cecile24

ouais 14h, mais il s est bloqué pendant la nuit avec un message, je l est débloqué que ce matin, je te remercie infiniment pour tous ces précieux conseil, secunia travaille en ce moment même... qu on se le dise Apollo creed boxe les virus!

bonjours apollo, j ai viré l exe ( ce que je voulais dire c est qu il n est pas dans "ajouter supprimer des programmes") log kapersky Analyse automatique: terminée : il y a 14 minutes (évênements : 2, objets : 1662802, durée : 14:00:31) 02/06/2011 21:54:55 Lancement de la tâche 03/06/2011 11:55:28 Fin de la tâche encore merci.

j ai bien cherché "plop" ...mais il est introuvable. j ai l icone sur le bureau pour installer mais pas de raccourcis ou autre.

merci Apollo, le pc va mieux, et je n ai plus de redirection "gomeo"...oufffffff. par contre zhpdiag plante a chaque coup. mais il a quand meme réussit a finir un scan une fois (même message d erreur). le pc n est pas très stable, on dirait qu il a des humeurs, lol. combofix n est pas installé sur la machine??? je ne le vois pas dans les programmes. par contre j ai trouvé et supprimé C:/qoobox. Je comprend pas tout la. je lance le scan kapersky et le poste demain matin. As tu besoin du log de zhp en mode normal? @++

voila le rapport mbam Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 6753 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 02/06/2011 17:51:08 mbam-log-2011-06-02 (17-51-08).txt Type d'examen: Examen complet (C:\|D:\|E:\|M:\|) Elément(s) analysé(s): 358632 Temps écoulé: 1 heure(s), 1 minute(s), 0 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

log combofix http://www.cijoint.fr/cj201106/cijwW3Htui.txt

ou en .txt "ci joint" http://www.cijoint.fr/cj201106/cijZsBH1HT.txt

toujours le message d erreur, passage en sans échec... voila le rapport Download ZHPDiagf from Sendspace.com - send big files the easy way merci apollo.

impossible de realiser un zhp diag sans le mode sans echec... "exeption processing message c0000013 parameters 75afbf7c 4 75afbf7c 75afbf7c" 6* ce message.

Merci de cette reponse rapide. Le fichier 5600 serie est un dossier. il n y a aucun fichier caché du meme nom dans ce dossier. le rapport tdss killer 2011/06/02 01:12:47.0328 0812 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24 2011/06/02 01:12:47.0421 0812 ================================================================================ 2011/06/02 01:12:47.0421 0812 SystemInfo: 2011/06/02 01:12:47.0421 0812 2011/06/02 01:12:47.0421 0812 OS Version: 5.1.2600 ServicePack: 3.0 2011/06/02 01:12:47.0421 0812 Product type: Workstation 2011/06/02 01:12:47.0421 0812 ComputerName: CECILE 2011/06/02 01:12:47.0421 0812 UserName: Compaq_Propriétaire 2011/06/02 01:12:47.0421 0812 Windows directory: C:\WINDOWS 2011/06/02 01:12:47.0421 0812 System windows directory: C:\WINDOWS 2011/06/02 01:12:47.0421 0812 Processor architecture: Intel x86 2011/06/02 01:12:47.0421 0812 Number of processors: 1 2011/06/02 01:12:47.0421 0812 Page size: 0x1000 2011/06/02 01:12:47.0421 0812 Boot type: Safe boot with network 2011/06/02 01:12:47.0421 0812 ================================================================================ 2011/06/02 01:12:57.0250 0812 Initialize success 2011/06/02 01:13:53.0828 2012 ================================================================================ 2011/06/02 01:13:53.0828 2012 Scan started 2011/06/02 01:13:53.0828 2012 Mode: Manual; 2011/06/02 01:13:53.0828 2012 ================================================================================ 2011/06/02 01:13:55.0781 2012 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 2011/06/02 01:13:55.0953 2012 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/06/02 01:13:56.0000 2012 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/06/02 01:13:56.0109 2012 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/06/02 01:13:56.0171 2012 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys 2011/06/02 01:13:56.0390 2012 AmdK8 (62271ff14baa810323ac816c5d355ba9) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 2011/06/02 01:13:56.0562 2012 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/06/02 01:13:56.0750 2012 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/06/02 01:13:56.0812 2012 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/06/02 01:13:56.0906 2012 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/06/02 01:13:56.0968 2012 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/06/02 01:13:57.0046 2012 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 2011/06/02 01:13:57.0328 2012 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/06/02 01:13:57.0375 2012 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 2011/06/02 01:13:57.0593 2012 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\WINDOWS\system32\DRIVERS\avipbb.sys 2011/06/02 01:13:57.0671 2012 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/06/02 01:13:57.0750 2012 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys 2011/06/02 01:13:57.0796 2012 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/06/02 01:13:57.0843 2012 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/06/02 01:13:57.0906 2012 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/06/02 01:13:57.0953 2012 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/06/02 01:13:58.0031 2012 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/06/02 01:13:58.0328 2012 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/06/02 01:13:58.0406 2012 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2011/06/02 01:13:58.0468 2012 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2011/06/02 01:13:58.0500 2012 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/06/02 01:13:58.0562 2012 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/06/02 01:13:58.0671 2012 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/06/02 01:13:58.0765 2012 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/06/02 01:13:58.0843 2012 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/06/02 01:13:58.0890 2012 FilterService (bcef16e3aedd1b44bca45f748d975d73) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys 2011/06/02 01:13:58.0953 2012 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2011/06/02 01:13:59.0031 2012 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/06/02 01:13:59.0093 2012 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/06/02 01:13:59.0328 2012 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/06/02 01:13:59.0359 2012 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/06/02 01:13:59.0453 2012 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 2011/06/02 01:13:59.0546 2012 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/06/02 01:13:59.0578 2012 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/06/02 01:13:59.0703 2012 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/06/02 01:13:59.0812 2012 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/06/02 01:13:59.0937 2012 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/06/02 01:14:00.0000 2012 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/06/02 01:14:00.0250 2012 IntcAzAudAddService (64be56b8858ca0153c725c720ffd194f) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2011/06/02 01:14:00.0312 2012 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys 2011/06/02 01:14:00.0375 2012 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/06/02 01:14:00.0406 2012 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/06/02 01:14:00.0468 2012 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/06/02 01:14:00.0484 2012 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/06/02 01:14:00.0562 2012 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/06/02 01:14:00.0609 2012 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/06/02 01:14:00.0671 2012 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/06/02 01:14:00.0875 2012 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/06/02 01:14:00.0968 2012 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/06/02 01:14:01.0046 2012 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/06/02 01:14:01.0125 2012 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/06/02 01:14:01.0281 2012 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys 2011/06/02 01:14:01.0390 2012 LVcKap (8113133ec42dd6c566908008ce913edd) C:\WINDOWS\system32\DRIVERS\LVcKap.sys 2011/06/02 01:14:01.0562 2012 LVMVDrv (0dd5b8af4917a2821047450195c511b3) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys 2011/06/02 01:14:01.0718 2012 lvpopflt (e1158b0cb852db0573922c92e6e564de) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys 2011/06/02 01:14:01.0812 2012 LVPr2Mon (406b1d186f75b4b4832d6237859e1b00) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 2011/06/02 01:14:01.0921 2012 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\WINDOWS\system32\drivers\LVUSBSta.sys 2011/06/02 01:14:02.0109 2012 LVUVC (eacd1eb2d82ed2adc753afeee1d4d660) C:\WINDOWS\system32\DRIVERS\lvuvc.sys 2011/06/02 01:14:02.0203 2012 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\WINDOWS\system32\drivers\mbam.sys 2011/06/02 01:14:02.0484 2012 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/06/02 01:14:02.0578 2012 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2011/06/02 01:14:02.0640 2012 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/06/02 01:14:02.0687 2012 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/06/02 01:14:02.0750 2012 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/06/02 01:14:02.0812 2012 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/06/02 01:14:02.0906 2012 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/06/02 01:14:02.0984 2012 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 2011/06/02 01:14:03.0015 2012 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/06/02 01:14:03.0062 2012 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/06/02 01:14:03.0093 2012 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/06/02 01:14:03.0140 2012 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/06/02 01:14:03.0218 2012 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/06/02 01:14:03.0250 2012 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/06/02 01:14:03.0296 2012 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/06/02 01:14:03.0375 2012 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/06/02 01:14:03.0406 2012 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/06/02 01:14:03.0468 2012 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/06/02 01:14:03.0484 2012 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/06/02 01:14:03.0546 2012 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/06/02 01:14:03.0593 2012 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/06/02 01:14:03.0640 2012 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/06/02 01:14:03.0671 2012 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/06/02 01:14:03.0765 2012 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/06/02 01:14:04.0156 2012 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/06/02 01:14:04.0218 2012 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/06/02 01:14:04.0281 2012 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/06/02 01:14:04.0390 2012 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/06/02 01:14:04.0531 2012 nv (ce58f42b11be20a47c3d8d2f38da254e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2011/06/02 01:14:04.0593 2012 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 2011/06/02 01:14:04.0625 2012 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 2011/06/02 01:14:04.0703 2012 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/06/02 01:14:04.0734 2012 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/06/02 01:14:04.0781 2012 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/06/02 01:14:04.0843 2012 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/06/02 01:14:04.0890 2012 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/06/02 01:14:04.0937 2012 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/06/02 01:14:04.0953 2012 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/06/02 01:14:05.0031 2012 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/06/02 01:14:05.0109 2012 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/06/02 01:14:05.0421 2012 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/06/02 01:14:05.0468 2012 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/06/02 01:14:05.0531 2012 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys 2011/06/02 01:14:05.0562 2012 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/06/02 01:14:05.0609 2012 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/06/02 01:14:05.0812 2012 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/06/02 01:14:05.0890 2012 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/06/02 01:14:05.0937 2012 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/06/02 01:14:05.0968 2012 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/06/02 01:14:06.0015 2012 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/06/02 01:14:06.0046 2012 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/06/02 01:14:06.0125 2012 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/06/02 01:14:06.0203 2012 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/06/02 01:14:06.0312 2012 RT73 (bf4709c002d632170dc15a282813d6b3) C:\WINDOWS\system32\DRIVERS\rt73.sys 2011/06/02 01:14:06.0359 2012 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 2011/06/02 01:14:06.0453 2012 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/06/02 01:14:06.0687 2012 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2011/06/02 01:14:06.0890 2012 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/06/02 01:14:07.0000 2012 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/06/02 01:14:07.0093 2012 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/06/02 01:14:07.0140 2012 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/06/02 01:14:07.0250 2012 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/06/02 01:14:07.0328 2012 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 2011/06/02 01:14:07.0437 2012 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/06/02 01:14:07.0484 2012 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/06/02 01:14:07.0531 2012 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/06/02 01:14:07.0765 2012 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/06/02 01:14:07.0875 2012 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/06/02 01:14:07.0937 2012 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/06/02 01:14:07.0984 2012 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/06/02 01:14:08.0031 2012 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/06/02 01:14:08.0156 2012 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/06/02 01:14:08.0312 2012 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/06/02 01:14:08.0578 2012 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys 2011/06/02 01:14:08.0656 2012 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2011/06/02 01:14:08.0781 2012 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/06/02 01:14:08.0843 2012 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/06/02 01:14:08.0875 2012 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/06/02 01:14:08.0937 2012 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/06/02 01:14:09.0000 2012 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/06/02 01:14:09.0078 2012 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/06/02 01:14:09.0109 2012 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/06/02 01:14:09.0171 2012 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/06/02 01:14:09.0234 2012 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/06/02 01:14:09.0265 2012 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 2011/06/02 01:14:09.0328 2012 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/06/02 01:14:09.0453 2012 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/06/02 01:14:09.0578 2012 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/06/02 01:14:09.0781 2012 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2011/06/02 01:14:09.0843 2012 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 2011/06/02 01:14:09.0921 2012 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/06/02 01:14:09.0984 2012 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/06/02 01:14:10.0031 2012 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/06/02 01:14:10.0187 2012 MBR (0x1B8) (fe47283db4ce4cac1ca52dfba19a7d3b) \Device\Harddisk0\DR0 2011/06/02 01:14:10.0203 2012 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/06/02 01:14:10.0218 2012 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR3 2011/06/02 01:14:10.0265 2012 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk2\DR4 2011/06/02 01:14:10.0312 2012 ================================================================================ 2011/06/02 01:14:10.0312 2012 Scan finished 2011/06/02 01:14:10.0312 2012 ================================================================================ 2011/06/02 01:14:10.0343 1912 Detected object count: 1 2011/06/02 01:14:10.0343 1912 Actual detected object count: 1 2011/06/02 01:14:34.0796 1912 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/06/02 01:14:34.0796 1912 \Device\Harddisk0\DR0 - ok 2011/06/02 01:14:34.0796 1912 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure

mon log zhp Rapport de ZHPDiag v1.27.218 par Nicolas Coolman, Update du 31/05/2011 Run by Compaq_Propriétaire at 01/06/2011 21:25:59 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut) ---\\ System Information Windows XP Home Edition Service Pack 3 (Build 2600) Processor: x86 Family 15 Model 79 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot) Total RAM: 958 MB (42% free) System Restore: Activé (Enable) System drive C: has 31 GB (13%) free of 227 GB ---\\ Logged in mode Computer Name: CECILE User Name: Compaq_Propriétaire All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HelpAssistant, Compaq_Propriétaire, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\Compaq_Propriétaire\Application Data %LocalAppData%=C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 31 Go of 227 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 6 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) M:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 931 Go) O:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.77C66BD5CED4E555919A5FB713322CDD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.23/02/2011 00:05:48.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ---\\ Processus lancés [MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [MD5.3B2CC09944488DB5ED5DFDC315C9AB57] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.FE30E4A6C01FF9B821725DE37DAF3B98] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [657920] ---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1) P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin.dll P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin2.dll P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin3.dll P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin4.dll P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin5.dll P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin6.dll P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin7.dll ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [Compaq_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Compaq_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Compaq_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Compaq_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Compaq_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Compaq_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Compaq_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_25 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=0.9.9] - (.the VideoLAN Team - Version 0.9.9, copyright 1996-2009 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll M0 - MFSP: prefs.js [Compaq_Propriétaire - 02hj9vlp.default] Google M2 - MFEP: prefs.js [Compaq_Propriétaire - 02hj9vlp.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.3.5.20110120033202 (.Yahoo!.) M2 - MFEP: prefs.js [Compaq_Propriétaire - 02hj9vlp.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.8.6 (.Michel Gutierrez.) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-55119402-2465375804-1673399848-1008\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19048 (longhorn_ie8_gdr.110221-1700)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe O4 - HKLM\..\Run: [Recguard] . (.Pas de propriétaire - Recguard Application.) -- C:\WINDOWS\SMINST\RECGUARD.exe O4 - HKLM\..\Run: [PCDrProfiler] Clé orpheline O4 - HKLM\..\Run: [autoclk] autoclk.exe O4 - HKLM\..\Run: [lxduamon] . (...) -- C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] . (.Pas de propriétaire - Fax Man Server.) -- C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe O4 - HKLM\..\Run: [KBD] . (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.exe O4 - HKLM\..\Run: [ALCMTR] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [Peer2Me] . (...) -- C:\Program Files\Peer2Me\Peer2Me.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-55119402-2465375804-1673399848-1008\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-55119402-2465375804-1673399848-1008\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-55119402-2465375804-1673399848-1008\..\Run: [Peer2Me] . (...) -- C:\Program Files\Peer2Me\Peer2Me.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk . (...) -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA0000000001}\SC_Reader.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\eBay.lnk . (...) -- C:\Program Files\Services en ligne\eBay\WizLink.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\My PC Choice.lnk . (...) -- C:\hp\VINETLINK\VINETLINK.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Safari.lnk . (...) -- C:\WINDOWS\Installer\{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}\SafariIco.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline O9 - Extra button: Console Java (Sun) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14) O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CS2\Services\Tcpip\..\{7D801783-3CBE-4233-8888-B1E92991C228}: NameServer = 10.1.1.22 O17 - HKLM\System\CCS\Services\Tcpip\..\{4199F2D5-3CA9-4C73-948E-C6686D4852A4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51 O17 - HKLM\System\CS1\Services\Tcpip\..\{4199F2D5-3CA9-4C73-948E-C6686D4852A4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51 O17 - HKLM\System\CS2\Services\Tcpip\..\{4199F2D5-3CA9-4C73-948E-C6686D4852A4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} . (.Skyline software systems Inc. - TerraExplorerX DLL.) -- C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Pas de propriétaire - Pas de description.) -- WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: (lxduCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe O23 - Service: (lxdu_device) . (.Pas de propriétaire - Printer Communication System.) - C:\WINDOWS\system32\lxducoms.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.05.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\System32\DRIVERS\AmdK8.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {853A4763-6643-4604-8D64-28BDD8925F4C} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817-A060-341AB17C3F90} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDBurnerXP - (.Canneverbe Limited.) [HKLM] -- {5932A5C4-BB44-4CFB-AD66-1B826F4D788B} O42 - Logiciel: Coffret de pilotes Logitech QuickCam - (.Pas de propriétaire.) [HKLM] -- lvdrivers_11.50 O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: Driver Genius Professional Edition - (.Driver-Soft Inc..) [HKLM] -- Driver Genius Professional Edition_is1 O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD O42 - Logiciel: Free HD Converter V 1.6 - (.Koyote Soft.) [HKLM] -- Free HD Converter_is1 O42 - Logiciel: Free Mp3 Wma Converter V 1.9 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1 O42 - Logiciel: Free Video Converter V 2.6 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1 O42 - Logiciel: Full Tilt Poker - (.Pas de propriétaire.) [HKLM] -- {D4C9692E-4EFA-4DA0-8B7F-9439466D9E31} O42 - Logiciel: HP Software Update - (.HEWLET~1|Hewlett-Packard.) [HKLM] -- {BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Java 6 Update 25 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216015FF} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Lexmark 5600-6600 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark 5600-6600 Series O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] -- {945AC98B-3DC8-45BE-BAE0-22CEEE37A103} O42 - Logiciel: Ludi - (.Pas de propriétaire.) [HKLM] -- Ludi O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {A43BF6A5-D5F0-4AAA-BF41-65995063EC44} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack - (.Microsoft Corporation.) [HKLM] -- {E3C080B0-23F5-49AF-89F8-8E8DBC89E659} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {A059DE09-1B49-4450-B340-7AE097EC3F04} O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.0 French Language Pack O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr) O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce - (.Microsoft Corporation.) [HKLM] -- KB909520 O42 - Logiciel: Peer2Me - (.Peer2Me.) [HKLM] -- {C783600B-C726-4481-9BBE-06F560CF8968} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C} O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva O42 - Logiciel: SAGEM F@st 800-840 - (.Pas de propriétaire.) [HKLM] -- {4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F} O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CEF209AB-F96D-404F-B5CC-44057C057CA3} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2 O42 - Logiciel: TerraExplorer - (.Skyline Software Systems, Inc..) [HKLM] -- TerraExplorer O42 - Logiciel: TomTom HOME 2.7.6.2056 - (.TomTom.) [HKLM] -- TomTom HOME O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: Transform XP to Vista 3.1 - (.OrdinarySoft.) [HKLM] -- Transform XP to Vista_is1 O42 - Logiciel: USB Storage Driver - (.Pas de propriétaire.) [HKLM] -- GENEUIDE O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2536413) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{95DF5260-331D-4FFD-A2D5-C64164751945} O42 - Logiciel: VLC media player 0.9.9 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Vista Start Menu 3.54 - (.OrdinarySoft.) [HKLM] -- Vista Start Menu_is1 O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27} O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Warcraft III - (.Pas de propriétaire.) [HKCU] -- Warcraft III O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840} O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] -- {6901DD22-527A-41EF-9059-E81FEDE9E494} O42 - Logiciel: Windows Search 4.0 - (.Microsoft Corporation.) [HKLM] -- KB940157 O42 - Logiciel: Windows Workflow Foundation FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {B84C141C-9A13-44BE-9A69-301D7B11D836} O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {353FE16B-30FE-469A-BF55-B978F4218003} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\ALWIL Software] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Avira] [HKCU\Software\BackWeb] [HKCU\Software\Blizzard Entertainment] [HKCU\Software\Brother] [HKCU\Software\CDBurnerXP] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Citrix] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\DT Soft] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\Emulators] [HKCU\Software\F-Secure] [HKCU\Software\FRANCE TELECOM] [HKCU\Software\Full Tilt Poker] [HKCU\Software\GameSpy] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\ImageViewer] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Leadertech] [HKCU\Software\Lexmark 5600-6600 Series] [HKCU\Software\LexmarkInkjet] [HKCU\Software\Lexmark] [HKCU\Software\Logitech] [HKCU\Software\Ludi] [HKCU\Software\Macromedia] [HKCU\Software\Magix] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Opera Software] [HKCU\Software\Ordinarysoft] [HKCU\Software\PTP] [HKCU\Software\Peer2Me] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\SCC] [HKCU\Software\SFX TEAM] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SecuROM] [HKCU\Software\Skyline] [HKCU\Software\Skype] [HKCU\Software\Softthinks] [HKCU\Software\Sonic] [HKCU\Software\TomTom] [HKCU\Software\Trend Micro] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Western Digital] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Windows Live Writer] [HKCU\Software\Windows Live] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\Zylom] [HKCU\Software\eMule] [HKLM\Software\58f] [HKLM\Software\781] [HKLM\Software\ABBYY] [HKLM\Software\ACE Compression Software] [HKLM\Software\ALWIL Software] [HKLM\Software\Adobe] [HKLM\Software\Analog Devices] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\Brother] [HKLM\Software\C07ft5Y] [HKLM\Software\Caphyon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Data Fellows] [HKLM\Software\Debug] [HKLM\Software\Driver-Soft] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\Eset] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\FaxMan5600-6600SeriesPorts] [HKLM\Software\Full Tilt Poker] [HKLM\Software\GEAR Software] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HPQ] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LexmarkInkjet] [HKLM\Software\Lexmark] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Magix] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Opendisc] [HKLM\Software\PKR] [HKLM\Software\Piriform] [HKLM\Software\PoINT] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Python] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SCC] [HKLM\Software\Safer Networking Limited] [HKLM\Software\ScanSoft] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Sierra OnLine] [HKLM\Software\Skyline] [HKLM\Software\Skype] [HKLM\Software\Symantec] [HKLM\Software\TomTom] [HKLM\Software\TrendMicro] [HKLM\Software\VideoLAN] [HKLM\Software\Wilson WindowWare] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\Zeon] [HKLM\Software\ffffffff] [HKLM\Software\mozilla.org] [HKLM\Software\sagem] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 11/01/2010 - 16:30:28 - [121152012] ----D- C:\Program Files\Abbyy FineReader 6.0 Sprint O43 - CFD: 01/06/2011 - 21:06:28 - [484599] ----D- C:\Program Files\Ad-Remover O43 - CFD: 12/02/2011 - 17:00:08 - [114255585] ----D- C:\Program Files\Adobe O43 - CFD: 03/08/2008 - 20:35:24 - [0] ----D- C:\Program Files\Alwil Software O43 - CFD: 11/01/2010 - 17:24:16 - [2221118] ----D- C:\Program Files\Apple Software Update O43 - CFD: 30/05/2011 - 20:38:26 - [0] ----D- C:\Program Files\AVAST Software O43 - CFD: 01/06/2011 - 09:07:34 - [118368285] ----D- C:\Program Files\Avira O43 - CFD: 22/04/2011 - 16:14:10 - [603931] ----D- C:\Program Files\Bonjour O43 - CFD: 03/08/2008 - 20:20:26 - [10900475] ----D- C:\Program Files\Brother O43 - CFD: 11/11/2010 - 13:07:38 - [3230912] ----D- C:\Program Files\CCleaner O43 - CFD: 12/01/2010 - 12:27:26 - [13401856] ----D- C:\Program Files\CDBurnerXP O43 - CFD: 20/10/2005 - 21:06:30 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 28/10/2010 - 08:30:18 - [3701952] ----D- C:\Program Files\Defraggler O43 - CFD: 28/11/2010 - 18:14:20 - [26315369] ----D- C:\Program Files\Driver-Soft O43 - CFD: 24/05/2011 - 14:04:36 - [3473622180] ----D- C:\Program Files\eMule O43 - CFD: 26/05/2011 - 10:10:08 - [495411845] ----D- C:\Program Files\Fichiers communs O43 - CFD: 11/01/2010 - 17:04:28 - [24113875] ----D- C:\Program Files\Free Audio Pack O43 - CFD: 11/01/2010 - 17:12:58 - [23070892] ----D- C:\Program Files\Free HD Converter O43 - CFD: 14/11/2010 - 18:18:30 - [11433455] ----D- C:\Program Files\Free Video Converter O43 - CFD: 25/01/2011 - 00:06:18 - [68763315] ----D- C:\Program Files\Full Tilt Poker O43 - CFD: 11/01/2010 - 15:03:20 - [1082864] ----D- C:\Program Files\Google O43 - CFD: 16/06/2006 - 10:56:32 - [4932961] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 16/01/2010 - 02:26:28 - [10020270] ----D- C:\Program Files\HP O43 - CFD: 16/01/2010 - 02:26:16 - [3537446] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 16/04/2011 - 12:28:24 - [6131816] ----D- C:\Program Files\Internet Explorer O43 - CFD: 22/04/2011 - 16:17:36 - [1856627] ----D- C:\Program Files\iPod O43 - CFD: 22/04/2011 - 16:18:30 - [128196056] ----D- C:\Program Files\iTunes O43 - CFD: 30/05/2011 - 03:46:40 - [81807635] ----D- C:\Program Files\Java O43 - CFD: 11/01/2010 - 15:26:28 - [148199004] ----D- C:\Program Files\Lexmark 5600-6600 Series O43 - CFD: 11/01/2010 - 15:42:18 - [18158794] ----D- C:\Program Files\Logitech O43 - CFD: 16/07/2010 - 16:38:00 - [5780890] ----D- C:\Program Files\Ludi O43 - CFD: 26/05/2011 - 09:32:16 - [58680723] ----D- C:\Program Files\MAGIX O43 - CFD: 01/06/2011 - 00:16:44 - [7583078] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 06/10/2008 - 12:08:16 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 18/05/2007 - 08:59:22 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 27/10/2005 - 00:36:16 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 04/03/2010 - 13:21:00 - [567651091] ----D- C:\Program Files\Microsoft Office O43 - CFD: 29/06/2008 - 19:52:16 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 04/03/2010 - 13:20:56 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 04/03/2010 - 13:17:24 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 10/03/2010 - 17:59:36 - [151239067] ----D- C:\Program Files\Microsoft Works O43 - CFD: 04/03/2010 - 13:20:10 - [8152064] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 20/08/2010 - 14:07:20 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 26/05/2011 - 12:11:30 - [34409940] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 04/03/2010 - 13:21:12 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 11/01/2010 - 14:44:02 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 27/10/2005 - 00:36:32 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 16/03/2007 - 01:50:10 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 03/08/2008 - 22:26:58 - [6849] ----D- C:\Program Files\MSXML 6.0 O43 - CFD: 03/08/2008 - 23:03:36 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 27/10/2005 - 00:36:44 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 22/04/2010 - 17:09:20 - [1122625] ----D- C:\Program Files\Opera O43 - CFD: 15/12/2010 - 12:15:32 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 16/04/2011 - 12:49:26 - [701859] ----D- C:\Program Files\Peer2Me O43 - CFD: 25/01/2011 - 21:40:02 - [80651004] ----D- C:\Program Files\PS3 Media Server O43 - CFD: 17/12/2010 - 10:57:34 - [76322555] ----D- C:\Program Files\QuickTime O43 - CFD: 29/05/2010 - 15:37:20 - [1963872] ----D- C:\Program Files\Recuva O43 - CFD: 03/08/2008 - 22:21:14 - [37084929] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 30/05/2011 - 09:42:24 - [42293002] ----D- C:\Program Files\Safari O43 - CFD: 07/12/2006 - 17:37:42 - [10471869] ----D- C:\Program Files\SAGEM O43 - CFD: 12/07/2008 - 19:42:44 - [0] ----D- C:\Program Files\ScanSoft O43 - CFD: 16/06/2006 - 10:57:54 - [79839674] ----D- C:\Program Files\Services en ligne O43 - CFD: 31/03/2010 - 01:19:18 - [34248154] ----D- C:\Program Files\Skyline O43 - CFD: 11/01/2010 - 15:48:14 - [29807305] R---D- C:\Program Files\Skype O43 - CFD: 22/04/2010 - 17:04:34 - [7458816] ----D- C:\Program Files\Sonic O43 - CFD: 31/05/2011 - 20:06:04 - [64715736] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 30/05/2011 - 13:24:20 - [4680512] ----D- C:\Program Files\Spybot - Search & Destroy 2 O43 - CFD: 07/10/2009 - 16:31:28 - [1226139] ----D- C:\Program Files\SuperCopier2 O43 - CFD: 23/04/2010 - 22:52:12 - [50448426] ----D- C:\Program Files\TomTom HOME 2 O43 - CFD: 23/04/2010 - 22:52:20 - [22486] ----D- C:\Program Files\TomTom International B.V O43 - CFD: 11/01/2010 - 15:30:24 - [3959996] ----D- C:\Program Files\Transform XP to Vista O43 - CFD: 01/06/2011 - 19:53:26 - [478728] ----D- C:\Program Files\Trend Micro O43 - CFD: 20/10/2005 - 21:06:02 - [0] ----D- C:\Program Files\Uninstall Information O43 - CFD: 21/12/2006 - 20:29:40 - [67429078] ----D- C:\Program Files\VideoLAN O43 - CFD: 11/01/2010 - 15:31:34 - [6315285] ----D- C:\Program Files\Vista Start Menu O43 - CFD: 07/12/2006 - 17:43:56 - [4587211] ----D- C:\Program Files\Wanadoo O43 - CFD: 22/02/2011 - 22:05:36 - [618072520] ----D- C:\Program Files\Warcraft III O43 - CFD: 13/09/2009 - 18:33:40 - [5418300] ----D- C:\Program Files\Windows Desktop Search O43 - CFD: 27/04/2011 - 01:37:04 - [0] ----D- C:\Program Files\Windows Live O43 - CFD: 24/01/2009 - 23:10:52 - [2545] ----D- C:\Program Files\Windows Live Toolbar O43 - CFD: 19/05/2007 - 14:22:06 - [3581070] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 03/08/2008 - 23:03:32 - [8749996] ----D- C:\Program Files\Windows Media Player O43 - CFD: 03/08/2008 - 23:03:30 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 20/10/2005 - 21:05:52 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 11/01/2010 - 15:39:50 - [3388073] ----D- C:\Program Files\WinRAR O43 - CFD: 27/10/2005 - 00:37:08 - [0] ----D- C:\Program Files\xerox O43 - CFD: 03/08/2008 - 20:09:04 - [1051764] ----D- C:\Program Files\Yahoo! O43 - CFD: 01/06/2011 - 21:26:04 - [4016397] ----D- C:\Program Files\ZHPDiag O43 - CFD: 12/02/2011 - 17:00:28 - [3515885] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 07/12/2006 - 17:32:50 - [823296] ----D- C:\Program Files\Fichiers Communs\AOL O43 - CFD: 22/04/2011 - 16:17:34 - [104129659] ----D- C:\Program Files\Fichiers Communs\Apple O43 - CFD: 04/03/2010 - 13:20:56 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 11/01/2010 - 14:39:40 - [0] ----D- C:\Program Files\Fichiers Communs\HP O43 - CFD: 03/08/2008 - 21:07:26 - [8855741] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 30/05/2011 - 03:46:40 - [1252295] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 11/01/2010 - 15:46:40 - [52305295] ----D- C:\Program Files\Fichiers Communs\LogiShrd O43 - CFD: 09/10/2009 - 01:24:30 - [7192] ----D- C:\Program Files\Fichiers Communs\MAGIX Shared O43 - CFD: 21/05/2011 - 12:26:42 - [267235616] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 27/10/2005 - 00:35:44 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 27/10/2005 - 00:35:44 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 27/05/2011 - 05:18:18 - [0] ----D- C:\Program Files\Fichiers Communs\PC Tools O43 - CFD: 24/01/2011 - 15:04:10 - [105852] ----D- C:\Program Files\Fichiers Communs\Real O43 - CFD: 27/10/2005 - 00:35:46 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 11/01/2010 - 15:48:12 - [1959208] ----D- C:\Program Files\Fichiers Communs\Skype O43 - CFD: 27/10/2005 - 00:35:46 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 27/03/2007 - 20:00:52 - [436312] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 17/01/2010 - 09:38:10 - [41361421] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 18/10/2010 - 10:52:56 - [1251011] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 29/06/2008 - 19:44:02 - [8000591] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD: 11/01/2010 - 15:23:46 - [44076] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\5600-6600 Series O43 - CFD: 07/12/2010 - 23:42:14 - [5542480] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Adobe O43 - CFD: 17/06/2007 - 13:40:36 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\AdobeUM O43 - CFD: 29/07/2010 - 02:27:14 - [5534480853] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Apple Computer O43 - CFD: 01/06/2011 - 10:08:20 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Avira O43 - CFD: 12/01/2010 - 14:09:46 - [7526] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Canneverbe_Limited O43 - CFD: 23/09/2006 - 08:36:12 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\CyberLink O43 - CFD: 28/05/2011 - 13:57:24 - [2199] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\dvdcss O43 - CFD: 28/03/2007 - 15:46:44 - [259464] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\F-Secure O43 - CFD: 11/01/2010 - 17:04:28 - [223] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\FreeAudioPack O43 - CFD: 11/01/2010 - 17:12:56 - [229] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\FreeHDConverter O43 - CFD: 11/01/2010 - 17:12:36 - [1633] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\FreeVideoConverter O43 - CFD: 15/03/2007 - 22:12:38 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Google O43 - CFD: 24/09/2006 - 16:06:30 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Help O43 - CFD: 13/10/2006 - 23:01:22 - [4772] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\HP O43 - CFD: 23/09/2006 - 14:04:14 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\HPQ O43 - CFD: 29/06/2008 - 18:51:26 - [1172] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Identities O43 - CFD: 07/10/2006 - 18:52:36 - [370] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Leadertech O43 - CFD: 18/01/2010 - 19:53:22 - [213172] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Lexmark Productivity Studio O43 - CFD: 15/03/2007 - 22:10:52 - [4367] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia O43 - CFD: 09/10/2009 - 01:41:20 - [435] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\MAGIX O43 - CFD: 19/05/2010 - 18:59:16 - [1053] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes O43 - CFD: 16/04/2011 - 12:46:04 - [5060803] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft O43 - CFD: 26/05/2011 - 12:17:42 - [19133248] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla O43 - CFD: 16/03/2007 - 00:42:16 - [856697] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\MSNInstaller O43 - CFD: 17/03/2010 - 22:19:26 - [74247] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Opera O43 - CFD: 24/01/2011 - 15:04:08 - [1225055] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Real O43 - CFD: 20/02/2011 - 21:05:06 - [1394458] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Skype O43 - CFD: 20/02/2011 - 17:07:06 - [57128] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\skypePM O43 - CFD: 07/10/2006 - 18:52:48 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sonic O43 - CFD: 16/03/2007 - 01:29:26 - [32901822] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun O43 - CFD: 23/09/2006 - 16:48:40 - [8704] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Template O43 - CFD: 11/01/2010 - 17:27:04 - [71575559] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\TomTom O43 - CFD: 19/08/2010 - 02:14:58 - [3207168] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\U3 O43 - CFD: 17/11/2010 - 19:32:00 - [3003328] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Vista Start Menu O43 - CFD: 30/04/2011 - 12:45:14 - [451483] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc O43 - CFD: 03/08/2008 - 22:28:06 - [196] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Windows Desktop Search O43 - CFD: 29/06/2008 - 20:39:44 - [315800] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Windows Live Writer O43 - CFD: 14/01/2010 - 19:05:18 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Windows Search O43 - CFD: 14/01/2010 - 02:36:34 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\WinRAR O43 - CFD: 16/03/2007 - 01:07:28 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Zylom O43 - CFD: 11/01/2010 - 16:31:08 - [11020] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\ABBYY O43 - CFD: 12/02/2011 - 16:59:28 - [144709536] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Adobe O43 - CFD: 11/01/2010 - 16:42:58 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Apple O43 - CFD: 29/07/2010 - 02:27:14 - [72230926] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Apple Computer O43 - CFD: 11/01/2010 - 14:38:10 - [49788] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\ApplicationHistory O43 - CFD: 31/08/2010 - 23:59:00 - [2760454] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\cache O43 - CFD: 06/10/2008 - 11:21:02 - [1146355] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Citrix O43 - CFD: 11/01/2010 - 21:59:40 - [2827776] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Downloaded Installations O43 - CFD: 12/03/2007 - 17:53:02 - [5851] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\DVDPlay O43 - CFD: 28/09/2010 - 00:05:14 - [584719] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\FullTiltPoker O43 - CFD: 24/01/2011 - 16:03:18 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google O43 - CFD: 24/09/2006 - 16:06:30 - [8628] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Help O43 - CFD: 13/10/2006 - 23:01:10 - [326120] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\HP O43 - CFD: 29/06/2008 - 18:51:26 - [1190536] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Identities O43 - CFD: 13/10/2006 - 23:01:20 - [579] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\IsolatedStorage O43 - CFD: 12/05/2011 - 19:13:28 - [188036687] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft O43 - CFD: 14/01/2010 - 16:39:32 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft Help O43 - CFD: 03/08/2008 - 21:54:36 - [50772126] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Mozilla O43 - CFD: 17/03/2010 - 22:19:26 - [334422] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Opera O43 - CFD: 23/09/2006 - 08:38:00 - [28437] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\PowerCinema O43 - CFD: 19/10/2010 - 23:22:36 - [1555] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\RcIncidents O43 - CFD: 13/07/2008 - 10:26:36 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Scansoft O43 - CFD: 13/01/2011 - 09:04:02 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Temp O43 - CFD: 26/05/2011 - 10:23:20 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Threat Expert O43 - CFD: 11/01/2010 - 17:27:04 - [2041588] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\TomTom O43 - CFD: 18/01/2011 - 16:51:12 - [2786] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Western Digital O43 - CFD: 29/06/2008 - 20:37:50 - [266755] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Windows Live Writer O43 - CFD: 06/03/2010 - 17:42:42 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\WMTools Downloaded Files ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.6BA9C4AF1AFF069CC87147DA3AEA121A] - 01/06/2011 - 20:01:46 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [56650] O44 - LFC:[MD5.747741992A83CA0CFA143BEA64A71FE7] - 01/06/2011 - 19:57:43 ---A- . (...) -- C:\ZHPExportRegistry-01-06-2011-20-57-43.txt [1726] O44 - LFC:[MD5.9F7F84A46138EB4BAEA8D3BBD5A48F45] - 01/06/2011 - 19:52:02 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 01/06/2011 - 19:51:00 ---A- . (...) -- C:\WINDOWS\setupact.log [60] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/06/2011 - 19:51:00 ---A- . (...) -- C:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/06/2011 - 19:44:37 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01/06/2011 - 19:43:48 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.AD76B35F54807BB46CD51E1EA02F7D2F] - 01/06/2011 - 19:42:06 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [38682] O44 - LFC:[MD5.3302C31C52797645CE75A8952819503E] - 01/06/2011 - 19:42:01 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [990] O44 - LFC:[MD5.D43B5594C63778AAE1FB0EE75362ACE0] - 01/06/2011 - 19:42:01 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.FC00BC033251BFFABFB4B34C8FF630B8] - 01/06/2011 - 19:42:00 ---A- . (...) -- C:\WINDOWS\wiadebug.log [275] O44 - LFC:[MD5.CBAA02AAA97080F0B3067CFA57A764BE] - 31/05/2011 - 19:02:31 ---A- . (...) -- C:\rkill.log [359] O44 - LFC:[MD5.E868CAAA68EB92C70D07B66E0F938269] - 01/06/2011 - 18:25:00 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [43531] O44 - LFC:[MD5.7D277634556134A64F86E4E2A09D2C73] - 01/06/2011 - 18:20:23 ---A- . (...) -- C:\Ad-Report-CLEAN[2].txt [3642] O44 - LFC:[MD5.86DB7D2F545F80DED57140CC4435A83C] - 01/06/2011 - 18:14:24 ---A- . (...) -- C:\TB.txt [248] O44 - LFC:[MD5.010EEC3F4B0A6716D15A44336C9AACD0] - 01/06/2011 - 18:11:27 ---A- . (...) -- C:\Ad-Report-SCAN[3].txt [3524] O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 01/06/2011 - 15:26:19 ---A- . (...) -- C:\WINDOWS\System32\CONFIG.NT [3072] O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 01/06/2011 - 08:07:40 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 01/06/2011 - 08:07:35 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [22360] O44 - LFC:[MD5.5B44C214F9CD9F590BE9125347610380] - 01/06/2011 - 08:07:35 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\System32\drivers\avgntdd.sys [45416] O44 - LFC:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 01/06/2011 - 08:07:35 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\System32\drivers\avipbb.sys [137656] O44 - LFC:[MD5.47B879406246FFDCED59E18D331A0E7D] - 01/06/2011 - 08:07:35 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgntflt.sys [61960] O44 - LFC:[MD5.1DDD152DD1779107E4575AD0B7A09150] - 30/05/2011 - 08:42:45 ---A- . (...) -- C:\TCleaner.txt [1843] O44 - LFC:[MD5.B157E305260FF2A607591F33DE41BFCA] - 30/05/2011 - 02:35:55 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.364F7A2B4B535659F3B50DE5E5C20123] - 30/05/2011 - 02:35:55 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.A0AC7907D47B54238CA60FC47807F119] - 30/05/2011 - 02:35:55 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [157472] O44 - LFC:[MD5.5D2E4DD37AAF3C4A9E7EA00FE073A9FD] - 30/05/2011 - 02:35:48 ---A- . (...) -- C:\WINDOWS\System32\jupdate-1.6.0_25-b06.log [3425] O44 - LFC:[MD5.CDB720F221084A08A371FDB6A3574F36] - 29/05/2011 - 23:34:37 ---A- . (...) -- C:\WINDOWS\WININIT.INI [3741] O44 - LFC:[MD5.D6C76D6C608A6576F236DF56E95469C7] - 29/05/2011 - 21:47:55 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt [3216] O44 - LFC:[MD5.91EFBDBF1984B5EDBC03D5D4D813B41D] - 29/05/2011 - 20:06:51 ---A- . (...) -- C:\aaw7boot.log [695] O44 - LFC:[MD5.6EE5E0B87081422D9585E397C3AF246B] - 29/05/2011 - 20:02:17 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [3378] O44 - LFC:[MD5.6B088A696AF9B7D7583980CF40B451E5] - 29/05/2011 - 20:00:12 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [3560] O44 - LFC:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [39984] O44 - LFC:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712] O44 - LFC:[MD5.FB4080124F35176910134417D3F5C7CB] - 27/05/2011 - 20:49:28 ---A- . (...) -- C:\WINDOWS\System32\jupdate-1.6.0_24-b07.log [3228] O44 - LFC:[MD5.18494C702420FA8F0D647E92BCD7B4E7] - 26/05/2011 - 12:08:50 RSHA- . (...) -- C:\boot.ini [329] O44 - LFC:[MD5.C5F5A52C27FC5D4A9005AB125C67D8D0] - 26/05/2011 - 10:11:38 ---A- . (...) -- C:\rapport.txt [494] O44 - LFC:[MD5.1DE51EC36BE7E103A33BF7B3E1F92C1F] - 26/05/2011 - 10:03:22 ---A- . (...) -- C:\WINDOWS\System32\tmp.reg [3028] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/05/2011 - 10:03:22 ---A- . (...) -- C:\WINDOWS\System32\tmp.txt [0] O44 - LFC:[MD5.FC041F7D1341EEE456F1FA1A256CD24F] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri - Search SharedTaskScheduler.) -- C:\WINDOWS\System32\SrchSTS.exe [288417] O44 - LFC:[MD5.D726E152E257A1AB819F88312EC69620] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri - VC CLSID Cleaner.) -- C:\WINDOWS\System32\VCCLSID.exe [289144] O44 - LFC:[MD5.61FD593673225697D091DE2DDD2E9E47] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri.URZ - 404Fix.) -- C:\WINDOWS\System32\404Fix.exe [82432] O44 - LFC:[MD5.C02562A732F0223082D4CCFC7D4F23DF] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri.URZ - Agent.OMZ.Fix.) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe [78336] O44 - LFC:[MD5.799A9EA3FFB220780AE3D3C11B08D067] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri.URZ - IEDFix.) -- C:\WINDOWS\System32\IEDFix.exe [82944] O44 - LFC:[MD5.9769AB38CB77C9914C25B8141A2A3FBE] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri.URZ - IEDFix.C.) -- C:\WINDOWS\System32\IEDFix.C.exe [82944] O44 - LFC:[MD5.81BC780E5FD520838C6A417840127635] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri.URZ - VACFix.) -- C:\WINDOWS\System32\VACFix.exe [87552] O44 - LFC:[MD5.CEBEF7E3612A75D15C73E8CA71D012AE] - 26/05/2011 - 10:01:47 ---A- . (.S!Ri.URZ - o4Patch.) -- C:\WINDOWS\System32\o4Patch.exe [80384] O44 - LFC:[MD5.EF5DC4CF7C39CFB4653859878C14D86C] - 26/05/2011 - 10:01:47 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\System32\swxcacls.exe [79360] O44 - LFC:[MD5.E417D888FDDE9A2290C369C82A7AEC3E] - 26/05/2011 - 10:01:46 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\System32\swreg.exe [135168] O44 - LFC:[MD5.4019149E4E296072831C8855605D9FDC] - 26/05/2011 - 09:12:32 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [95024] O44 - LFC:[MD5.A060923F9067706344D9FAAADAB6BE63] - 26/05/2011 - 08:48:17 ---A- . (...) -- C:\WINDOWS\~DF7576.tmp [6144] O44 - LFC:[MD5.CE517C148FB9E1BD20663A4665E1C5D3] - 25/05/2011 - 19:47:31 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.A63691D6954B56D982597F21AF48F641] - 24/05/2011 - 08:51:44 ---A- . (...) -- C:\WINDOWS\System32\drivers\Cat.DB [710780] O44 - LFC:[MD5.22F7FDA82BC3AACAF586D7997F8975F9] - 19/05/2011 - 13:53:26 --HA- . (...) -- C:\WINDOWS\System32\mlfcache.dat [65252] O44 - LFC:[MD5.C9F170C40793120CD7F7408E2A5C2AD1] - 18/05/2011 - 00:27:37 ---A- . (...) -- C:\WINDOWS\~DF89EB.tmp [110574] O44 - LFC:[MD5.8F6444ABA9AC06ABC72F813CE5BCE52F] - 15/05/2011 - 12:45:33 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.B8576757416F471C9D7F83B2B04B1F9D] - 10/05/2011 - 13:10:59 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\WINDOWS\avastSS.scr [40112] O44 - LFC:[MD5.811F5C625680CF858891407DB7A8FC67] - 02/06/2009 - 10:17:27 ---A- . (...) -- C:\WINDOWS\System32\WS2Fix.exe [75776] O44 - LFC:[MD5.C16B1595E3C2FFC875EF28BF66EC557F] - 09/01/2006 - 09:36:06 ---A- . (...) -- C:\WINDOWS\System32\swsc.exe [40960] O44 - LFC:[MD5.21868B2D22C726D94D98F15825D4134B] - 31/07/2004 - 17:50:36 ---A- . (...) -- C:\WINDOWS\System32\dumphive.exe [51200] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - URL Exec Hook - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\CyberLink\PowerCinema\PCMService.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\waol.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AOL 9.0\waol.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Compaq_Propriétaire\Bureau\emule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\emule.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\eMule\eMule.exe" [Enabled] .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\eMule.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\lxducoms.exe" [Enabled] .(.Pas de propriétaire - Printer Communication System.) -- C:\WINDOWS\system32\lxducoms.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\Opera\opera.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Opera\opera.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\vlc.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" [Enabled] .(.Pas de propriétaireC:\Documents and Settings\Compaq_Propriétaire\Local Settings\Applica O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\javaw.exe" [Enabled] .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Warcraft III\Warcraft III.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Warcraft III\Warcraft III.exe O47 - AAKE:Key Export SP - "C:\Program Files\Peer2Me\Peer2Me.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Peer2Me\Peer2Me.exe O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe" [Disabled] .(.Microsoft Corporation - Microsoft Help and Support Center.) -- C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{4259329a-bbf8-11df-8ebf-001731c065b3}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- K:\WDSetup.exe (.not file.) O51 - MPSK:{6c907e58-67f0-11df-8e8d-001731c065b3}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- N:\WDSetup.exe (.not file.) O51 - MPSK:{f5ef41a4-a649-11df-8eaf-001731c065b3}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- L:\LaunchU3.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"msacm.l3codecp"="" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\System32\l3codecp.acm ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (...) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\LogitechCommunicationsManager [Key] . (...) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (...) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Peer2Me [Key] . (...) -- C:\Program Files\Peer2Me\Peer2Me.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O53 - SMSR:HKLM\...\startupreg\Spybot-S&D Cleaning [Key] . (...) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe O53 - SMSR:HKLM\...\startupreg\TrayServer [Key] . (...) -- C:\Program Files\MAGIX\Video_deluxe_15_Version_a_telecharger\TrayServer.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\VistaStartMenu [Key] . (.OrdinarySoft - Vista Start Menu program.) -- C:\Program Files\Vista Start Menu\VistaStartMenu.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"= O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutorun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2B3B8C0A2C979DD77BA6DC9376074854] - 02/03/2004 - 09:26:58 ---A- . (.Analog Deivces - USB Firmware loader.) -- C:\WINDOWS\system32\drivers\adildr.sys [50007] O58 - SDL:[MD5.D478C566318803A7063B120F026DC0B7] - 02/03/2004 - 09:24:16 ---A- . (.Analog Devices Inc. - ADSL USB Driver.) -- C:\WINDOWS\system32\drivers\adiusbaw.sys [127065] O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 09/03/2005 - 22:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008] O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 17/06/2010 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 18/04/2011 - 10:19:24 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 17/06/2010 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360] O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 18/04/2011 - 10:19:24 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [137656] O58 - SDL:[MD5.92A964547B96D697E5E9ED43B4297F5A] - 15/10/2004 - 11:50:20 ---A- . (.Brother Industries Ltd. - Brother USB Scanner Driver.) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys [15295] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 12:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.89A8D929FDD51E6557E12A46BD3E2BA6] - 20/01/2006 - 08:20:26 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8169 Hardware Diagnostics Driver for Win2k/xp.) -- C:\WINDOWS\system32\drivers\diag69xp.sys [11351] O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 14:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600] O58 - SDL:[MD5.5AF1F05E4C65EA470080AAFE15FA9AAD] - 05/03/2002 - 15:24:04 R--A- . (.General - USB Storage Driver.) -- C:\WINDOWS\system32\drivers\geneuide.sys [21064] O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 04/08/2004 - 00:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452] O58 - SDL:[MD5.8113133EC42DD6C566908008CE913EDD] - 19/10/2007 - 13:16:30 ---A- . (.Logitech Inc. - Logitech Kernel Audio Processing Filter Driver.) -- C:\WINDOWS\system32\drivers\Lvckap.sys [2109976] O58 - SDL:[MD5.0DD5B8AF4917A2821047450195C511B3] - 11/10/2007 - 18:59:02 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys [2142488] O58 - SDL:[MD5.E1158B0CB852DB0573922C92E6E564DE] - 12/10/2007 - 02:59:12 R--A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys [1920920] O58 - SDL:[MD5.406B1D186F75B4B4832D6237859E1B00] - 11/10/2007 - 18:59:24 ---A- . (...) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys [25624] O58 - SDL:[MD5.BE5E104BE263921D6842C555DB6A5C23] - 12/10/2007 - 03:00:43 R--A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys [41752] O58 - SDL:[MD5.EACD1EB2D82ED2ADC753AFEEE1D4D660] - 12/10/2007 - 03:00:54 R--A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys [3647384] O58 - SDL:[MD5.BCEF16E3AEDD1B44BCA45F748D975D73] - 12/10/2007 - 03:01:06 R--A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys [23832] O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [39984] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.CE58F42B11BE20A47C3D8D2F38DA254E] - 25/01/2006 - 03:15:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.05.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3535520] O58 - SDL:[MD5.22EEDB34C4D7613A25B10C347C6C4C21] - 03/03/2006 - 22:31:02 ---A- . (.NVIDIA Corporation - NVIDIA Networking Function Driver..) -- C:\WINDOWS\system32\drivers\NVENETFD.sys [34176] O58 - SDL:[MD5.5E3F6AD5CAD0F12D3CCCD06FD964087A] - 03/03/2006 - 22:31:04 ---A- . (.NVIDIA Corporation - NVIDIA Networking Bus Driver..) -- C:\WINDOWS\system32\drivers\nvnetbus.sys [13056] O58 - SDL:[MD5.B80EB11F6BA8596153FE7067ACDBFE43] - 03/03/2006 - 22:30:46 ---A- . (.NVIDIA Corporation - NVIDIA Network Resource Manager..) -- C:\WINDOWS\system32\drivers\nvnrm.sys [305024] O58 - SDL:[MD5.60CA4F6F077CCC73AF7B5556BE81639A] - 03/03/2006 - 22:30:32 ---A- . (.NVIDIA Corporation - NVIDIA Networking Soft-NPU Driver..) -- C:\WINDOWS\system32\drivers\nvsnpu.sys [222592] O58 - SDL:[MD5.C3B4DDFDDEB512790EA24DE867FCB7C3] - 03/03/2006 - 22:30:54 ---A- . (.NVIDIA Corporation - NVIDIA Networking Protocol Driver..) -- C:\WINDOWS\system32\drivers\nvtcp.sys [101888] O58 - SDL:[MD5.07C02C892E8E1A72D6BF35004F0E9C5E] - 19/11/2005 - 02:13:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\PCASp50.sys [20096] O58 - SDL:[MD5.263AA696D8A1D78234F17C303E89B78D] - 02/02/2006 - 08:14:38 ---A- . (.Windows ® 2000 DDK provider - PCDR NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\pcdrndisuio.sys [13440] O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 13/12/2005 - 01:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.BF4709C002D632170DC15A282813D6B3] - 02/08/2005 - 16:00:36 R--A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt73.sys [232192] O58 - SDL:[MD5.64BE56B8858CA0153C725C720FFD194F] - 08/03/2006 - 21:27:12 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4246016] O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 03/08/2004 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992] O58 - SDL:[MD5.4019149E4E296072831C8855605D9FDC] - 26/05/2011 - 09:12:32 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\WINDOWS\system32\drivers\SBREDrv.sys [95024] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/06/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 12:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 18/02/2011 - 16:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984] O58 - SDL:[MD5.F2CE99DD9F56BAFC49234A1EFB0AFC8E] - 02/02/2006 - 08:07:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\USBkey.sys [28848] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.1FF53D6DC853371F5F00322C7437C44F] - 16/06/2006 - 09:50:03 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13065] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.E57B778208C783D8DEBAB320C16A1B82] - 28/09/2009 - 20:57:30 ---A- . (...) -- C:\WINDOWS\system32\StarOpen.sys [5504] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} O63 - Logiciel: Toolbar SD - (.IDN Team.) O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.) ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - (.not file.) - 6312da00 (6312da00) .(...) - LEGACY_6312DA00 O64 - Services: CurCS - 11/04/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - 11/04/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - 18/02/2011 - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Apple Mobile Device(Apple Mobile Device) .(.Apple Inc. - MobileDeviceService.) - LEGACY_APPLE_MOBILE_DEVICE O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(...) - LEGACY_ASWSP O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 18/04/2011 - C:\WINDOWS\System32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 18/04/2011 - C:\WINDOWS\System32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - 06/04/2011 - C:\Program Files\Bonjour\mDNSResponder.exe - Service Bonjour(Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 05/08/2004 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS O64 - Services: CurCS - (.not file.) - F-Secure Firewall Driver (FSFW) .(...) - LEGACY_FSFW O64 - Services: CurCS - (.not file.) - FssFltr (fssfltr) .(...) - LEGACY_FSSFLTR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - 22/10/2004 - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - 14/04/2011 - C:\Program Files\iPod\bin\iPodService.exe - Service de l’iPod(iPod Service) .(.Apple Inc. - iPodService Module (32-bit).) - LEGACY_IPOD_SERVICE O64 - Services: CurCS - 14/04/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD O64 - Services: CurCS - 19/10/2007 - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe - LVCOMSer(LVCOMSer) .(.Logitech Inc. - Logitech Video COM Service.) - LEGACY_LVCOMSER O64 - Services: CurCS - C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(...) - LEGACY_LVPR2MON O64 - Services: CurCS - 19/10/2007 - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe - Process Monitor(LVPrcSrv) .(.Logitech Inc. - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - 19/10/2007 - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe - LVSrvLauncher(LVSrvLauncher) .(.Logitech Inc. - LogitechService Launcher.) - LEGACY_LVSRVLAUNCHER O64 - Services: CurCS - 23/05/2008 - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe - lxduCATSCustConnectService(lxduCATSCustConnectService) .(.Lexmark International, Inc. - Lexmark Connect Service Executable.) - LEGACY_LXDUCATSCUSTCONNECTSERVI O64 - Services: CurCS - 23/05/2008 - C:\WINDOWS\system32\lxducoms.exe - lxdu_device(lxdu_device) .(.Pas de propriétaire - Printer Communication System.) - LEGACY_LXDU_DEVICE O64 - Services: CurCS - 29/05/2011 - C:\WINDOWS\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 29/05/2011 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccessU (NMSAccessU) .(...) - LEGACY_NMSACCESSU O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - 25/01/2006 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.05.) - LEGACY_NVSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM O64 - Services: CurCS - (.not file.) - PC Tools Data Store (pctDS) .(...) - LEGACY_PCTDS O64 - Services: CurCS - (.not file.) - PC Tools Extended File Attributes (pctEFA) .(...) - LEGACY_PCTEFA O64 - Services: CurCS - (.not file.) - PC Tools Spyware Doctor Driver (PCTSD) .(...) - LEGACY_PCTSD O64 - Services: CurCS - (.not file.) - PCTSDInjDriver32 (PCTSDInjDriver32) .(...) - LEGACY_PCTSDINJDRIVER32 O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\RDPWD.sys - RDPWD (RDPWD) .(...) - LEGACY_RDPWD O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS O64 - Services: CurCS - (.not file.) - Spybot-S&D 2 Firewall Service (SDFirewallService) .(...) - LEGACY_SDFIREWALLSERVICE O64 - Services: CurCS - (.not file.) - Spybot-S&D 2 Monitoring Service (SDMonitorService) .(...) - LEGACY_SDMONITORSERVICE O64 - Services: CurCS - (.not file.) - Spybot-S&D 2 Scanner Service (SDScannerService) .(...) - LEGACY_SDSCANNERSERVICE O64 - Services: CurCS - (.not file.) - Spybot-S&D 2 Updating Service (SDUpdateService) .(...) - LEGACY_SDUPDATESERVICE O64 - Services: CurCS - (.not file.) - Spybot-S&D 2 Security Center Service (SDWSCService) .(...) - LEGACY_SDWSCSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SERIAL.sys - Serial (Serial) .(...) - LEGACY_SERIAL O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - (.not file.) - (.not file.) - MS Software Shadow Copy Provider (SwPrv) .(...) - LEGACY_SWPRV O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TDTCP.sys - TDTCP (TDTCP) .(...) - LEGACY_TDTCP O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE O64 - Services: CurCS - 24/08/2010 - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe - TomTomHOMEService(TomTomHOMEService) .(.TomTom - Windows Service for TomTom HOME.) - LEGACY_TOMTOMHOMESERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {025ED404-E472-4B48-8685-EAD2090C0CF9} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {875CA65C-E398-4297-943D-F9FAC5C4C6B9} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {9CFEB78D-5AED-45BD-8591-EBF6533C2365} - (Bing) - Bing ---\\ Recherche d'infection Rogue (O86) C:\Documents and Settings\Compaq_Propriétaire\Application Data\5600-6600 Series ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 11/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SS - | Auto 11/04/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SS - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe SS - | Auto 06/04/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe SS - | Demand 14/04/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Auto 14/04/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SS - | Auto 19/10/2007 186904 | (LVCOMSer) . (.Logitech Inc..) - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe SS - | Auto 19/10/2007 141848 | (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe SS - | Auto 19/10/2007 141848 | (LVSrvLauncher) . (.Logitech Inc..) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe SS - | Auto 23/05/2008 98984 | (lxduCATSCustConnectService) . (.Lexmark International, Inc..) - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe SS - | Auto 23/05/2008 594600 | (lxdu_device) . (...) - C:\WINDOWS\system32\lxducoms.exe SS - | Auto 29/05/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Auto 06/09/2009 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe SS - | Auto 25/01/2006 131139 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SS - | Auto 24/08/2010 92008 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Compaq_Propriétaire at 01/06/2011 21:27:14 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8634D4D0]<< 1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x862D0AB8] 3 CLASSPNP[0xF7743FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000069[0x862F3968] 5 ACPI[0xF7699620] -> nt!IofCallDriver[0x804E37D5] -> [0x861E0940] \Driver\atapi[0x862F1F38] -> IRP_MJ_CREATE -> 0x8634D4D0 error: Read Un périphérique attaché au système ne fonctionne pas correctement. kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi DriverStartIo -> 0x8634D31B user & kernel MBR OK Warning: possible TDL3 rootkit infection ! ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Compaq_Propriétaire at 01/06/2011 21:27:16 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (1263 lines in 01mn 16s)(0)

bonjours a tous, j ai un grand besoin d aide... en règle générale je me dépanne toute seule en lisant les sujets du forum, mais la je ne sais comment utiliser zhp diag et fix. merci de votre aide.