PIPLAPAL

Membres

Afficher le profil Afficher son activité

Compteur de contenus
1
Inscription
le 9 avril 2011
Dernière visite
le 11 avril 2011

Autres informations

Mes langues
francais

PIPLAPAL's Achievements

Junior Member (3/12)

Réputation sur la communauté

mon pc est infecté aussi

PIPLAPAL a posté un sujet dans Analyses et éradication malwares

Bonjour, J'ai des pbs avec mon pc. J'ai un rapport de ZHPDiag qui donne ceci : Rapport de ZHPDiag v1.27.1864 par Nicolas Coolman, Update du 08/04/2011 Run by Administrateur at 09/04/2011 15:35:42 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v6.0.2900.2180 (Defaut) GCIE: Google Chrome v10.0.648.204 ---\\ System Information Windows XP Professional Service Pack 2 (Build 2600) Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1907 MB (53% free) System Restore: Activé (Enable) System drive C: has 31 GB (63%) free of 49 GB ---\\ Logged in mode Computer Name: FREVRYM1776384 User Name: Administrateur All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\Administrateur\Application Data %LocalAppData%=C:\Documents and Settings\Administrateur\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\Administrateur\Menu Démarrer ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 31 Go of 49 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 49 Go of 184 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.2A7BD330924252A2FD80344FC949BB72] - (.Microsoft Corporation - Explorateur Windows.) (.02/03/2006 04:00:00.) -- C:\WINDOWS\Explorer.exe [1036288] [MD5.AD9AB4386AE234EA5C8EED51CD934C44] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/02/2009 09:15:39.) -- C:\WINDOWS\system32\wininet.dll [672256] [MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.02/03/2006 04:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368] [MD5.2218E3FD674DC284CE98C807086CAB14] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/04/2007 11:39:42.) -- C:\WINDOWS\system32\drivers\atapi.sys [96384] [MD5.2490B30D416A96AC96603D7844CA5C0F] - (.Microsoft Corporation - NT File System Driver.) (.15/11/2004 18:11:59.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574592] ---\\ Processus lancés [MD5.06AF18300C5B511A3D85C3E0B7909C10] - (.Lenovo. - ThinkPad Power Management Service.) -- C:\WINDOWS\system32\ibmpmsvc.exe [38248] [MD5.BD254601A3977C4BCF39FDC942A38217] - (.Intel® Corporation - Intel® Wireless Management Service.) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [954368] [MD5.5E32D63B71495A8EDA09F05BD153A537] - (.Symantec Corporation - Symantec Settings Manager Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [169576] [MD5.73A35AD810CB750367CC01564A44B0E7] - (.Symantec Corporation - Symantec Event Manager Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [192104] [MD5.8A09AB7A1FD856ACC469BD0CD4E98351] - (.Symantec Corporation - SPBBC Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe [1181016] [MD5.7B0E3E21CE33C48AF63B01AE9A3847A4] - (.Pas de propriétaire - Application Policy Service.) -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe [5329408] [MD5.7F7EFCC3EF73160147B27A8270B4CB9E] - (.Symantec Corporation - Virus Definition Daemon.) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe [31160] [MD5.A839258E58CF58F05DE1799FFC7F2634] - (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [858384] [MD5.A7AD70A504FAC41492A95FE1D567CB52] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [268824] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [MD5.7FF9BA6D0BFBCD31DDF23EAF982D7069] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Program Files\lotus\notes\ntmulti.exe [57393] [MD5.7382BC560C92710210352941F4086D44] - (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [473360] [MD5.92554F1D5037033146501F72C74B4D9F] - (.symantec - SAVRoam.) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe [116664] [MD5.7AC1FCCC7976857AAC3906D45A81D77B] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe [1822648] [MD5.C81B8635DEE0D3EF5F64B3DD643023A5] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912] [MD5.40C7C20D2D1798EEB68EEFD606C20689] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2320920] [MD5.2FE6F76ADB634D4ED7EF9EAE726BC654] - (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmiprvse.exe [218112] [MD5.B43CC0F07752D456038CD0268E4D84E9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [MD5.64EF13006915817C00FCFD7F38F01300] - (...) -- C:\Documents and Settings\Administrateur\Application Data\dwm.exe [174592] [MD5.DD181421F649C9A819EC78C98A049730] - (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [52840] [MD5.84ECADFA3C9A62768C6711A3FD8991BD] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\PROGRA~1\SYMANT~1\VPTray.exe [125368] [MD5.33321E7AACEEB66583B805D94168455C] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [174616] [MD5.201840334B0CFD4C9F9AD38449D1AEDD] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [145432] [MD5.5827B14B4E84DA4144D8215883E05177] - (.Microsoft Corporation - NTVDM.EXE.) -- C:\WINDOWS\system32\ntvdm.exe [420864] [MD5.99055F25DCDFB3DDE1251FB629A8D96F] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664] [MD5.B8DA797CEA896C42F5BAD9E08E21AF9F] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1052672] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.18FC77C6FD225D31F02806A349228F04] - (.Synaptics Incorporated - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [128296] [MD5.896A1DB9A972AD2339C2E8569EC926D1] - (.Safer Networking Limited - System settings protector.) -- D:\programme\Spybot - Search & Destroy\TeaTimer.exe [2144088] [MD5.81EDFB5230A8428F3A31D135CA84E05B] - (.Pas de propriétaire - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe [634880] [MD5.82D1FC5B93E0B1DA104AB2D9C992319B] - (.Intel Corporation - Intel® Management and Security Status.) -- C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1098264] [MD5.385D1644E676C96EB07848ADA63E37FA] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [93184] [MD5.64EF13006915817C00FCFD7F38F01300] - (...) -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\conhost.exe [164864] [MD5.64EF13006915817C00FCFD7F38F01300] - (...) -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\csrss.exe [184832] [MD5.FB784E1B24CD06EEC019F26EF79527AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642560] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.3441.119 (Activé) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation R0 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Carrefour Group R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google R1 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\Software\Microsoft\Internet Explorer\Main,Search Page = Google R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:61798 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [run] Clé orpheline O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [vptray] . (.Symantec Corporation - Symantec AntiVirus.) -- C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [smartAudio] . (.Pas de propriétaire - SAIICpl MFC Application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [iMSS] . (.Pas de propriétaire - PIconStartup application.) -- C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe O4 - HKLM\..\Run: [uniPrint] . (.INGENICA UK Ltd. - Pas de description.) -- C:\Program Files\UniPrint\Client\SetDfltSettings.exe O4 - HKLM\..\Run: [Essbase] . (.Microsoft Corporation - Microsoft Systems Management Server Install.) -- C:\essbase\User_EssbaseXP.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] . (...) -- C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [conhost] . (...) -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\conhost.exe O4 - HKCU\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- D:\programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [spybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- D:\programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk . (.Avanquest Software.) -- C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Configuration Utility HW.14.lnk . (...) -- C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 8.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Vuze\Azureus.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.) O9 - Extra button: Console Java (Sun) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra button: Console Java (Sun) - {c95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Service client pour le fournisseur NetWare et DLL d'authentification.) -- C:\WINDOWS\system32\nwprovau.dll ---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14) O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://webfile.carrefour.com/welcome/ ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] http.carrefour.com O15 - Trusted Zone: [HKCU\...\Domains\www] http.carrefour.com O15 - Trusted Zone: [HKCU\...\Domains] http.cisco.com O15 - Trusted Zone: [HKCU\...\Domains\www] http.cisco.com ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpNameServer = 10.49.197.89 10.49.197.161 10.48.241.1 10.48.241.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{9BADAA65-4B2E-44CB-B57F-AB556120FF52}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpNameServer = 10.49.197.89 10.49.197.161 10.48.241.1 10.48.241.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{9BADAA65-4B2E-44CB-B57F-AB556120FF52}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpNameServer = 10.49.197.89 10.49.197.161 10.48.241.1 10.48.241.2 O17 - HKLM\System\CS3\Services\Tcpip\..\{9BADAA65-4B2E-44CB-B57F-AB556120FF52}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpDomain = dg.carrefour.com O17 - HKLM\System\CS1\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpDomain = dg.carrefour.com O17 - HKLM\System\CS3\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpDomain = dg.carrefour.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ho.fr.wcorp.carrefour.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: NavLogon . (.Symantec Corporation - Symantec AntiVirus Logon Notification.) -- C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Application Policy Service) . (.Pas de propriétaire - Application Policy Service.) - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe O23 - Service: (ccEvtMgr) . (.Symantec Corporation - Symantec Event Manager Service.) - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: (ccSetMgr) . (.Symantec Corporation - Symantec Settings Manager Service.) - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: (DefWatch) . (.Symantec Corporation - Virus Definition Daemon.) - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe O23 - Service: (EvtEng) . (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: (IBMPMSVC) . (.Lenovo. - ThinkPad Power Management Service.) - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: (LiveUpdate) . (.Symantec Corporation - LiveUpdate Engine COM Module.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe O23 - Service: (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: (mchInjDrv) - Clé orpheline O23 - Service: (Multi-user Cleanup Service) . (.IBM Corp - IBM Lotus Notes/Domino.) - C:\Program Files\lotus\notes\ntmulti.exe O23 - Service: (RegSrvc) . (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: (S24EventMonitor) . (.Intel® Corporation - Intel® Wireless Management Service.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe O23 - Service: (SavRoam) . (.symantec - SAVRoam.) - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: (ServiceLayer) . (.Nokia. - ServiceLayer Module.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: (SNDSrvc) . (.Symantec Corporation - Network Driver Service.) - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: (SPBBCSvc) . (.Symantec Corporation - SPBBC Service.) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: (Symantec AntiVirus) . (.Symantec Corporation - Symantec AntiVirus.) - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500UA.job [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500Core] (.Google Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500UA] (.Google Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (lenovo.smi) . (.Lenovo Group Limited - SMI Driver for Lenovo system.) - C:\Windows\System32\DRIVERS\smiif32.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys O41 - Driver: (SAVRT) . (.Symantec Corporation - AutoProtect.) - C:\Program Files\Symantec AntiVirus\savrt.sys O41 - Driver: (SAVRTPEL) . (.Symantec Corporation - SAVRTPEL.) - C:\Program Files\Symantec AntiVirus\Savrtpel.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: (SPBBCDrv) . (.Symantec Corporation - SPBBC Driver.) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys O41 - Driver: (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\WINDOWS\system32\Drivers\SYMTDI.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\Windows\System32\DRIVERS\wmiacpi.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip - (.Homologation Carrefour France.) [HKLM] -- {8EC35958-6E60-44E8-A740-A2F9DE5F4C2C} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Reader 8.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81000000003} O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D} O42 - Logiciel: Analyseur MSXML 6.0 - (.Microsoft Corporation.) [HKLM] -- {5903C48B-E953-47B8-A651-B9222C483057} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: CSWRLD32.EXE custom database - (.Pas de propriétaire.) [HKLM] -- {29519cc5-4a16-42a8-9765-7915adb2082f}.sdb O42 - Logiciel: Canon PIXMA iP1500 - (.Pas de propriétaire.) [HKLM] -- CANONBJ_Deinstall_CNMCP5y.DLL O42 - Logiciel: Citrix ICA Web Client - (.Pas de propriétaire.) [HKLM] -- Citrix ICA Web Client O42 - Logiciel: Citrix_CLT_ICAWeb - (.Pas de propriétaire.) [HKLM] -- Citrix_CLT_ICAWeb O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine O42 - Logiciel: Conexant 20585 SmartAudio HD - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA O42 - Logiciel: Deluxe Pacman version 1.82 - (.Pas de propriétaire.) [HKLM] -- Deluxe Pacman_is1 O42 - Logiciel: DolbyFiles - (.Nero AG.) [HKLM] -- {B1ADF008-E898-4FE2-8A1F-690D9A06ACAF} O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 O42 - Logiciel: Hitman Pro - (.Mark Loman.) [HKLM] -- {9B77AF57-F7B2-488F-8B75-1DDDCC447545}_is1 O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Network Connections Drivers - (.Intel.) [HKLM] -- PROSet O42 - Logiciel: Java 2 Runtime Environment, SE v1.4.2_12 - (.Sun Microsystems, Inc..) [HKLM] -- {7148F0A8-6813-11D6-A77B-00B0D0142120} O42 - Logiciel: Lenovo System Interface Driver - (.Pas de propriétaire.) [HKLM] -- LENOVO.SMIIF O42 - Logiciel: Les Petits Débrouillards - (.Pas de propriétaire.) [HKLM] -- Les Petits Débrouillards O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Lotus Notes 6.5.5 fr - (.IBM.) [HKLM] -- {D3F0AD62-295F-4632-9CD8-32B6456979D6} O42 - Logiciel: Mais où se cache Carmen - V.2 - (.Pas de propriétaire.) [HKLM] -- {690C2599-F489-4C0C-87B5-5E9969394652} O42 - Logiciel: Micro Application - En route vers la lecture - (.Micro Application.) [HKLM] -- {AA03AA43-E4A5-45AF-9693-77E9EB7AF91F} O42 - Logiciel: Micro Application - Tout pour réussir son année de CE2 - (.Micro Application.) [HKLM] -- {D84C5BD0-FB71-44E9-85B7-60454F4E528E} O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 - (.Microsoft Corporation.) [HKLM] -- {B508B3F1-A24A-32C0-B310-85786919EF28} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 - (.Microsoft Corporation.) [HKLM] -- {2BA00471-0328-3743-93BD-FA813353A783} O42 - Logiciel: Microsoft .NET Framework 3.5 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 O42 - Logiciel: Microsoft .NET Framework 3.5 - (.Microsoft Corporation.) [HKLM] -- {2FC099BD-AC9B-33EB-809C-D332E1B27C40} O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: NATHAN Vacances CE1 V.1.00 (D:) - (.Pas de propriétaire.) [HKLM] -- NATHAN Vacances CE1 V.1.00 (D:) O42 - Logiciel: Nathan Français CE2 - (.Pas de propriétaire.) [HKLM] -- Nathan Français CE2 O42 - Logiciel: Nathan Mathématiques CE2 - (.Pas de propriétaire.) [HKLM] -- Nathan Mathématiques CE2 O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A} O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF} O42 - Logiciel: OXPDFCreator - (.TaoRuan.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: PC Connectivity Solution Lite - (.Nokia.) [HKLM] -- {90DE9737-9E45-4942-A34B-FC31C2B3C642} O42 - Logiciel: PDF Editeur 3 - (.Pas de propriétaire.) [HKLM] -- PDF Editeur 3 O42 - Logiciel: PDF-XChange 3 Pro - (.Tracker Software.) [HKLM] -- PDF-XChange 3 Pro_is1 O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} O42 - Logiciel: RICOH R5U230 Media Driver ver.2.02.02.01 - (.RICOH.) [HKLM] -- {022CBB38-CEF0-42BA-906A-A49BEFAE0BEE} O42 - Logiciel: STM TPM Driver 1.0.4.15 - 32 bits - (.STMicroelectronics.) [HKLM] -- {04EB530D-EFBE-4624-BC83-611E557B9F03} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2 O42 - Logiciel: Symantec AntiVirus - (.Symantec Corporation.) [HKLM] -- {2085C617-589C-40F8-BE40-EDBC9E2CA2EB} O42 - Logiciel: TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility - (.Pas de propriétaire.) [HKLM] -- InstallShield_{C43421C0-0DCB-4F26-8A3B-BF16155F9879} O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM] -- ThinkPad FullScreen Magnifier O42 - Logiciel: ThinkPad Modem Adapter - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM] -- Power Management Driver O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: UniPrint Client 3.6.1 - (.Pas de propriétaire.) [HKLM] -- UniPrint Client 3.6.1 O42 - Logiciel: Uninstall La Malediction - (.Pas de propriétaire.) [HKLM] -- Uninstall La Malediction O42 - Logiciel: Utilitaire ThinkPad UltraNav - (.Lenovo.) [HKLM] -- {17CBC505-D1AE-459D-B445-3D2000A85842} O42 - Logiciel: VLC media player 1.1.8 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -- Vuze_Remote Toolbar O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2 O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-ZIP] [HKCU\Software\AC3Filter] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Azureus] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] [HKCU\Software\Conexant] [HKCU\Software\Digital River] [HKCU\Software\EPSON] [HKCU\Software\EasySystems] [HKCU\Software\Google] [HKCU\Software\Hitman Pro] [HKCU\Software\Hyperion Solutions] [HKCU\Software\IBM] [HKCU\Software\Intel] [HKCU\Software\JP595IR86O] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Lotus] [HKCU\Software\MDO] [HKCU\Software\Macromedia] [HKCU\Software\MicroApp] [HKCU\Software\MozillaPlugins] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\OfferBox] [HKCU\Software\PDFCreator] [HKCU\Software\PDFEdit] [HKCU\Software\PepiMK Software] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\SFX TEAM] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Smartcode Software] [HKCU\Software\Softonic] [HKCU\Software\SpywareBlaster] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\Tracker Software] [HKCU\Software\Unity] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VOB] [HKCU\Software\Vuze_Remote] [HKCU\Software\WHMDNR9LKK] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\XML] [HKCU\Software\conduitEngine] [HKCU\Software\eMule] [HKCU\Software\ej-technologies] [HKLM\Software\7-Zip] [HKLM\Software\Adobe] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\AviSynth] [HKLM\Software\Azureus] [HKLM\Software\BORLAND] [HKLM\Software\BVRP Software, Inc] [HKLM\Software\Bandoo] [HKLM\Software\C07ft5Y] [HKLM\Software\CXT] [HKLM\Software\Canneverbe Limited] [HKLM\Software\Canon] [HKLM\Software\Carrefour] [HKLM\Software\Citrix] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] [HKLM\Software\Conexant Systems] [HKLM\Software\Conexant] [HKLM\Software\EPSON] [HKLM\Software\Fellowes] [HKLM\Software\GEAR Software] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Hitman Pro] [HKLM\Software\Hyperion Solutions] [HKLM\Software\IBM] [HKLM\Software\INTEL] [HKLM\Software\InstallMonetizer] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\JavaSoft] [HKLM\Software\La_Malediction] [HKLM\Software\Lenovo] [HKLM\Software\Lotus] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Micro Application] [HKLM\Software\MicroApp] [HKLM\Software\Mindscape] [HKLM\Software\Montparnasse Multimedia - France Télécom] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\OfferBox] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Prolific Technology INC] [HKLM\Software\RICOH] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RtWLanP] [HKLM\Software\RtWlan] [HKLM\Software\RtlWake] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Set8187B] [HKLM\Software\SpywareBlaster] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\The Silicon Realms Toolworks] [HKLM\Software\Tracker Software] [HKLM\Software\TrendMicro] [HKLM\Software\UIU] [HKLM\Software\UniPrint] [HKLM\Software\VOB] [HKLM\Software\VideoLAN] [HKLM\Software\Vuze_Remote] [HKLM\Software\WinRAR] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\eRightSoft] [HKLM\Software\ej-technologies] [HKLM\Software\magnet] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 11/06/2010 - 23:02:12 - [1982702] ----D- C:\Program Files\7-Zip O43 - CFD: 28/05/2010 - 18:31:48 - [200406760] ----D- C:\Program Files\Adobe O43 - CFD: 12/11/2010 - 09:26:00 - [0] ----D- C:\Program Files\Canon O43 - CFD: 08/12/2010 - 12:42:18 - [3501304] ----D- C:\Program Files\CCleaner O43 - CFD: 16/03/2011 - 19:07:48 - [12574847] ----D- C:\Program Files\CDBurnerXP O43 - CFD: 28/05/2010 - 18:02:06 - [14121410] ----D- C:\Program Files\Citrix O43 - CFD: 31/12/2010 - 23:20:54 - [809644] ----D- C:\Program Files\Common Files O43 - CFD: 24/04/2009 - 12:20:50 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 21/02/2011 - 17:54:56 - [634976] ----D- C:\Program Files\Conduit O43 - CFD: 21/02/2011 - 17:54:52 - [4416349] ----D- C:\Program Files\ConduitEngine O43 - CFD: 28/05/2010 - 16:01:30 - [24095724] ----D- C:\Program Files\CONEXANT O43 - CFD: 06/12/2010 - 10:40:10 - [795104] ----D- C:\Program Files\DIFX O43 - CFD: 28/05/2010 - 16:29:26 - [260192] ----D- C:\Program Files\Digital Line Detect O43 - CFD: 13/11/2010 - 12:54:26 - [43161230] ----D- C:\Program Files\eMule O43 - CFD: 12/11/2010 - 11:41:14 - [6784705] ----D- C:\Program Files\epson O43 - CFD: 23/02/2011 - 22:51:48 - [791148442] ----D- C:\Program Files\Fichiers communs O43 - CFD: 08/12/2010 - 12:42:06 - [15569028] ----D- C:\Program Files\Google O43 - CFD: 09/04/2011 - 15:19:06 - [7174551] ----D- C:\Program Files\Hitman Pro O43 - CFD: 29/12/2010 - 22:27:28 - [68993] ----D- C:\Program Files\icons O43 - CFD: 15/02/2011 - 17:33:32 - [24626453] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 28/05/2010 - 18:12:14 - [75734431] ----D- C:\Program Files\Intel O43 - CFD: 06/04/2011 - 19:09:02 - [18828992] ----D- C:\Program Files\Internet Explorer O43 - CFD: 24/04/2009 - 15:08:44 - [35497772] ----D- C:\Program Files\Java O43 - CFD: 28/05/2010 - 16:16:28 - [379495] ----D- C:\Program Files\Lenovo O43 - CFD: 24/04/2009 - 14:29:16 - [386315234] ----D- C:\Program Files\Lotus O43 - CFD: 24/04/2009 - 12:20:06 - [2118787] ----D- C:\Program Files\Messenger O43 - CFD: 15/02/2011 - 17:33:32 - [967920022] ----D- C:\Program Files\Micro Application O43 - CFD: 24/04/2009 - 12:28:32 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 10/08/2010 - 12:27:14 - [219719066] ----D- C:\Program Files\Microsoft Office O43 - CFD: 24/04/2009 - 14:20:26 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 10/08/2010 - 12:27:14 - [4728150] ----D- C:\Program Files\Microsoft Works O43 - CFD: 28/05/2010 - 18:15:38 - [315392] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 01/01/2011 - 00:25:26 - [1679893] ----D- C:\Program Files\Mindscape O43 - CFD: 24/04/2009 - 12:22:18 - [10371290] ----D- C:\Program Files\Movie Maker O43 - CFD: 28/05/2010 - 15:51:48 - [23758] ----D- C:\Program Files\MSBuild O43 - CFD: 24/04/2009 - 12:28:32 - [0] ----D- C:\Program Files\msn gaming zone O43 - CFD: 24/04/2009 - 14:18:48 - [17340] ----D- C:\Program Files\MSXML 6.0 O43 - CFD: 21/02/2011 - 18:27:46 - [94285792] ----D- C:\Program Files\Nathan O43 - CFD: 24/04/2009 - 12:22:36 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 28/05/2010 - 16:27:16 - [5170098] ----D- C:\Program Files\NetWaiting O43 - CFD: 24/04/2009 - 13:26:38 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 06/12/2010 - 10:40:06 - [2916694] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 24/04/2009 - 14:28:20 - [26746853] ----D- C:\Program Files\PDFCreator O43 - CFD: 09/01/2011 - 19:04:02 - [6212096] ----D- C:\Program Files\qvPDF O43 - CFD: 28/05/2010 - 15:51:44 - [31308314] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 29/10/2010 - 11:53:20 - [55617239] ---AD- C:\Program Files\sav10.1.7.7000 O43 - CFD: 24/04/2009 - 12:23:38 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 28/05/2010 - 18:07:56 - [690100] ----D- C:\Program Files\STMicroelectronics O43 - CFD: 28/05/2010 - 17:59:14 - [1233769] ----D- C:\Program Files\SuperCopier2 O43 - CFD: 24/04/2009 - 15:35:00 - [16441499] ----D- C:\Program Files\Symantec O43 - CFD: 09/04/2011 - 14:39:52 - [9551651] ----D- C:\Program Files\Symantec AntiVirus O43 - CFD: 28/05/2010 - 18:23:58 - [21981742] ----D- C:\Program Files\Synaptics O43 - CFD: 28/05/2010 - 16:30:04 - [3175792] ----D- C:\Program Files\ThinkPad O43 - CFD: 24/12/2010 - 00:40:56 - [11880] ----D- C:\Program Files\TrendMicro O43 - CFD: 12/11/2010 - 09:10:44 - [6774012] ----D- C:\Program Files\TRENDnet O43 - CFD: 24/04/2009 - 14:24:24 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 28/05/2010 - 18:02:34 - [7381615] ----D- C:\Program Files\UniPrint O43 - CFD: 14/11/2010 - 17:38:08 - [93132157] ----D- C:\Program Files\VideoLAN O43 - CFD: 21/02/2011 - 17:55:30 - [111670933] ----D- C:\Program Files\Vuze O43 - CFD: 21/02/2011 - 17:54:46 - [4497722] ----D- C:\Program Files\Vuze_Remote O43 - CFD: 23/02/2011 - 19:19:26 - [4100973] ----D- C:\Program Files\Windows Media Player O43 - CFD: 24/04/2009 - 12:28:32 - [1369088] ----D- C:\Program Files\Windows NT O43 - CFD: 29/12/2010 - 22:41:08 - [985488] ----D- C:\Program Files\Windows Searchqu Toolbar O43 - CFD: 24/04/2009 - 12:23:44 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 12/11/2010 - 10:08:32 - [3886175] ----D- C:\Program Files\WinRAR O43 - CFD: 24/04/2009 - 12:28:32 - [0] ----D- C:\Program Files\xerox O43 - CFD: 09/04/2011 - 15:35:48 - [4691988] ----D- C:\Program Files\ZHPDiag O43 - CFD: 31/12/2010 - 23:20:54 - [643312] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 28/05/2010 - 17:41:02 - [166332] ----D- C:\Program Files\Common Files\postureAgent O43 - CFD: 12/11/2010 - 12:06:54 - [794732] ----D- C:\Documents and Settings\Administrateur\Application Data\Adobe O43 - CFD: 30/01/2011 - 20:03:58 - [115814123] ----D- C:\Documents and Settings\Administrateur\Application Data\Apple Computer O43 - CFD: 23/02/2011 - 19:23:30 - [28581552] ----D- C:\Documents and Settings\Administrateur\Application Data\Azureus O43 - CFD: 09/01/2011 - 19:21:38 - [101] ----D- C:\Documents and Settings\Administrateur\Application Data\CAD-KAS O43 - CFD: 23/02/2011 - 23:05:32 - [1665] ----D- C:\Documents and Settings\Administrateur\Application Data\Canneverbe Limited O43 - CFD: 08/12/2010 - 12:43:12 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Google O43 - CFD: 12/11/2010 - 13:15:56 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Help O43 - CFD: 28/05/2010 - 18:01:34 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\ICAClient O43 - CFD: 24/04/2009 - 14:24:26 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Identities O43 - CFD: 28/05/2010 - 16:27:02 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\InstallShield O43 - CFD: 28/05/2010 - 16:25:30 - [1176] ----D- C:\Documents and Settings\Administrateur\Application Data\Intel O43 - CFD: 11/06/2010 - 23:04:26 - [2607629] ----D- C:\Documents and Settings\Administrateur\Application Data\Macromedia O43 - CFD: 09/04/2011 - 15:14:06 - [3108655] -S--D- C:\Documents and Settings\Administrateur\Application Data\Microsoft O43 - CFD: 23/02/2011 - 22:19:32 - [240] ----D- C:\Documents and Settings\Administrateur\Application Data\Nero O43 - CFD: 02/02/2011 - 19:28:38 - [240914] ----D- C:\Documents and Settings\Administrateur\Application Data\OfferBox O43 - CFD: 02/02/2011 - 19:27:46 - [873304] ----D- C:\Documents and Settings\Administrateur\Application Data\OpenCandy O43 - CFD: 06/12/2010 - 10:40:08 - [118] ----D- C:\Documents and Settings\Administrateur\Application Data\PC Suite O43 - CFD: 24/04/2009 - 15:08:46 - [570802] ----D- C:\Documents and Settings\Administrateur\Application Data\Sun O43 - CFD: 07/03/2011 - 20:59:46 - [7958] ----D- C:\Documents and Settings\Administrateur\Application Data\Unity O43 - CFD: 19/03/2011 - 16:33:16 - [1046445] ----D- C:\Documents and Settings\Administrateur\Application Data\vlc O43 - CFD: 16/11/2010 - 22:01:40 - [12] ----D- C:\Documents and Settings\Administrateur\Application Data\WinRAR O43 - CFD: 12/11/2010 - 12:07:06 - [39646586] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe O43 - CFD: 30/01/2011 - 19:59:10 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple O43 - CFD: 09/03/2011 - 15:19:48 - [62725045] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple Computer O43 - CFD: 28/05/2010 - 16:27:14 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\BVRP Software O43 - CFD: 21/02/2011 - 17:54:56 - [38496] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit O43 - CFD: 21/02/2011 - 17:54:56 - [4167928] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\ConduitEngine O43 - CFD: 02/03/2011 - 11:57:26 - [399942698] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google O43 - CFD: 12/11/2010 - 13:15:56 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Help O43 - CFD: 11/01/2011 - 14:11:04 - [7575329] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft O43 - CFD: 28/05/2010 - 18:19:34 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft Help O43 - CFD: 02/02/2011 - 19:30:22 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\OpenCandy O43 - CFD: 24/04/2009 - 15:36:42 - [11914] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Symantec O43 - CFD: 06/04/2011 - 16:34:48 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Temp O43 - CFD: 20/03/2011 - 18:49:16 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity O43 - CFD: 21/02/2011 - 17:54:56 - [4164927] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Vuze_Remote O43 - CFD: 01/01/2011 - 01:09:06 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\WMTools Downloaded Files ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.9126148414BA91736C3C953E9AE88965] - 09/04/2011 - 13:43:53 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.TMP [4172] O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:40:51 ---A- . (...) -- C:\WINDOWS\RTacDbg.txt [55983] O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:54 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [768] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/04/2011 - 13:39:51 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:28 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:28 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:28 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 09/04/2011 - 13:39:03 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.03C1963EFB000AD91671A718A937FA6E] - 09/04/2011 - 12:53:20 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [161] O44 - LFC:[MD5.DADC7DC77EFCABCB0D00B5C7CB6E3215] - 09/04/2011 - 12:53:14 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [457598] O44 - LFC:[MD5.BEED859862DD30EC68C84C61AB7417EB] - 09/04/2011 - 12:46:55 ---A- . (...) -- C:\WINDOWS\setupact.log [120] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/04/2011 - 12:22:29 ---A- . (...) -- C:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.9EB838E4491861D1A2E01D4249092610] - 09/04/2011 - 12:21:50 ---A- . (...) -- C:\WINDOWS\wininit.ini [607] O44 - LFC:[MD5.DF614AEA27276759CDB22FFD845D444B] - 09/04/2011 - 12:18:46 -SHA- . (...) -- C:\boot.ini [246] O44 - LFC:[MD5.92E28653856BE97E5FFD435B68AFF64B] - 09/04/2011 - 09:49:16 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2184] O44 - LFC:[MD5.5E90A223E744A6CF8DB789B39987B818] - 20/03/2011 - 17:46:50 ---A- . (...) -- C:\WINDOWS\System32\mapisvc.inf [995] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Vuze\Azureus.exe" [Enabled] .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{36277bb8-1533-11e0-9764-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\RECYCLER\S-1-5-21-5311846712-4121495154-682003330-5111\system.exe (.not file.) O51 - MPSK:{53a11d1a-0114-11e0-9733-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\NokiaPCIA_Autorun.exe (.not file.) O51 - MPSK:{7008fe4f-021b-11e0-973a-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\RECYCLER\S-1-5-21-5311846712-4121495154-682003330-5111\system.exe (.not file.) O51 - MPSK:{7e48927c-759c-11df-9e81-00231497fad8}\AutoRun\command. (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe O51 - MPSK:{f6c1eb85-ee2b-11df-9e8e-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\RECYCLER\S-1-5-21-5311846712-4121495154-682003330-5111\system.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"MSACM.CTRXAUD"="ctrxaud.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \Drivers32\"VIDC.CTRX"="ctrxvid.drv" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"ctrxvid.drv"="Citrix Scalable Video Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ctrxaud.acm"="Citrix Audio Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "LogonType"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Home"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Fullscreen"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Tools"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Print"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Edit"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Cut"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Copy"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Paste"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Encoding"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "ForceStartMenuLogOff"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktopCleanupWizard"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWelcomeScreen"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFolderOptions"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoMSAppLogo5ChannelNotify"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoToolbarCustomize"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoBandCustomize"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=149 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoWelcomeScreen"=1 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.30BB1BDE595CA65FD5549462080D94E5] - 12/11/2010 - 08:11:01 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21035] O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 17/08/2001 - 20:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys [5248] O58 - SDL:[MD5.675C16A3C1F8482F85EE4A97FC0DDE3D] - 03/08/2004 - 22:07:44 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\AMDAGP.SYS [43008] O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 17/08/2001 - 20:52:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys [26496] O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 17/08/2001 - 20:51:58 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys [14848] O58 - SDL:[MD5.34E172AA5C7ABC4146346CD20233EE32] - 31/03/2010 - 00:58:18 ---A- . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\CHDAU32.sys [1756216] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 02/03/2006 - 04:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 23/08/2001 - 16:04:44 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys [6656] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 02/03/2006 - 04:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 17/08/2001 - 20:52:16 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys [179584] O58 - SDL:[MD5.9F7AE949202F0EF6B17DD3CC5C117AD3] - 10/12/2009 - 08:33:34 ---A- . (.Intel Corporation - Intel® Gigabit Adapter NDIS 5.x driver.) -- C:\WINDOWS\system32\drivers\e1k5132.sys [167080] O58 - SDL:[MD5.3FCC124B6E08EE0E9351F717DD136939] - 07/01/2005 - 16:07:18 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys [138752] O58 - SDL:[MD5.2A013E7530BEAB6E569FAA83F517E836] - 07/01/2005 - 16:07:16 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [145920] O58 - SDL:[MD5.A88485DC6A7136C10D9A6C7E38FDFE3C] - 17/09/2009 - 11:54:14 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\WINDOWS\system32\drivers\HECI.sys [41088] O58 - SDL:[MD5.0D13842210353435FC1FB35CA7807644] - 30/06/2009 - 10:58:00 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys [210304] O58 - SDL:[MD5.E08CA06BD56B66D6565123445ADB37A6] - 30/06/2009 - 10:58:00 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys [731264] O58 - SDL:[MD5.8BC605518B1052DB7011E5C4CC8417BF] - 30/06/2009 - 10:59:00 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys [986240] O58 - SDL:[MD5.39F7C9AEEE865FE8E98CF3EDD2B4BB4A] - 15/01/2010 - 12:06:56 ---A- . (.Intel Corporation - Intel Rapid Storage Technology - x86.) -- C:\WINDOWS\system32\drivers\iaStor.sys [433176] O58 - SDL:[MD5.400D7095D5AE08970F839BCAC1843106] - 18/11/2009 - 13:03:36 ---A- . (.Lenovo. - ThinkPad Power Management Driver.) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys [26608] O58 - SDL:[MD5.CF580905F0963521ACB3F88583466BB2] - 23/02/2010 - 15:06:32 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [1987456] O58 - SDL:[MD5.03C0D99BC2913226F1CEA7CB0D984659] - 10/02/2010 - 14:01:10 ---A- . (.Intel Corporation - Intel® Turbo Boost Technology Driver.) -- C:\WINDOWS\system32\drivers\Impcd.sys [132352] O58 - SDL:[MD5.A58A567B601866BEE62D8DDA78E6E101] - 19/01/2010 - 03:50:10 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\WINDOWS\system32\drivers\IntcDAud.sys [235520] O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 18/06/2006 - 21:26:00 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [12672] O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 17/08/2001 - 20:52:12 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys [17280] O58 - SDL:[MD5.3BC15801F7B9DD2D16897A38A962CE56] - 13/01/2010 - 07:24:42 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\system32\drivers\NETw5x32.sys [6598656] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 02/03/2006 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 17/09/2007 - 14:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [21632] O58 - SDL:[MD5.B4079D61B5C6B4919BDE17C38202E236] - 28/05/2010 - 16:29:39 ---A- . (...) -- C:\WINDOWS\system32\drivers\pmxdrv.sys [816792] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 02/03/2006 - 04:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 17/08/2001 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys [40320] O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 17/08/2001 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys [45312] O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 17/08/2001 - 20:52:18 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys [49024] O58 - SDL:[MD5.571E6AE8D33F6AAAF342D0919630F901] - 12/02/2009 - 13:43:00 ---A- . (.REDC - RICOH MS Driver.) -- C:\WINDOWS\system32\drivers\rimspe86.sys [45056] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 02/03/2006 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 02/03/2006 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.180A0296BF259C1AEEB8DC100CC87A31] - 04/05/2007 - 20:40:22 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\WINDOWS\system32\drivers\RTL8187B.sys [215040] O58 - SDL:[MD5.E7958E8ACDA7CA20127EF5F2235F25CC] - 10/08/2009 - 23:46:38 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- C:\WINDOWS\system32\drivers\s24trans.sys [13952] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.DE0A165D9F8EA295E62EA702EF2F8125] - 20/11/2007 - 18:35:48 ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\WINDOWS\system32\drivers\ser2pl.sys [49792] O58 - SDL:[MD5.732D859B286DA692119F286B21A2A114] - 03/08/2004 - 22:07:44 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\SISAGP.SYS [41088] O58 - SDL:[MD5.3D7EF286E806F9BD9339AA52E28DCD67] - 02/10/2002 - 09:57:12 ---A- . (.Windows ® 2000 DDK provider - Sample NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\drivers\SjyPkt.sys [13532] O58 - SDL:[MD5.3C3F7F424E324C6971632C5DE5FF458F] - 12/05/2008 - 17:04:02 ---A- . (.Lenovo Group Limited - SMI Driver for Lenovo system.) -- C:\WINDOWS\system32\drivers\smiif32.sys [13480] O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 17/08/2001 - 21:07:44 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys [19072] O58 - SDL:[MD5.8AFA1B80366276F8345A6B61E0DF2F3E] - 08/06/2007 - 08:58:46 ---A- . (.STMicroelectronics, INC - TPM Device Driver.) -- C:\WINDOWS\system32\drivers\stm_tpm.sys [21504] O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 17/08/2001 - 21:07:34 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys [16256] O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 17/08/2001 - 21:07:36 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys [32640] O58 - SDL:[MD5.4BB2650C21AFDE8ED0F62E99631AE3AF] - 27/08/2007 - 16:13:16 ---A- . (.Symantec Corporation - DNS Filter Driver.) -- C:\WINDOWS\system32\drivers\symdns.sys [12680] O58 - SDL:[MD5.49B20B430A4F219173F823536944474A] - 24/04/2009 - 14:34:57 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS [110952] O58 - SDL:[MD5.DBBB6661E0950DB4FC9CBC74F579EE96] - 27/08/2007 - 16:13:20 ---A- . (.Symantec Corporation - Firewall Filter Driver.) -- C:\WINDOWS\system32\drivers\symfw.sys [97672] O58 - SDL:[MD5.B6A34050D093A0274FFCA9491C9C3C7F] - 27/08/2007 - 16:13:28 ---A- . (.Symantec Corporation - IDS Filter Driver.) -- C:\WINDOWS\system32\drivers\symids.sys [31624] O58 - SDL:[MD5.1D064D62AB3DC621E9796CF470779901] - 27/08/2007 - 16:13:24 ---A- . (.Symantec Corporation - NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\symndis.sys [28040] O58 - SDL:[MD5.E919F0922248A826964428F479A3DC24] - 27/08/2007 - 16:13:32 ---A- . (.Symantec Corporation - Redirector Filter Driver.) -- C:\WINDOWS\system32\drivers\symredrv.sys [23944] O58 - SDL:[MD5.C177D5A655AF572C456EC977582B9BC0] - 27/08/2007 - 16:13:36 ---A- . (.Symantec Corporation - Network Dispatch Driver.) -- C:\WINDOWS\system32\drivers\symtdi.sys [189320] O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 17/08/2001 - 21:07:40 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys [28384] O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 17/08/2001 - 21:07:42 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys [30688] O58 - SDL:[MD5.0953D53A2D272DE4C4BE1E6C6A2C90D4] - 03/12/2009 - 16:45:24 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [230832] O58 - SDL:[MD5.3724DFF72B0F5307CF761CC91C2BB9F7] - 26/03/2008 - 13:21:06 ---A- . (.Intel Corporation - Intel® Trusted Platform Module Driver.) -- C:\WINDOWS\system32\drivers\tpm.sys [13824] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 02/03/2006 - 04:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 17/08/2001 - 20:52:22 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys [36736] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 02/03/2006 - 04:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.55A928C40C11870DF5B90300BA329878] - 01/07/2006 - 03:27:02 ---A- . (.VMware, Inc. - VMware SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\vmscsi.sys [10880] O58 - SDL:[MD5.070BA202806EA135B8AB5FC1622CAA19] - 01/07/2006 - 03:27:04 ---A- . (.VMware, Inc. - VMware PCI Ethernet Adapter.) -- C:\WINDOWS\system32\drivers\vmxnet.sys [22528] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - C:\Windows\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.4.5.0 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe - Application Policy Service (Application Policy Service) .(.Pas de propriétaire - Application Policy Service.) - LEG O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe - Symantec Event Manager (ccEvtMgr) .(.Symantec Corporation - Symantec Event Manager Service.) - LEGACY_CCEVTMGR O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe - Symantec Settings Manager (ccSetMgr) .(.Symantec Corporation - Symantec Settings Manager Service.) - LEGACY_CCSETMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\DefWatch.exe - Symantec AntiVirus Definition Watcher (DefWatch) .(.Symantec Corporation - Virus Definition Daemon.) - LEGACY_DEFWATCH O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL O64 - Services: CurCS - (.not file.) - EraserUtilDrv11010 (EraserUtilDrv11010) .(...) - LEGACY_ERASERUTILDRV11010 O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(...) - LEGACY_ERASERUTILDRVI7 O64 - Services: CurCS - (.not file.) - EraserUtilDrvI9 (EraserUtilDrvI9) .(...) - LEGACY_ERASERUTILDRVI9 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - C:\Program Files\Intel\WiFi\bin\EvtEng.exe - Intel® PROSet/Wireless Event Log (EvtEng) .(.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - LEGACY_EVTENG O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\I2OMGMT.sys - i2omgmt (i2omgmt) .(...) - LEGACY_I2OMGMT O64 - Services: CurCS - C:\WINDOWS\system32\ibmpmsvc.exe - ThinkPad PM Service (IBMPMSVC) .(.Lenovo. - ThinkPad Power Management Service.) - LEGACY_IBMPMSVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\System32\DRIVERS\smiif32.sys - Lenovo System Interface Driver (lenovo.smi) .(.Lenovo Group Limited - SMI Driver for Lenovo system.) - LEGACY_LENOVO.SMI O64 - Services: CurCS - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe - LiveUpdate (LiveUpdate) .(.Symantec Corporation - LiveUpdate Engine COM Module.) - LEGACY_LIVEUPDATE O64 - Services: CurCS - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe - Intel® Management and Security Application Local Management Service (LMS) .(.Intel Corporation - Local Manageability Service.) - LEGACY_LMS O64 - Services: CurCS - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc2B.tmp (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Program Files\lotus\notes\ntmulti.exe - Multi-user Cleanup Service (Multi-user Cleanup Service) .(.IBM Corp - IBM Lotus Notes/Domino.) - LEGACY_MULTI-USER_CLEANUP_SERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - mup (mup) .(...) - LEGACY_MUP O64 - Services: CurCS - C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20110406.003\naveng.sys - NAVENG (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG O64 - Services: CurCS - C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20110406.003\navex15.sys - NAVEX15 (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - ndis (ndis) .(...) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\system32\drivers\pmxdrv.sys - pmxdrv (pmxdrv) .(...) - LEGACY_PMXDRV O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\RDPWD.sys - RDPWD (RDPWD) .(...) - LEGACY_RDPWD O64 - Services: CurCS - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe - Intel® PROSet/Wireless Registry Service (RegSrvc) .(.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - LEGACY_REGSRVC O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS O64 - Services: CurCS - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe - Intel® PROSet/Wireless WiFi Service (S24EventMonitor) .(.Intel® Corporation - Intel® Wireless Management Service.) - LEGACY_S24EVENTMONITOR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\s24trans.sys - Transport RLAN (s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\SavRoam.exe - SAVRoam (SavRoam) .(.symantec - SAVRoam.) - LEGACY_SAVROAM O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\savrt.sys - SAVRT (SAVRT) .(.Symantec Corporation - AutoProtect.) - LEGACY_SAVRT O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\Savrtpel.sys - SAVRTPEL (SAVRTPEL) .(.Symantec Corporation - SAVRTPEL.) - LEGACY_SAVRTPEL O64 - Services: CurCS - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer (ServiceLayer) .(.Nokia. - ServiceLayer Module.) - LEGACY_SERVICELAYER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SjyPkt.sys - SjyPkt (SjyPkt) .(.Windows ® 2000 DDK provider - Sample NDIS 5.0 Protocol Driver.) - LEGACY_SJYPKT O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys - SPBBCDrv (SPBBCDrv) .(.Symantec Corporation - SPBBC Driver.) - LEGACY_SPBBCDRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe - Symantec SPBBCSvc (SPBBCSvc) .(.Symantec Corporation - SPBBC Service.) - LEGACY_SPBBCSVC O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\Rtvscan.exe - Symantec AntiVirus (Symantec AntiVirus) .(.Symantec Corporation - Symantec AntiVirus.) - LEGACY_SYMANTEC_ANTIVIRUS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SYMEVENT.sys - SymEvent (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SYMREDRV.sys - SYMREDRV (SYMREDRV) .(.Symantec Corporation - Redirector Filter Driver.) - LEGACY_SYMREDRV O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SYMTDI.sys - SYMTDI (SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TDTCP.sys - TDTCP (TDTCP) .(...) - LEGACY_TDTCP O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE O64 - Services: CurCS - (.not file.) - TPHKDRV (TPHKDRV) .(...) - LEGACY_TPHKDRV O64 - Services: CurCS - (.not file.) - Incrustation (TPHKSVC) .(...) - LEGACY_TPHKSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS O64 - Services: CurCS - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe - Intel® Management & Security Application User Notification Service (UNS) .(.Intel Corporation - User Notification Service.) - LEGACY_UNS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA O64 - Services: CurCS - (.not file.) - vobiw (vobiw) .(...) - LEGACY_VOBIW O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.BB293FCB20C81ADE8F67706D3CDE2768] [sPRF] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\mbam-setup-1.50.1.1100.exe [117129] [MD5.00000000000000000000000000000000] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\dwm.exe [174592] [MD5.B9B0ABB41ABA16E2562B261F5F9D9323] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\init.dll [701] [MD5.B9B0ABB41ABA16E2562B261F5F9D9323] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\sound.dll [701] [MD5.E1B2F0D273D1E47E4A18ABBBE8139A62] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\SYSTEM32.dll [6] ---\\ Scan Additionnel (O88) Database Version : 4762 - (08/04/2011) [HKCR\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo [HKCR\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}] =>Adware.Bandoo [HKCU\Software\microsoft\handle] =>Malware.Trace [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit [HKLM\Software\Canneverbe Limited\OpenCandy] =>Adware.OpenCandy [HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.bandoocore] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.bandoocore.1] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.resourcesmngr] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.resourcesmngr.1] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.settingsmngr] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.settingsmngr.1] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.statisticmngr] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.statisticmngr.1] =>Adware.Bandoo [HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo [HKLM\Software\Classes\Toolbar.ct2504091] =>Adware.Agent [HKLM\Software\Classes\TypeLib\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971}] =>Adware.Bandoo [HKLM\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\conduitEngine] =>Toolbar.Conduit [HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit C:\Documents and Settings\Administrateur\Application Data\\OfferBox =>PUP.OfferBox C:\Documents and Settings\Administrateur\Application Data\\OpenCandy =>Adware.OpenCandy C:\Program Files\Windows Searchqu Toolbar =>Adware.Bandoo ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 06/04/2011 5329408 | (Application Policy Service) . (...) - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe SR - | Auto 29/05/2007 192104 | (ccEvtMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe SR - | Auto 29/05/2007 169576 | (ccSetMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe SR - | Auto 07/10/2007 31160 | (DefWatch) . (.Symantec Corporation.) - C:\Program Files\Symantec AntiVirus\DefWatch.exe SS - | Demand 02/03/2006 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SR - | Auto 19/01/2010 858384 | (EvtEng) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe SS - | Auto 08/12/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 08/12/2010 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 18/11/2009 38248 | (IBMPMSVC) . (.Lenovo..) - C:\WINDOWS\system32\ibmpmsvc.exe SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe SS - | Demand 28/08/2007 2999664 | (LiveUpdate) . (.Symantec Corporation.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe SR - | Auto 09/12/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe SS - | Disabled 09/12/2009 0 | C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc2B.tmp (mchInjDrv) . (...) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc2B.tmp SR - | Auto 01/12/2005 57393 | (Multi-user Cleanup Service) . (.IBM Corp.) - C:\Program Files\lotus\notes\ntmulti.exe SR - | Auto 19/01/2010 473360 | (RegSrvc) . (.Intel® Corporation.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe SR - | Auto 19/01/2010 954368 | (S24EventMonitor) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe SR - | Auto 07/10/2007 116664 | (SavRoam) . (.symantec.) - C:\Program Files\Symantec AntiVirus\SavRoam.exe SS - | Demand 12/02/2008 353792 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SS - | Demand 27/08/2007 214408 | (SNDSrvc) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe SR - | Auto 26/07/2007 1181016 | (SPBBCSvc) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe SR - | Auto 07/10/2007 1822648 | (Symantec AntiVirus) . (.Symantec Corporation.) - C:\Program Files\Symantec AntiVirus\Rtvscan.exe SR - | Auto 09/12/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Administrateur at 09/04/2011 15:36:55 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys C:\WINDOWS\system32\drivers\iaStor.sys Intel Corporation Intel Rapid Storage Technology 1 ntkrnlpa!IofCallDriver[0x804EF1A0] -> \Device\Harddisk0\DR0[0x89CBCAB8] 3 CLASSPNP[0xB98E905B] -> ntkrnlpa!IofCallDriver[0x804EF1A0] -> \Device\00000075[0x89CC49A8] 5 ACPI[0xB977E620] -> ntkrnlpa!IofCallDriver[0x804EF1A0] -> \Device\Ide\IAAStorageDevice-1[0x89CE0028] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, Run by Administrateur at 09/04/2011 15:36:57 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ********* Dump File Header ********* Windows Version: Windows XP Professional Windows Information: Service Pack 2 (build 2600) Logical Drives Mask: 0x0000001c ********* Dump File Analysis ********* Windows XP MBR code detected End of the scan (1091 lines in 01mn 15s)(0) Quelqu'un peut-il m'aider ? Merci
- le 10 avril 2011
- 1 réponse

Connexion

PIPLAPAL

Compteur de contenus

Inscription

Dernière visite

Autres informations

PIPLAPAL's Achievements

Junior Member (3/12)

Réputation sur la communauté

mon pc est infecté aussi

Zebulon

Outils en ligne

Naviguer