport ZHPDiag

    grenadedopium a répondu à un(e) sujet de grenadedopium dans Windows Vista

    ça y est
  11. grenadedopium

    rapport ZHPDiag

    grenadedopium a répondu à un(e) sujet de grenadedopium dans Windows Vista

    Non
  12. grenadedopium

    rapport ZHPDiag

    grenadedopium a répondu à un(e) sujet de grenadedopium dans Windows Vista

    Personne pour m'aider ? Je crois que le problème vient de mes pilotes , je m'explique plus clairement : Quand je regarde un film , tout à coup le processus audiodg.exe fait buguer le système . Je suis allé sur le site officiel du constructeur de ma machine un ordinateur portable easynote Mh36 , j'ai vu la liste des pilotes , cette liste n'a pas l'air de correspondre à mon ordinateur , car je retrouve des pilotes plus anciens que ceux installé sur ma machine et d'autres qui ne peuvent pas être installés . Moi ce que je désirerais , ce serait de garder tout comme c'est . J'ai un pilote realtek pour le son et il offre un large panel d'utilités pour régler les sons . Malheureusement, je ne sais pas ce qui se passe , mais ça ne marche plus très bien . En effet , j'ai pour essayé , désinstallé ce pilote et installé un pilote microsoft de base , ici Realtek , et alors tout se passe correctement lors de la lecture du film .
  13. grenadedopium

    rapport ZHPDiag

    grenadedopium a répondu à un(e) sujet de grenadedopium dans Windows Vista

    Je ne cherche pas une infection mais un disfonctionnemment de mon logiciel pilote du son . car , je ne peux plus regarder un film en entier . ou graphique car je ne peut plus utiliser google earth décemment .
  14. grenadedopium
    Bonjour , je crois que j'ai un problème , vous pourriez analyser mon rapport s'il vous plait ? (j'ai plein des lignes bleues en 064)Merci . Rapport de ZHPDiag v1.27.1832 par Nicolas Coolman, Update du 24/03/2011 Run by chris at 25/03/2011 04:19:04 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v9.0.8080.16413 (Defaut) MFIE: Mozilla Firefox 4.0 v4.0 GCIE: Google Chrome v10.0.648.151 ---\\ System Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1976 MB (46% free) System Restore: Activé (Enable) System drive C: has 35 GB (25%) free of 136 GB ---\\ Logged in mode Computer Name: PC-DE-CHRIS User Name: chris All Users Names: chris, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Users\chris\AppData\Roaming %LocalAppData%=C:\Users\chris\AppData\Local %StartMenu%=C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 35 Go of 136 Go) D:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.111CB0C322A2387E16ED1B013533598D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/03/2011 02:48:05.) -- C:\Windows\System32\wininet.dll [1125376] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880] ---\\ Processus lancés [MD5.8C6BC84B3513BE42EC204FEE5FB29446] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512] [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064] [MD5.62B33087950E8A6A9DC180F25E7781B5] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6265376] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [MD5.5704BCBC4541A349448EDC6018096B40] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe [602864] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [MD5.74CE4D042D4224C0D508536F6C68750B] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112] [MD5.0E6A738CEAA8FC532ED1911FBFBB44BA] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\systray\systrayapp.exe [135168] [MD5.E1A5B90C225FDA2748E3D2A0B0DC953A] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe [712704] [MD5.7AA3ED493EDA7B983D5CC19FFB09F2D3] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe [364544] [MD5.6DBD5667129BC95009BF9318BFC74FB8] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe [28672] [MD5.B7CC2474D4CBC38467A178224605BC3A] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe [65536] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [MD5.264A190486C5B87AFF28E8F173268CBF] - (.Google Inc. - Google Chrome.) -- C:\Users\chris\AppData\Local\Google\Chrome\Application\chrome.exe [1004088] [MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\system32\rundll32.exe [44544] [MD5.3BD9A5E2020F84253C21B554AE8E01AB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [641536] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [chris] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [chris] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [chris] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\chris\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.3.18 (Activé) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8080.16413 (WIN7_IE9_RC.110204-2115)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-1755130069-18621656-2337756405-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\chris\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.) -- C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe O4 - Global Startup: C:\Users\chris\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files\Image-Line\FL Studio 8\FL.exe O4 - Global Startup: C:\Users\chris\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\chris\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\chris\Desktop\I-Doser.lnk . (.I-Doser.com.) -- C:\Program Files\IDoser v4\IDoser.exe O4 - Global Startup: C:\Users\chris\Desktop\Malwarebytes' Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - Global Startup: C:\Users\chris\Desktop\Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\MOVIEMK.exe O4 - Global Startup: C:\Users\chris\Desktop\Sound Recorder.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SoundRecorder.exe O4 - Global Startup: C:\Users\chris\Desktop\Windows Defender - Raccourci.lnk - Clé orpheline O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SnippingTool.exe O4 - Global Startup: C:\Users\chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] http.mappy.com O15 - Trusted Zone: [HKCU\...\Domains\www] http.mappy.com O15 - Trusted Zone: [HKCU\...\Domains] http.orange.fr O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{ED79942A-6177-458E-8002-BA82A8257CC9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{EFCD3F43-C9BF-4092-A759-93EFA21D0E31}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CS1\Services\Tcpip\..\{ED79942A-6177-458E-8002-BA82A8257CC9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{EFCD3F43-C9BF-4092-A759-93EFA21D0E31}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CS2\Services\Tcpip\..\{ED79942A-6177-458E-8002-BA82A8257CC9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{EFCD3F43-C9BF-4092-A759-93EFA21D0E31}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000UA.job [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000Core] (.Google Inc..) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1755130069-18621656-2337756405-1000UA] (.Google Inc..) -- C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [{159967BB-BC1C-404B-B28D-5D6A6B8DE4A1}] (.Pas de propriétaire.) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.) [MD5.00000000000000000000000000000000] [APT] [{53A5F318-D9F7-4C66-B831-19B23FFC4C28}] (.Pas de propriétaire.) -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl" -c Adobe Gamma (.not file.) [MD5.00000000000000000000000000000000] [APT] [{6511FBEE-8ECE-4822-B8EA-F45297EF1136}] (.Pas de propriétaire.) -- C:\Windows\system32\DivXControlPanelApplet.cpl (.not file.) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: Adobe Photoshop Elements 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop Elements 6 O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001} O42 - Logiciel: Audacity 1.3.10 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1 O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CANON iMAGE GATEWAY Task O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Camera Assistant Software Lite - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {23E0B6EB-43AD-4DDE-9692-3838C08FF24B} O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- Canon Internet Library for ZoomBrowser EX O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- MovieEditTask O42 - Logiciel: Canon Utilities CameraWindow - (.Canon Inc..) [HKLM] -- CameraWindowLauncher O42 - Logiciel: Canon Utilities CameraWindow DC - (.Canon Inc..) [HKLM] -- CameraWindowDC O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CameraWindowDVC6 O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..) [HKLM] -- MyCamera O42 - Logiciel: Canon Utilities MyCamera DC - (.Canon Inc..) [HKLM] -- MyCameraDC O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM] -- PhotoStitch O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- RemoteCaptureTask O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM] -- ZoomBrowser EX O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM] -- ZoomBrowser EX Memory Card Utility O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: EasyBits Magic Desktop - (.Pas de propriétaire.) [HKLM] -- EasyBits Magic Desktop O42 - Logiciel: FFmpeg for Audacity on Windows - (.Pas de propriétaire.) [HKLM] -- FFmpeg for Audacity on Windows_is1 O42 - Logiciel: FL Studio 8 - (.Image-Line bvba.) [HKLM] -- FL Studio 8 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: I-Doser v4 - (.Pas de propriétaire.) [HKCU] -- I-Doser v4 O42 - Logiciel: IL Download Manager - (.Image-Line bvba.) [HKLM] -- IL Download Manager O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Internet 3G+ Bouygues Telecom - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet 3G+ Bouygues Telecom O42 - Logiciel: Java 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MetaBoli - (.Pas de propriétaire.) [HKLM] -- {709817E4-5439-4206-8738-796B34B623BD} O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262} O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673} O42 - Logiciel: Microsoft Works 9.0 SE - (.Pas de propriétaire.) [HKLM] -- Works9SE O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 fr) O42 - Logiciel: Myst Masterpiece Edition - (.Pas de propriétaire.) [HKLM] -- Myst Masterpiece Edition O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {3559CDE0-11FC-4D7B-A65C-D646035B1036} O42 - Logiciel: Orange - Logiciels Internet - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- {F4EA67C9-6748-4C1E-9AFF-04149AC75D95} O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- {CA786CFF-1D31-4804-B436-F3405B14357F} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Setup My PC - (.Pas de propriétaire.) [HKLM] -- {28518520-F25C-48C3-A224-861F331602F4} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Toxic Biohazard - (.Image-Line bvba.) [HKLM] -- Toxic Biohazard O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Wise Registry Cleaner 5.9.4 - (.ZhiQing Soft, Inc..) [HKLM] -- Wise Registry Cleaner_is1 O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\Aurigma] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Audacity] [HKCU\Software\Avanquest] [HKCU\Software\Avira] [HKCU\Software\Binary Noise] [HKCU\Software\Borland] [HKCU\Software\Canon] [HKCU\Software\Canon_Inc_IC] [HKCU\Software\Chicony] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\DT Soft] [HKCU\Software\DivXNetworks] [HKCU\Software\EasyBits] [HKCU\Software\FRANCE TELECOM] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\Image-Line] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Orange] [HKCU\Software\Packard Bell] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\S3R521] [HKCU\Software\SecuROM] [HKCU\Software\Smart Projects] [HKCU\Software\SoftVoice] [HKCU\Software\Softonic] [HKCU\Software\Stdin2] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TCP Optimizer] [HKCU\Software\Trolltech] [HKCU\Software\WinRAR SFX] [HKCU\Software\Windows Live Writer] [HKCU\Software\adobe] [HKCU\Software\e-merge] [HKCU\Software\emerge] [HKCU\Software\winace] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\AppDataLow] [HKLM\Software\Avira] [HKLM\Software\Canon] [HKLM\Software\Canon_Inc_IC] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Digital River] [HKLM\Software\EasyBits] [HKLM\Software\FFmpeg for Audacity] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\Google] [HKLM\Software\Huawei technologies] [HKLM\Software\Image-Line] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Mozilla] [HKLM\Software\MusicNet] [HKLM\Software\NeroDigital] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\OemSetup] [HKLM\Software\OrangePlayerTemp] [HKLM\Software\Outsim] [HKLM\Software\PACKARD BELL] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Propellerhead Software] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek USB 2.0 Card Reader] [HKLM\Software\Realtek] [HKLM\Software\Red Orb] [HKLM\Software\RegisteredApplications] [HKLM\Software\Sonic] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\Uniblue] [HKLM\Software\VST] [HKLM\Software\WOW6432Node] [HKLM\Software\WiseCleaner] [HKLM\Software\X-AVCSD] [HKLM\Software\Xerox] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 18/01/2011 - 03:56:34 - [3511045] ----D- C:\Program Files\7-Zip O43 - CFD: 13/03/2011 - 16:28:58 - [502455169] ----D- C:\Program Files\Adobe O43 - CFD: 22/12/2009 - 17:20:22 - [33887555] ----D- C:\Program Files\Audacity 1.3 Beta (Unicode) O43 - CFD: 25/03/2011 - 01:48:38 - [118736141] ----D- C:\Program Files\Avira O43 - CFD: 15/03/2010 - 19:34:24 - [1526697] ----D- C:\Program Files\Camera Assistant Software Lite O43 - CFD: 15/09/2010 - 22:14:08 - [190796662] ----D- C:\Program Files\Canon O43 - CFD: 02/03/2011 - 22:33:34 - [3653664] ----D- C:\Program Files\CCleaner O43 - CFD: 21/03/2011 - 19:03:22 - [1215233282] ----D- C:\Program Files\Common Files O43 - CFD: 18/01/2011 - 03:32:16 - [4507970] ----D- C:\Program Files\DOSBox-0.74 O43 - CFD: 19/11/2009 - 00:11:56 - [86314120] ----D- C:\Program Files\EasyBits For Kids O43 - CFD: 11/02/2010 - 23:39:24 - [20448221] ----D- C:\Program Files\FFmpeg for Audacity O43 - CFD: 17/10/2009 - 21:40:32 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 25/03/2011 - 02:24:16 - [2908240] ----D- C:\Program Files\Google O43 - CFD: 08/01/2009 - 13:38:30 - [4710899] ----D- C:\Program Files\HDReg O43 - CFD: 27/09/2010 - 17:22:26 - [7161126] ----D- C:\Program Files\IDoser v4 O43 - CFD: 29/12/2009 - 18:54:12 - [271949659] ----D- C:\Program Files\Image-Line O43 - CFD: 19/03/2011 - 01:19:22 - [44599777] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 08/01/2009 - 13:07:12 - [96760] ----D- C:\Program Files\Intel O43 - CFD: 19/10/2009 - 21:35:54 - [24888323] ----D- C:\Program Files\Internet 3G+ Bouygues Telecom O43 - CFD: 08/03/2011 - 02:50:42 - [6116020] ----D- C:\Program Files\Internet Explorer O43 - CFD: 21/02/2011 - 22:03:08 - [88363038] ----D- C:\Program Files\Java O43 - CFD: 19/10/2009 - 09:59:54 - [4272] ----D- C:\Program Files\Kit Internet Mobile Bouygues Telecom O43 - CFD: 22/02/2011 - 20:37:52 - [4968439] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 21/10/2010 - 12:56:16 - [526291] ----D- C:\Program Files\Microsoft O43 - CFD: 02/11/2006 - 13:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games O43 - CFD: 08/01/2009 - 13:23:08 - [369967689] ----D- C:\Program Files\Microsoft Office O43 - CFD: 08/01/2009 - 13:21:18 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant O43 - CFD: 16/12/2010 - 21:05:12 - [146453974] ----D- C:\Program Files\Microsoft Works O43 - CFD: 26/06/2010 - 00:50:56 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 12/08/2010 - 22:45:28 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 24/03/2011 - 02:05:18 - [32966208] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 13:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 08/01/2009 - 12:54:00 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 29/07/2009 - 20:42:42 - [360210626] ----D- C:\Program Files\Nero O43 - CFD: 16/05/2010 - 18:59:00 - [0] ----D- C:\Program Files\Orange O43 - CFD: 15/11/2010 - 15:51:50 - [388493800] ----D- C:\Program Files\OrangeHSS O43 - CFD: 27/12/2009 - 20:59:20 - [3551543] ----D- C:\Program Files\Outsim O43 - CFD: 17/10/2009 - 21:42:40 - [1333458189] ----D- C:\Program Files\PACKARD BELL O43 - CFD: 19/03/2011 - 01:32:52 - [36229273] ----D- C:\Program Files\Realtek O43 - CFD: 12/02/2011 - 21:36:14 - [1007807] ----D- C:\Program Files\Red Orb O43 - CFD: 02/11/2006 - 13:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 26/11/2009 - 00:16:20 - [50980] ----D- C:\Program Files\Registry Mechanic O43 - CFD: 11/02/2010 - 12:03:34 - [60435509] ----D- C:\Program Files\Securitoo O43 - CFD: 08/01/2009 - 13:14:58 - [13835389] ----D- C:\Program Files\Synaptics O43 - CFD: 24/03/2011 - 14:58:42 - [388608] ----D- C:\Program Files\trend micro O43 - CFD: 02/11/2006 - 14:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 27/12/2009 - 21:01:26 - [1536000] ----D- C:\Program Files\VstPlugins O43 - CFD: 01/12/2009 - 03:37:18 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 01/12/2009 - 03:37:18 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 01/12/2009 - 03:37:14 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 01/12/2009 - 03:37:18 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 09/02/2011 - 22:56:48 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 13/10/2010 - 19:01:22 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 17/10/2009 - 21:40:32 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 01/12/2009 - 03:37:16 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 04/12/2009 - 02:43:24 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 01/12/2009 - 03:37:18 - [7614028] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 24/03/2011 - 22:07:32 - [3900473] ----D- C:\Program Files\Wise Registry Cleaner O43 - CFD: 25/03/2011 - 04:19:08 - [3588987] ----D- C:\Program Files\ZHPDiag O43 - CFD: 13/03/2011 - 15:46:16 - [141916401] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 15/09/2010 - 22:07:18 - [1162529] ----D- C:\Program Files\Common Files\Canon O43 - CFD: 08/01/2009 - 13:19:02 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 12/11/2010 - 18:30:16 - [7902934] ----D- C:\Program Files\Common Files\France Telecom O43 - CFD: 08/01/2009 - 13:11:58 - [2037602] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 21/02/2011 - 22:03:50 - [1247175] ----D- C:\Program Files\Common Files\Java O43 - CFD: 08/01/2009 - 13:27:36 - [655185] ----D- C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 09/03/2011 - 23:54:52 - [431783350] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 29/07/2009 - 20:43:46 - [137801226] ----D- C:\Program Files\Common Files\Nero O43 - CFD: 25/11/2009 - 20:18:40 - [402108219] ----D- C:\Program Files\Common Files\PC Tools O43 - CFD: 27/11/2009 - 15:44:18 - [4673856] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 21/02/2011 - 18:14:00 - [0] ----D- C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 01/12/2009 - 03:37:16 - [42750094] ----D- C:\Program Files\Common Files\System O43 - CFD: 15/03/2011 - 01:09:58 - [673458307] ----D- C:\ProgramData\Adobe O43 - CFD: 25/11/2009 - 14:07:34 - [11535872] ----D- C:\ProgramData\Apple O43 - CFD: 11/03/2011 - 02:37:22 - [217] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 25/03/2011 - 01:48:38 - [40127415] ----D- C:\ProgramData\Avira O43 - CFD: 17/10/2009 - 21:40:32 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 17/10/2009 - 21:40:32 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 17/10/2009 - 23:09:36 - [7722] ----D- C:\ProgramData\FLEXnet O43 - CFD: 11/03/2011 - 02:44:00 - [994528] ----D- C:\ProgramData\Google O43 - CFD: 26/02/2010 - 13:02:44 - [14200582] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 17/10/2009 - 21:40:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 09/03/2011 - 23:52:48 - [120085148] -S--D- C:\ProgramData\Microsoft O43 - CFD: 13/03/2011 - 15:57:30 - [57040] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 17/10/2009 - 21:40:32 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 29/07/2009 - 20:42:42 - [8860740] ----D- C:\ProgramData\Nero O43 - CFD: 22/12/2009 - 16:21:06 - [4048778] ----D- C:\ProgramData\Propellerhead Software O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 30/03/2010 - 18:48:02 - [294] ----D- C:\ProgramData\Sun O43 - CFD: 17/10/2009 - 23:07:54 - [64] ----D- C:\ProgramData\Symantec O43 - CFD: 26/11/2009 - 00:16:24 - [0] ---AD- C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 14:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 19/10/2009 - 21:11:00 - [3802] ----D- C:\ProgramData\Xerox O43 - CFD: 15/09/2010 - 22:10:54 - [0] ----D- C:\ProgramData\ZoomBrowser O43 - CFD: 15/03/2011 - 01:33:16 - [1362745] ----D- C:\Users\chris\AppData\Roaming\Adobe O43 - CFD: 12/02/2010 - 00:34:22 - [22767] ----D- C:\Users\chris\AppData\Roaming\Audacity O43 - CFD: 11/12/2009 - 02:53:24 - [14323] ----D- C:\Users\chris\AppData\Roaming\Blender Foundation O43 - CFD: 19/05/2010 - 14:34:24 - [492] ----D- C:\Users\chris\AppData\Roaming\dvdcss O43 - CFD: 17/10/2009 - 23:49:30 - [0] ----D- C:\Users\chris\AppData\Roaming\Google O43 - CFD: 17/10/2009 - 21:47:00 - [0] ----D- C:\Users\chris\AppData\Roaming\Identities O43 - CFD: 18/10/2009 - 09:06:12 - [2177] ----D- C:\Users\chris\AppData\Roaming\Macromedia O43 - CFD: 26/02/2010 - 13:02:52 - [1066] ----D- C:\Users\chris\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 13:37:36 - [0] ----D- C:\Users\chris\AppData\Roaming\Media Center Programs O43 - CFD: 11/02/2010 - 14:08:04 - [205916] ----D- C:\Users\chris\AppData\Roaming\Media Player O43 - CFD: 24/03/2011 - 02:36:06 - [114] ----D- C:\Users\chris\AppData\Roaming\Media Player Classic O43 - CFD: 19/03/2011 - 23:30:30 - [1583128] -S--D- C:\Users\chris\AppData\Roaming\Microsoft O43 - CFD: 26/11/2009 - 10:33:00 - [13281386] ----D- C:\Users\chris\AppData\Roaming\Mozilla O43 - CFD: 18/10/2009 - 11:23:12 - [135583] ----D- C:\Users\chris\AppData\Roaming\Nero O43 - CFD: 17/10/2009 - 23:41:04 - [37] ----D- C:\Users\chris\AppData\Roaming\Packard Bell O43 - CFD: 22/12/2009 - 16:20:50 - [4376] ----D- C:\Users\chris\AppData\Roaming\Propellerhead Software O43 - CFD: 21/02/2011 - 19:54:48 - [87598] ----D- C:\Users\chris\AppData\Roaming\QuickScan O43 - CFD: 16/01/2011 - 19:43:16 - [0] ----D- C:\Users\chris\AppData\Roaming\ScummVM O43 - CFD: 10/02/2011 - 00:41:52 - [3092] R-H-D- C:\Users\chris\AppData\Roaming\SecuROM O43 - CFD: 18/11/2009 - 23:41:50 - [13824] ----D- C:\Users\chris\AppData\Roaming\Template O43 - CFD: 10/01/2011 - 23:58:24 - [697213] ----D- C:\Users\chris\AppData\Roaming\Uniblue O43 - CFD: 18/10/2009 - 10:13:32 - [0] ----D- C:\Users\chris\AppData\Roaming\Windows Live Writer O43 - CFD: 15/09/2010 - 23:21:40 - [0] ----D- C:\Users\chris\AppData\Roaming\ZoomBrowser EX ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.18EF12005489F87500FCFD7FECEF1200] - 25/03/2011 - 02:13:21 ---A- . (...) -- C:\Windows\WindowsUpdate.log [20201] O44 - LFC:[MD5.E19EC1C4C320857251193E9F9890AC32] - 25/03/2011 - 01:48:48 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [673938] O44 - LFC:[MD5.B4BED5191723D95AE740614A04B6E2C8] - 25/03/2011 - 01:48:47 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1483970] O44 - LFC:[MD5.256FCEF85B87BD7E60837FF3EF19B12E] - 25/03/2011 - 01:48:47 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103194] O44 - LFC:[MD5.51837908047E86797FBEF6288F1E965A] - 25/03/2011 - 01:48:47 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [125636] O44 - LFC:[MD5.3A6F66B607EA2B20043B204D9815BB3C] - 25/03/2011 - 01:48:47 ---A- . (...) -- C:\Windows\System32\perfh009.dat [591320] O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 25/03/2011 - 01:48:43 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 25/03/2011 - 01:48:41 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [135096] O44 - LFC:[MD5.47B879406246FFDCED59E18D331A0E7D] - 25/03/2011 - 01:48:41 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [61960] O44 - LFC:[MD5.18EF12005489F87500FCFD7FECEF1200] - 25/03/2011 - 01:41:21 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0] O44 - LFC:[MD5.F54DCDCE8D60027B285F2729725B1067] - 25/03/2011 - 01:41:08 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 24/03/2011 - 21:07:04 ---A- . (...) -- C:\Windows\NeroDigital.ini [69] O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 21/03/2011 - 19:10:25 ---A- . (...) -- C:\Windows\system.ini [215] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 21/03/2011 - 18:55:22 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\Windows\SWXCACLS.exe [212480] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 21/03/2011 - 12:21:40 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [31232] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 21/03/2011 - 12:21:40 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 21/03/2011 - 12:21:40 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [136704] O44 - LFC:[MD5.7FD1956E221C3750E0532A48E8EDD305] - 19/03/2011 - 01:32:50 ---A- . (.Pas de propriétaire - About Page.) -- C:\Windows\System32\RtNicProp32.dll [80416] O44 - LFC:[MD5.FA43357FA184DAB79EDC6C0316603588] - 19/03/2011 - 01:32:50 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\drivers\Rtlh86.sys [309352] O44 - LFC:[MD5.247B0A8164069CD4FE6F3094C581B13B] - 19/03/2011 - 01:19:09 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [197224] O44 - LFC:[MD5.385051031AAF36C31AE533ABAF5676AC] - 19/03/2011 - 01:19:07 ---A- . (.Realtek Semiconductor Corp. - Realtek Card Reader Icon Dll.) -- C:\Windows\System32\RtsUStoricon.dll [9888360] O44 - LFC:[MD5.A02522AE191D19AC4D6DEE2DE8B7AB46] - 19/03/2011 - 01:19:07 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Card Reader DLL.) -- C:\Windows\System32\RtsUStor.dll [313960] O44 - LFC:[MD5.87D3733D84EC014303C109BE8D618015] - 13/03/2011 - 19:34:41 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [310696] O44 - LFC:[MD5.F899139DF5E1059396431415E770C6DD] - 09/03/2011 - 22:59:40 ---A- . (...) -- C:\Windows\sbacknt.bin [3] O44 - LFC:[MD5.F899139DF5E1059396431415E770C6DD] - 09/03/2011 - 22:59:40 ---A- . (...) -- C:\Windows\treeskp.sys [3] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 08/03/2011 - 02:48:14 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 08/03/2011 - 02:48:14 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 08/03/2011 - 02:48:04 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.D47F94D719E80663EDBF933F1CCEAF2A] - 28/02/2011 - 08:09:40 ---A- . (.Windows XP Bundled build C-Centric Single U - CSVer.) -- C:\Windows\System32\CSVer.dll [53248] O44 - LFC:[MD5.C82B2FE6A7AD83FB3328780EFADED6EB] - 27/02/2011 - 03:17:52 ---A- . (...) -- C:\Windows\System32\QuickTime.qtp [34763] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 15:58:12 ---A- . (...) -- C:\Windows\PEV.exe [256512] O44 - LFC:[MD5.0087F6F680BEFDA997B357BD55BE991C] - 15/03/2010 - 11:31:50 ---A- . (...) -- C:\Windows\System32\unrar.dll [165376] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\Windows\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\Windows\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\Windows\zip.exe [68096] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\Windows\system32\EZUPBH~1.DLL ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\SmpcSys [Key] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableStatusMessages"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 04/02/2011 - 12:09:08 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 04/02/2011 - 12:09:08 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [135096] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.C1258ADCBE6E51A3C06C234D2BDB81B5] - 09/08/2007 - 03:06:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\system32\drivers\ewdcsc.sys [23424] O58 - SDL:[MD5.1D4D6D24256F61E6B08A3CF8184A78B8] - 30/12/2008 - 10:57:52 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys [103040] O58 - SDL:[MD5.92CA47DA32009CCC00A5ADED04ABBD78] - 13/12/2008 - 10:27:50 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [102784] O58 - SDL:[MD5.0F40E249E4DD0CE47C7CA19C5C8FB48A] - 17/02/2009 - 19:38:12 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\system32\drivers\ewusbnet.sys [112128] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.0627FC0C422CD6E0F23E1B0D1D9F0899] - 11/07/2008 - 03:20:10 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [2381312] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 16/07/2008 - 12:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392] O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 16/07/2008 - 12:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.62C212678CA063DA233ED4B0B6FC9162] - 14/04/2008 - 08:36:42 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\system32\drivers\mod7700.sys [621056] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.EBBD48D3F4361773B812CA67A9CFC69B] - 29/07/2008 - 04:48:56 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr28.sys [418816] O58 - SDL:[MD5.E559EA9138C77B5D1FDA8C558764A25F] - 27/04/2008 - 23:29:26 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys [3658752] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.9F2F541C52CD7A452E235E885F7D95DE] - 03/04/2007 - 10:43:28 ---A- . (.Philips Semiconductors GmbH - Ph3xIBxx.) -- C:\Windows\system32\drivers\Ph3xIB32.sys [1131136] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.9B89F2E3D705651DEC1F01033B9D6B24] - 04/08/2008 - 10:02:46 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2161496] O58 - SDL:[MD5.FA43357FA184DAB79EDC6C0316603588] - 30/12/2010 - 15:01:08 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [309352] O58 - SDL:[MD5.01C64783DB1F40E1E3DF67DD36199B35] - 20/02/2008 - 21:01:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [60416] O58 - SDL:[MD5.247B0A8164069CD4FE6F3094C581B13B] - 29/10/2010 - 16:11:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [197224] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.614DEEA4BDCEC3FD5A07BDC705723AD7] - 18/01/2011 - 14:00:09 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\system32\drivers\sptd.sys [431672] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/06/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.D2AA5D5FDB821EB5F9366C5E3BC2D9EA] - 08/06/2007 - 03:53:56 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [187448] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\system32\Alg.exe (ALG) .(.Microsoft Corporation - Service de la passerelle de la couche Appli.) - LEGACY_ALG O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\system32\browser.dll (Browser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BROWSER O64 - Services: CurCS - C:\Users\chris\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - Microsoft .NET Framework NGEN v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V O64 - Services: CurCS - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK O64 - Services: CurCS - C:\Windows\system32\cryptsvc.dll (CryptSvc) .(.Microsoft Corporation - Services de chiffrement.) - LEGACY_CRYPTSVC O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\System32\dnsapi.dll (Dnscache) .(.Microsoft Corporation - DNS DLL de l'API Client.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL O64 - Services: CurCS - (.not file.) - EraserUtilDrv10822 (EraserUtilDrv10822) .(...) - LEGACY_ERASERUTILDRV10822 O64 - Services: CurCS - (.not file.) - EraserUtilDrvI9 (EraserUtilDrvI9) .(...) - LEGACY_ERASERUTILDRVI9 O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - C:\Windows\system32\svchost.exe - Easybits Shared Services for Windows (ezSharedSvc) .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_EZSHAREDSVC O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\hidserv.dll (hidserv) .(.Microsoft Corporation - Service HID.) - LEGACY_HIDSERV O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - (.not file.) - IDSVix86 (IDSVix86) .(...) - LEGACY_IDSVIX86 O64 - Services: CurCS - C:\Windows\system32\drivers\int15.sys - int15 (int15) .(.Acer, Inc. - int15.) - LEGACY_INT15 O64 - Services: CurCS - C:\Windows\system32\iphlpsvc.dll (iphlpsvc) .(.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - LEGACY_IPHLPSVC O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25 O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (LanmanServer) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\lmhsvc.dll (lmhosts) .(.Microsoft Corporation - DLL des services de transport NetBIOS sur T.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - C:\Users\chris\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - Filtre NativeWiFi (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG O64 - Services: CurCS - (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15 O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe - Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) .(.Nero AG - Nero BackItUp.) - LEGACY_NERO_BACKITUP_SCHEDULER_3 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll (NetTcpPortSharing) .(.Microsoft Corporation - Bibliothèque des ressources de l’installate.) - LEGACY_NETTCPPORTSHARING O64 - Services: CurCS - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe - NMIndexingService (NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\System32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50 O64 - Services: CurCS - C:\Windows\System32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50 O64 - Services: CurCS - C:\Windows\system32\pcasvc.dll (PcaSvc) .(.Microsoft Corporation - Service de l’Assistant Compatibilité des pr.) - LEGACY_PCASVC O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(...) - LEGACY_PROCEXP113 O64 - Services: CurCS - C:\Windows\system32\psbase.dll (ProtectedStorage) .(.Microsoft Corporation - Fournisseur par défaut du stockage protégé.) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\Windows\system32\rasauto.dll (RasAuto) .(.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) - LEGACY_RASAUTO O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\Windows\system32\samsrv.dll (SamSs) .(.Microsoft Corporation - DLL Serveur SAM.) - LEGACY_SAMSS O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Sens.dll (SENS) .(.Microsoft Corporation - Service de notification d’événements systèm.) - LEGACY_SENS O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Application sous-système spouleur.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\ssdpsrv.dll (SSDPSRV) .(.Microsoft Corporation - DLL du service SSDP.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\Windows\system32\wiaservc.dll (stisvc) .(.Microsoft Corporation - Service de périphériques d'images fixes.) - LEGACY_STISVC O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(...) - LEGACY_SYMNDISV O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI O64 - Services: CurCS - C:\Windows\system32\TabSvc.dll (TabletInputService) .(.Microsoft Corporation - Service Microsoft Panneau de saisie Tablet.) - LEGACY_TABLETINPUTSERVICE O64 - Services: CurCS - C:\Windows\system32\tapisrv.dll (TapiSrv) .(.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\system32\tbssvc.dll (TBS) .(.Microsoft Corporation - Service TBS.) - LEGACY_TBS O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\System32\termsrv.dll (TermService) .(.Microsoft Corporation - Gestionnaire des connexions distantes Termi.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\Windows\system32\trkwks.dll (TrkWks) .(.Microsoft Corporation - Client de suivi de lien distribué.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\Windows\system32\webclnt.dll (WebClient) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\Windows\System32\wersvc.dll (WerSvc) .(.Microsoft Corporation - Service de rapport d'erreurs Windows.) - LEGACY_WERSVC O64 - Services: CurCS - C:\Windows\System32\wlansvc.dll (Wlansvc) .(.Microsoft Corporation - DLL du service de configuration automatique.) - LEGACY_WLANSVC O64 - Services: CurCS - C:\Windows\system32\wbem\wmiapsrv.exe (wmiApSrv) .(.Microsoft Corporation - Adaptateur inverse de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL O64 - Services: CurCS - C:\Windows\System32\wscsvc.dll (wscsvc) .(.Microsoft Corporation - Service Centre de sécurité de Windows.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\Windows\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Indexeur Microsoft Windows Search.) - LEGACY_WSEARCH ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {2EC779A7-634F-4D91-ACE2-771E08908A51} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - Google ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "{8FDBDFE5-3312-418E-9688-C61655939FFA}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe O87 - FAEL: "{9BEC27CC-BB2B-4A12-BCBF-1C5648C0EE3E}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe O87 - FAEL: "{2661AEDF-49C1-480F-9BD6-A348E6D1F912}" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{B149A6E9-8E8E-4A46-BD8E-7BA3A39AAEB7}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "{CBC6A8C6-0FF5-4677-8B92-367D36C5EF8A}" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "{98307EDB-A29D-46B0-A0BE-2766947B9A19}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "{3A6A12BB-B7E6-493A-84B5-C7A82F6EA419}" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "{3E95BA31-95D1-46D5-A5CA-ADBDB90037AF}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "{7779E3F0-A69B-456C-8433-6F437275A6B2}" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe SR - | Auto 04/02/2011 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 04/02/2011 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 16/07/2008 24576 | (ETService) . (...) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe SS - | Demand 08/01/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Disabled 03/03/2009 65536 | (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe SS - | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 18/02/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SS - | Disabled 28/04/2008 529704 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by chris at 25/03/2011 04:19:24 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll pciide.sys 1 ntkrnlpa!IofCallDriver[0x81851912] -> \Device\Harddisk0\DR0[0x84D5DAC8] 3 CLASSPNP[0x875AB8B3] -> ntkrnlpa!IofCallDriver[0x81851912] -> \Device\Ide\IdeDeviceP0T0L0-0[0x83A01568] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by chris at 25/03/2011 04:19:26 Use the desktop link 'MBRCheck' to have full report Dump file Name : C:\PhysicalDisk0_MBR.bin ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.614DEEA4BDCEC3FD5A07BDC705723AD7] - 18/01/2011 - 14:00:09 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\system32\drivers\sptd.sys [431672] End of the scan (1088 lines in 00mn 22s)(0)
×
×
  • Créer...