Aller au contenu

gounou51

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    13

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par gounou51

  1. gounou51
    1. ========================= SEAF 1.0.1.0 - C_XX 2. 3. Commencé à: 11:19:44 le 02/07/2011 4. 5. Valeur(s) recherchée(s): 6. slizone.com 7. 8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès 9. 10. (!) --- Calcul du Hash "MD5" 11. (!) --- Informations supplémentaires 12. (!) --- Recherche registre 13. 14. ====== Fichier(s) ====== 15. 16. Aucun fichier trouvé 17. 18. 19. ====== Entrée(s) du registre ====== 20. 21. Aucun élément dans le registre trouvé 22. 23. ========================= 24. 25. Fin à: 11:22:54 le 02/07/2011 26. 325308 Éléments analysés 27. 28. ========================= 29. E.O.F
  2. gounou51
    Salut, toujours cette maudite page internet qui'ouvre toute seule au démarrage du Pc "http://www.slizone.com/page/home.html"
  3. gounou51
    Rapport de ZHPFix 1.12.3326 par Nicolas Coolman, Update du 25/06/2011 Fichier d'export Registre : C:\ZHPExportRegistry-27-06-2011-17-48-39.txt Run by Gounou at 27/06/2011 17:48:39 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1 SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} ERREUR Key**: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} ERREUR Key**: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5} SUPPRIME Key: CLSID BHO: {ba14329e-9550-4989-b3f2-9732e92d17cc} SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine ERREUR Key**: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc} SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc} SUPPRIME Key: HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Toolbar ABSENT Key: CLSID BHO: {ba14329e-9550-4989-b3f2-9732e92d17cc} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc} ABSENT Key: HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc} ========== Valeur(s) du Registre ========== SUPPRIME AAKE KeyValue: C:\WINDOWS\system32\drivers\svchost.exe SUPPRIME URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} SUPPRIME Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} ABSENT URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} ABSENT Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} ABSENT [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} ========== Préférences navigateur ========== ABSENT C:\Documents and Settings\Gounou\Application Data\Mozilla\Firefox\Profiles\5pqf3s5s.default\prefs.js ABSENT C:\Documents and Settings\Gounou\Application Data\Mozilla\Firefox\Profiles\5pqf3s5s.default\prefs.js ========== Dossier(s) ========== SUPPRIME C:\Documents and Settings\Gounou\Application Data\Mozilla\Firefox\Profiles\5pqf3s5s.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} SUPPRIME C:\Program Files\DAEMON Tools Toolbar ABSENT C:\Program Files\DAEMON Tools Toolbar ========== Fichier(s) ========== ABSENT File: c:\windows\system32\drivers\svchost.exe SUPPRIME c:\program files\vuze_remote\prxtbvuze.dll ABSENT File: c:\program files\vuze_remote\prxtbvuze.dll ABSENT Folder/File: c:\program files\daemon tools toolbar ========== Récapitulatif ========== 17 : Clé(s) du Registre 7 : Valeur(s) du Registre 3 : Dossier(s) 4 : Fichier(s) 2 : Préférences navigateur ========== Chemin du fichier rapport ========== C:\Program Files\ZHPDiag\ZHPFixReport.txt End of the scan
  4. gounou51
    il me semblait pourtant que j'avais réinstallé une version officiel, fait ub scan avec zhp diag et toujours des lignes rouges dont un certain "eorezo" plus une page internet qui s'ouvre toute seule au démarrage du pc Zeb Help Process 2 by Nicolas Coolman - Rapport de synthèse du 26/06/2011 15:25:20 INFECTION IDENTIFIEE Liste disponible seulement en version Helper PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\drivers\svchost.exe" [Disabled] .(...) -- C:\WINDOWS\system32\drivers\svchost.exe (.not file.) [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer] [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}] PROCESSUS SUPERFLU DU SYSTEME [MD5.A065F048E9E23E6C026A7BB548D126A7] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} () - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 [HKCU\Software\MGS] O43 - CFD: 14/04/2010 - 16:37:34 - [74658901] ----D- C:\Program Files\Spybot - Search & Destroy O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [Enabled] .(...) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (.not file.) TOOLBAR INUTILE (Navigateur internet) M2 - MFEP: prefs.js [Gounou - 5pqf3s5s.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Toolbar v2.7.2.0 (.Conduit Ltd..) R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O43 - CFD: 28/04/2011 - 16:41:48 - [0] ----D- C:\Program Files\DAEMON Tools Toolbar [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Toolbar] [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} C:\Program Files\DAEMON Tools Toolbar PROCESSUS INUTILE (Au démarrage du système) O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe A VERIFIER (Adresse IP, domaine ou site) O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab MISE A JOUR DE PRODUIT Avast®Antivirus Adobe Reader 7.0 Sun Microsystems PROCESSUS P2P (Vecteurs d'infections) Vuze®Azureus PeerToPeer Azureus PeerToPeer Azureus Team Vuze PeerToPeer eMule PeerToPeer Bittorent PeerToPeer BitTorrent DNA PeerToPeer eMule®PeerToPeer O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe" [Enabled] .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Azureus\Azureus.exe PROTECTION DU SYSTEME (Antivirus, FireWall, Anti-Malwares) [MD5.7DE3EE7DBEE14C1F8375CB82466C9321] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe [3459712] [MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] Avast®Antivirus Alwil Avast! Antivirus Panda Software Panda Antivirus RAPPORT SIMPLIFIE ~ Mes images (My Pictures) : 32/407 ~ Mes musiques (My Musics) : 15/38 ~ Mes Videos (My Videos) : 8/64 ~ Mes Favoris (My Favorites) : 2/116 ~ Mes Documents (My Documents) : 110/7737 ~ Mon Bureau (My Desktop) : 0/15 ~ Menu demarrer (Programs) : 5/32 ~ Dossier utilisateur (AppData) : 37/1736 M2 - MFEP: prefs.js [Gounou - 5pqf3s5s.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Toolbar v2.7.2.0 (.Conduit Ltd..) R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (...) -- (.not file.) O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 7.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A71000000002}\SC_Reader_PM.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Azureus\Azureus.exe O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} () - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab O42 - Logiciel: Adobe Reader 7.1.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A71000000002} O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030} O42 - Logiciel: Java 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -- Vuze_Remote Toolbar [HKCU\Software\Azureus] [HKCU\Software\MGS] [HKCU\Software\Vuze_Remote] [HKCU\Software\eMule] [HKLM\Software\3vc] [HKLM\Software\Azureus] [HKLM\Software\Canal+ Distribution] [HKLM\Software\IDSimple inc.] [HKLM\Software\Sauleo3vc] [HKLM\Software\Vuze_Remote] O43 - CFD: 24/06/2007 - 16:47:20 - [3154380804] ----D- C:\Program Files\3nity Video Convert O43 - CFD: 22/04/2011 - 13:37:18 - [152239485] ----D- C:\Program Files\Azureus O43 - CFD: 23/04/2007 - 21:54:14 - [11945339] ----D- C:\Program Files\BitTorrent O43 - CFD: 28/04/2011 - 16:41:48 - [0] ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD: 08/10/2007 - 18:36:08 - [612210] ----D- C:\Program Files\eMule O43 - CFD: 22/02/2011 - 17:28:34 - [31255116] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 14/04/2010 - 16:37:34 - [74658901] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 22/04/2011 - 13:35:46 - [4549434] ----D- C:\Program Files\Vuze_Remote O43 - CFD: 28/04/2011 - 17:44:56 - [114912223] ----D- C:\Documents and Settings\Gounou\Application Data\Azureus O43 - CFD: 23/04/2007 - 21:44:04 - [98696] ----D- C:\Documents and Settings\Gounou\Application Data\BitTorrent O43 - CFD: 23/04/2007 - 21:54:14 - [17148] ----D- C:\Documents and Settings\Gounou\Application Data\DNA O43 - CFD: 23/04/2007 - 20:57:30 - [5836546] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\DNA O43 - CFD: 22/06/2011 - 13:27:02 - [5002402] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Vuze_Remote O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/06/2011 - 12:52:56 ---A- . (...) -- C:\WINDOWS\System32\drivers\lvuvc.hs [0] O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(...) -- C:\Program Files\eMule\emule.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mshta.exe" [Enabled] .(.Microsoft Corporation - Microsoft HTML Application host.) -- C:\WINDOWS\system32\mshta.exe O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [Enabled] .(...) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\drivers\svchost.exe" [Disabled] .(...) -- C:\WINDOWS\system32\drivers\svchost.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe" [Enabled] .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Azureus\Azureus.exe O69 - SBI: SearchScopes [HKCU] {570F333D-1AF7-4B82-8355-5BA36E5595E3} - (Search-torrent) - Search Torrent : Moteur de recherche bittorrent [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer] [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Toolbar] [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} C:\Program Files\DAEMON Tools Toolbar C:\Program Files\Vuze_Remote C:\Documents and Settings\Gounou\Local Settings\Application Data\Vuze_Remote Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover spof.sys
  5. gounou51
    Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 6953 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 26/06/2011 14:56:55 mbam-log-2011-06-26 (14-56-55).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 225516 Temps écoulé: 26 minute(s), 9 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  6. gounou51
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 13:49:13 le 26/06/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Gounou@CHRISTOP-76SWA3 ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. ============== SCAN ADDITIONNEL ============== -- C:\Documents and Settings\Gounou\Application Data\Mozilla\FireFox\Profiles\5pqf3s5s.default -- Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar) ======================================== **** Internet Explorer Version [8.0.6001.18702] **** Plugins\NPWMin32.dll (SYNERSOFT) HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\PROGRA~1\Wanadoo\SEARCH~1.DLL) HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKCU_SearchScopes\{0F2A88D7-7F62-4410-8675-CA10A1817015} - "?" (?) HKCU_SearchScopes\{16E518F6-7CB3-4E38-9315-8781E045C8A7} - "?" (?) HKCU_SearchScopes\{425AF472-3DD4-4162-B2A9-ECB687CA48F9} - "?" (?) HKCU_SearchScopes\{570F333D-1AF7-4B82-8355-5BA36E5595E3} - "Search-torrent" (hxxp://www.search-torrent.com/search.php?t={searchTerms}) HKCU_SearchScopes\{7EEF768E-165F-4B7E-811C-AAC594175C13} - "mininova" (hxxp://www.mininova.org/search/?search={searchTerms}) HKCU_SearchScopes\{8F1C6691-D500-4846-83FA-4B2B5A97DE73} - "?" (?) HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x) HKCU_Toolbar\WebBrowser|{4982D40A-C53B-4615-B15B-B5B5E98D167C} (x) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_Toolbar|{724d43a0-0d85-11d4-9908-00400523e39a} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_ElevationPolicy\{307C8551-FB4F-4CB1-B06E-0E76D2C05948} - C:\Program Files\Fichiers communs\fluxDVD\APIX\APIXCore.exe (ACE GmbH) HKLM_ElevationPolicy\{35821CD8-CE49-4AB9-87A0-1A85634FB449} - C:\Documents and Settings\Gounou\Local Settings\Application Data\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x) HKLM_ElevationPolicy\{44270ABA-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar2user.exe (?) HKLM_ElevationPolicy\{5B78ED0B-553B-4300-AC3A-C376A6D2F784} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{8BC2979A-D47A-41B6-ACA8-1815D6B61F17} - C:\Program Files\Fichiers communs\fluxDVD\Download Manager\XEBDLMgr.exe (ACE GmbH) HKLM_ElevationPolicy\{C69C0E28-C73B-40F3-8B0D-AC43598C49D1} - C:\Program Files\Fichiers communs\mpDRM\mpDRMBroker.exe (Protect Software GmbH) HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (C:\PROGRA~1\Wanadoo\Audience\Icones\Orange.ico) HKLM_Extensions\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - "Messenger" (C:\Program Files\Messenger\msmsgs.exe,301) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46} - "Remplir" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,880) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49} - "Enregistrer" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,873) HKLM_Extensions\{724d43aa-0d85-11d4-9908-00400523e39a} - "Barre RoboForm" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900) HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?) HKLM_Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - "Real.com" (C:\Program Files\Real\RealPlayer\eb_inact.ico) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{724d43a9-0d85-11d4-9908-00400523e39a} - "?" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 3 Fichier(s) C:\Program Files\Ad-Remover\Backup: 28 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 25/06/2011 13:23:15 (5847 Octet(s)) C:\Ad-Report-CLEAN[2].txt - 26/06/2011 13:49:18 (481 Octet(s)) C:\Ad-Report-SCAN[1].txt - 25/06/2011 13:22:06 (5780 Octet(s)) C:\Ad-Report-SCAN[2].txt - 26/06/2011 13:47:33 (5650 Octet(s)) Fin à: 13:49:59, 26/06/2011 ============== E.O.F ==============
  7. gounou51
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 13:47:16 le 26/06/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Gounou@CHRISTOP-76SWA3 ( ) ============== RECHERCHE ============== ============== SCAN ADDITIONNEL ============== -- C:\Documents and Settings\Gounou\Application Data\Mozilla\FireFox\Profiles\5pqf3s5s.default -- Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar) ======================================== **** Internet Explorer Version [8.0.6001.18702] **** Plugins\NPWMin32.dll (SYNERSOFT) HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|First Home Page - hxxp://www.fr.msn.com/ HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://hpp.orange.fr/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\PROGRA~1\Wanadoo\SEARCH~1.DLL) HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKCU_SearchScopes\{0F2A88D7-7F62-4410-8675-CA10A1817015} - "?" (?) HKCU_SearchScopes\{16E518F6-7CB3-4E38-9315-8781E045C8A7} - "?" (?) HKCU_SearchScopes\{425AF472-3DD4-4162-B2A9-ECB687CA48F9} - "?" (?) HKCU_SearchScopes\{570F333D-1AF7-4B82-8355-5BA36E5595E3} - "Search-torrent" (hxxp://www.search-torrent.com/search.php?t={searchTerms}) HKCU_SearchScopes\{7EEF768E-165F-4B7E-811C-AAC594175C13} - "mininova" (hxxp://www.mininova.org/search/?search={searchTerms}) HKCU_SearchScopes\{8F1C6691-D500-4846-83FA-4B2B5A97DE73} - "?" (?) HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x) HKCU_Toolbar\WebBrowser|{4982D40A-C53B-4615-B15B-B5B5E98D167C} (x) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_Toolbar|{724d43a0-0d85-11d4-9908-00400523e39a} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_ElevationPolicy\{307C8551-FB4F-4CB1-B06E-0E76D2C05948} - C:\Program Files\Fichiers communs\fluxDVD\APIX\APIXCore.exe (ACE GmbH) HKLM_ElevationPolicy\{35821CD8-CE49-4AB9-87A0-1A85634FB449} - C:\Documents and Settings\Gounou\Local Settings\Application Data\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x) HKLM_ElevationPolicy\{44270ABA-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar2user.exe (?) HKLM_ElevationPolicy\{5B78ED0B-553B-4300-AC3A-C376A6D2F784} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{8BC2979A-D47A-41B6-ACA8-1815D6B61F17} - C:\Program Files\Fichiers communs\fluxDVD\Download Manager\XEBDLMgr.exe (ACE GmbH) HKLM_ElevationPolicy\{C69C0E28-C73B-40F3-8B0D-AC43598C49D1} - C:\Program Files\Fichiers communs\mpDRM\mpDRMBroker.exe (Protect Software GmbH) HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (C:\PROGRA~1\Wanadoo\Audience\Icones\Orange.ico) HKLM_Extensions\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - "Messenger" (C:\Program Files\Messenger\msmsgs.exe,301) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46} - "Remplir" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,880) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49} - "Enregistrer" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,873) HKLM_Extensions\{724d43aa-0d85-11d4-9908-00400523e39a} - "Barre RoboForm" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900) HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?) HKLM_Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - "Real.com" (C:\Program Files\Real\RealPlayer\eb_inact.ico) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{724d43a9-0d85-11d4-9908-00400523e39a} - "?" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 3 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 25/06/2011 13:23:15 (5847 Octet(s)) C:\Ad-Report-SCAN[1].txt - 25/06/2011 13:22:06 (5780 Octet(s)) C:\Ad-Report-SCAN[2].txt - 26/06/2011 13:47:33 (436 Octet(s)) Fin à: 13:48:03, 26/06/2011 ============== E.O.F ==============
  8. gounou51
    Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 688D-4857 R‚pertoire de C:\WINDOWS\tasks 26/06/2011 13:36 <REP> . 26/06/2011 13:36 <REP> .. 23/06/2011 16:51 284 AppleSoftwareUpdate.job 28/09/2001 14:00 65 desktop.ini 25/06/2011 13:19 6 SA.DAT 26/06/2011 13:40 434 User_Feed_Synchronization-{8FA9AE11-9EE1-44B6-A571-70C37AF786E3}.job 4 fichier(s) 789 octets R‚pertoire de C:\Documents and Settings\Gounou\Bureau
  9. gounou51
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 26/06/2011|13:36 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\WINDOWS\Tasks\A8B189E894BE014C.job Supprime! - C:\DOCUME~1\Gounou\APPLIC~1\bowsfr~1 - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [22/06/2011|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} [22/06/2011|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [07/07/2010|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alwil Software [24/05/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Anikop Mes Comptes 2008 [26/04/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL [29/03/2010|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [29/03/2010|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [24/06/2007|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [25/12/2007|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [25/04/2007|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [09/12/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay [20/05/2009|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet [08/04/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fluxDVD [11/07/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [22/02/2011|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations [05/03/2009|23:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [26/06/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Keep Bore Kind Seek [25/06/2007|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/10/2010|17:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [07/10/2010|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [16/08/2010|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [25/06/2011|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [03/12/2010|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [23/06/2011|03:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08/04/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mpDRM [13/04/2009|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia [26/06/2010|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NokiaInstallerCache [28/03/2007|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [29/03/2009|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [29/03/2007|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [16/08/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [22/01/2011|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung [16/12/2010|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [28/12/2010|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [15/04/2010|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun [20/05/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk [20/09/2007|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity [28/04/2007|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [23/03/2011|13:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [10/09/2010|03:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [22/06/2011|15:55] C:\DOCUME~1\Gounou\APPLIC~1\Adobe [13/07/2008|22:30] C:\DOCUME~1\Gounou\APPLIC~1\AdobeUM [28/06/2007|22:09] C:\DOCUME~1\Gounou\APPLIC~1\Ahead [23/04/2007|21:54] C:\DOCUME~1\Gounou\APPLIC~1\AOL [30/03/2010|17:52] C:\DOCUME~1\Gounou\APPLIC~1\Apple Computer [24/06/2007|12:40] C:\DOCUME~1\Gounou\APPLIC~1\AVS4YOU [28/04/2011|17:44] C:\DOCUME~1\Gounou\APPLIC~1\Azureus [23/04/2007|21:44] C:\DOCUME~1\Gounou\APPLIC~1\BitTorrent [29/04/2007|22:04] C:\DOCUME~1\Gounou\APPLIC~1\CyberLink [11/10/2008|11:43] C:\DOCUME~1\Gounou\APPLIC~1\DAEMON Tools [01/05/2007|10:31] C:\DOCUME~1\Gounou\APPLIC~1\DeepBurner [23/04/2007|21:54] C:\DOCUME~1\Gounou\APPLIC~1\DNA [20/05/2009|16:27] C:\DOCUME~1\Gounou\APPLIC~1\Download Manager [12/08/2007|21:12] C:\DOCUME~1\Gounou\APPLIC~1\Google [01/05/2007|10:31] C:\DOCUME~1\Gounou\APPLIC~1\gtopala [22/04/2007|17:18] C:\DOCUME~1\Gounou\APPLIC~1\Help [27/03/2007|20:18] C:\DOCUME~1\Gounou\APPLIC~1\Identities [22/01/2011|11:01] C:\DOCUME~1\Gounou\APPLIC~1\InstallShield [12/07/2008|10:56] C:\DOCUME~1\Gounou\APPLIC~1\Lavasoft [07/10/2010|17:27] C:\DOCUME~1\Gounou\APPLIC~1\Leadertech [15/04/2010|16:08] C:\DOCUME~1\Gounou\APPLIC~1\Logitech [29/03/2007|18:47] C:\DOCUME~1\Gounou\APPLIC~1\Macromedia [25/06/2011|11:34] C:\DOCUME~1\Gounou\APPLIC~1\Malwarebytes [18/12/2010|09:27] C:\DOCUME~1\Gounou\APPLIC~1\Media Player Classic [28/04/2011|10:21] C:\DOCUME~1\Gounou\APPLIC~1\Microsoft [17/08/2010|11:35] C:\DOCUME~1\Gounou\APPLIC~1\Mozilla [22/02/2011|17:25] C:\DOCUME~1\Gounou\APPLIC~1\Nokia [04/04/2009|10:38] C:\DOCUME~1\Gounou\APPLIC~1\OpenOffice.org [24/10/2009|12:54] C:\DOCUME~1\Gounou\APPLIC~1\PC Suite [22/01/2011|11:45] C:\DOCUME~1\Gounou\APPLIC~1\Samsung [09/07/2007|21:38] C:\DOCUME~1\Gounou\APPLIC~1\SecuROM [23/06/2011|03:26] C:\DOCUME~1\Gounou\APPLIC~1\Skype [23/06/2011|00:08] C:\DOCUME~1\Gounou\APPLIC~1\skypePM [22/04/2007|20:44] C:\DOCUME~1\Gounou\APPLIC~1\Sun [23/03/2011|13:54] C:\DOCUME~1\Gounou\APPLIC~1\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 [24/05/2011|21:47] C:\DOCUME~1\Gounou\APPLIC~1\vlc [25/06/2007|22:41] C:\DOCUME~1\Gounou\APPLIC~1\Vso [12/08/2007|21:09] C:\DOCUME~1\Gounou\APPLIC~1\WholeSecurity [31/07/2007|20:41] C:\DOCUME~1\Gounou\APPLIC~1\WinRAR [07/04/2009|18:34] C:\DOCUME~1\Gounou\APPLIC~1\Yahoo! [29/03/2007|18:39] C:\DOCUME~1\Gounou\APPLIC~1\You've Got Pictures Screensaver [28/04/2007|08:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [10/09/2010|03:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [23/06/2011 16:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [26/06/2011 13:35][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{8FA9AE11-9EE1-44B6-A571-70C37AF786E3}.job [25/06/2011 13:19][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/09/2001 14:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [24/06/2007|16:47] C:\Program Files\3nity Video Convert [22/06/2011|15:46] C:\Program Files\Adobe [25/06/2011|12:53] C:\Program Files\Ad-Remover [26/04/2007|20:05] C:\Program Files\ahead [07/07/2010|14:34] C:\Program Files\Alwil Software [28/03/2007|10:28] C:\Program Files\Analog Devices [29/03/2010|18:48] C:\Program Files\Apple Software Update [07/07/2010|14:16] C:\Program Files\Astonsoft [12/08/2007|21:11] C:\Program Files\AVS4YOU [22/04/2011|13:37] C:\Program Files\Azureus [23/04/2007|21:54] C:\Program Files\BitTorrent [29/03/2010|18:48] C:\Program Files\Bonjour [18/12/2010|09:29] C:\Program Files\Canon [12/08/2007|21:11] C:\Program Files\Catalencoder [22/06/2011|15:36] C:\Program Files\CCleaner [22/01/2011|11:46] C:\Program Files\Common Files [12/08/2007|21:11] C:\Program Files\ComPlus Applications [28/04/2011|16:41] C:\Program Files\Conquete 2.0 [12/08/2007|21:11] C:\Program Files\CyberLink [28/04/2011|16:41] C:\Program Files\DAEMON Tools Lite [28/04/2011|16:41] C:\Program Files\DAEMON Tools Toolbar [20/06/2009|10:19] C:\Program Files\DIFX [21/09/2007|09:03] C:\Program Files\eBay [18/07/2009|11:26] C:\Program Files\EBP [08/10/2007|18:36] C:\Program Files\eMule [22/06/2011|15:57] C:\Program Files\Fichiers communs [22/06/2009|20:46] C:\Program Files\Google [28/04/2011|16:41] C:\Program Files\gPotato.eu [12/07/2008|10:58] C:\Program Files\HardwareDetection [17/08/2010|11:40] C:\Program Files\HP [25/04/2011|17:25] C:\Program Files\InstallShield Installation Information [28/03/2007|09:41] C:\Program Files\Intel [24/06/2011|03:19] C:\Program Files\Internet Explorer [28/04/2011|16:41] C:\Program Files\IVT Corporation [22/06/2011|13:32] C:\Program Files\Java [28/04/2011|16:41] C:\Program Files\Landes Eternelles [28/04/2011|16:41] C:\Program Files\Lavasoft [16/08/2010|10:27] C:\Program Files\Lecteur CANALPLAY [22/01/2011|11:00] C:\Program Files\LG Electronics [22/01/2011|11:02] C:\Program Files\LGInternetKit [08/10/2010|03:18] C:\Program Files\Logitech [16/08/2010|10:30] C:\Program Files\ma-config.com [25/06/2011|11:34] C:\Program Files\Malwarebytes' Anti-Malware [22/01/2011|11:45] C:\Program Files\MarkAny [29/03/2007|11:39] C:\Program Files\MC2 [10/09/2010|03:26] C:\Program Files\Messenger [08/10/2010|03:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [27/03/2007|20:02] C:\Program Files\microsoft frontpage [09/09/2010|12:50] C:\Program Files\Microsoft Office [09/09/2010|12:50] C:\Program Files\Microsoft Visual Studio [10/09/2010|03:12] C:\Program Files\Microsoft Works [22/01/2011|11:28] C:\Program Files\Microsoft.NET [10/09/2010|03:04] C:\Program Files\Movie Maker [17/08/2010|11:35] C:\Program Files\Mozilla Firefox [12/08/2007|21:11] C:\Program Files\Mozilla Firefox(2) [09/09/2010|12:50] C:\Program Files\MSBuild [27/03/2007|19:59] C:\Program Files\MSN [27/03/2007|19:59] C:\Program Files\MSN Gaming Zone [10/09/2010|03:01] C:\Program Files\MSXML 4.0 [20/01/2008|16:34] C:\Program Files\MUSICMATCH [31/07/2007|20:41] C:\Program Files\Nero [05/03/2009|22:38] C:\Program Files\NetMeeting [28/04/2011|16:41] C:\Program Files\Nokia [22/02/2011|17:28] C:\Program Files\OpenOffice.org 3 [16/12/2010|04:00] C:\Program Files\Outlook Express [28/04/2011|16:41] C:\Program Files\Overland [15/04/2010|16:10] C:\Program Files\Panda Security [09/11/2008|17:42] C:\Program Files\Passbox2007 [25/04/2011|17:17] C:\Program Files\PC Connectivity Solution [29/03/2007|18:39] C:\Program Files\QuickTime [25/04/2011|16:53] C:\Program Files\Raptr [29/03/2007|18:38] C:\Program Files\Real [12/08/2007|21:11] C:\Program Files\Realtek [29/03/2010|18:49] C:\Program Files\Safari [28/04/2011|16:41] C:\Program Files\SAGEM [12/08/2007|21:11] C:\Program Files\SAGEM(2) [22/01/2011|11:59] C:\Program Files\Samsung [20/04/2007|12:58] C:\Program Files\Securitoo [27/03/2007|19:59] C:\Program Files\Services en ligne [16/08/2008|14:03] C:\Program Files\Siber Systems [16/12/2010|19:15] C:\Program Files\Skype [14/04/2010|16:37] C:\Program Files\Spybot - Search & Destroy [13/11/2008|16:43] C:\Program Files\Ubisoft [12/08/2007|21:11] C:\Program Files\Uninstall Information [27/01/2008|22:38] C:\Program Files\Valve [09/09/2010|16:46] C:\Program Files\VideoLAN [23/03/2011|13:54] C:\Program Files\VirginMega DownloadManager v3 [16/08/2010|10:24] C:\Program Files\VS Revo Group [25/06/2007|22:41] C:\Program Files\VSO [22/04/2011|13:35] C:\Program Files\Vuze_Remote [16/08/2010|13:40] C:\Program Files\Wanadoo [27/04/2007|15:58] C:\Program Files\Windows Media Connect 2 [05/03/2009|22:38] C:\Program Files\Windows Media Player [05/03/2009|22:38] C:\Program Files\Windows NT [31/07/2007|20:41] C:\Program Files\WinRAR [27/03/2007|20:02] C:\Program Files\xerox [28/04/2011|16:41] C:\Program Files\Yahoo! [25/06/2011|13:27] C:\Program Files\ZebHelpProcess [25/06/2011|15:17] C:\Program Files\ZHPDiag --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [22/06/2011|15:57] C:\Program Files\Fichiers communs\Adobe [23/03/2011|13:53] C:\Program Files\Fichiers communs\Adobe AIR [31/07/2007|20:41] C:\Program Files\Fichiers communs\Ahead [26/04/2007|20:40] C:\Program Files\Fichiers communs\AOL [29/03/2007|18:39] C:\Program Files\Fichiers communs\aolback [12/08/2007|21:11] C:\Program Files\Fichiers communs\aolshare [29/03/2010|18:48] C:\Program Files\Fichiers communs\Apple [25/06/2007|22:40] C:\Program Files\Fichiers communs\AVSMedia [09/09/2010|12:50] C:\Program Files\Fichiers communs\DESIGNER [08/04/2008|21:22] C:\Program Files\Fichiers communs\fluxDVD [28/03/2007|10:47] C:\Program Files\Fichiers communs\Hewlett-Packard [28/03/2007|10:45] C:\Program Files\Fichiers communs\HP [05/03/2009|23:01] C:\Program Files\Fichiers communs\InstallShield [22/06/2011|13:34] C:\Program Files\Fichiers communs\Java [18/12/2010|09:37] C:\Program Files\Fichiers communs\LogiShrd [07/10/2010|17:26] C:\Program Files\Fichiers communs\LWS [10/09/2010|03:13] C:\Program Files\Fichiers communs\Microsoft Shared [08/04/2008|21:22] C:\Program Files\Fichiers communs\mpDRM [27/03/2007|20:00] C:\Program Files\Fichiers communs\MSSoap [22/02/2011|17:26] C:\Program Files\Fichiers communs\Nokia [29/03/2007|18:38] C:\Program Files\Fichiers communs\Nullsoft [12/08/2007|21:11] C:\Program Files\Fichiers communs\ODBC [29/03/2007|18:38] C:\Program Files\Fichiers communs\Real [22/01/2011|11:18] C:\Program Files\Fichiers communs\Samsung [27/03/2007|20:00] C:\Program Files\Fichiers communs\Services [16/12/2010|19:15] C:\Program Files\Fichiers communs\Skype [26/03/2007|22:41] C:\Program Files\Fichiers communs\SpeechEngines [05/03/2009|22:38] C:\Program Files\Fichiers communs\System [20/05/2009|14:18] C:\Program Files\Fichiers communs\Vbox --------------------\\ Process ( 53 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-26 13:38:13 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\Assassin_creed_crack+update_1-02-02-[www.search-torrent.com].torrent C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\Call_of_Duty_4_Modern_Warfare_+patch_1.6&1.7+Mappack_1-4+crack_[mininova].torrent C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\Call_of_Duty_4_Modern_Warfare_+patch_1.6&1.7+Mappack_1-4+crack_[mininova][1].torrent C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\[PC_GAME]_Assassins_Creed_[FULL_GAME]___CRACK.4352568.TPB.torrent C:\DOCUME~1\Gounou\Mes documents\telechargement\changer la cle de XP\windows_xp_sp1_Service_pack_crack C:\DOCUME~1\Gounou\Mes documents\telechargement\changer la cle de XP\windows_xp_sp1_Service_pack_crack\readme2.txt C:\DOCUME~1\Gounou\Mes documents\telechargement\changer la cle de XP\windows_xp_sp1_Service_pack_crack\XPProCorp-keyChanger.exe [F:5][D:4]-> C:\DOCUME~1\Gounou\LOCALS~1\Temp [F:81][D:0]-> C:\DOCUME~1\Gounou\Cookies [F:4623][D:8]-> C:\DOCUME~1\Gounou\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 26/06/2011|13:33 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 26/06/2011|13:39 - Option : [2] --------------------\\ Fin du rapport a 13:39:08
  10. gounou51
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 26/06/2011|13:30 ) --------------------\\ Listing des dossiers dans APPLIC~1 [22/06/2011|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} [22/06/2011|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [07/07/2010|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alwil Software [24/05/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Anikop Mes Comptes 2008 [26/04/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL [29/03/2010|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [29/03/2010|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [24/06/2007|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [25/12/2007|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [25/04/2007|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [09/12/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay [20/05/2009|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet [08/04/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fluxDVD [11/07/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [22/02/2011|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations [05/03/2009|23:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [26/06/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Keep Bore Kind Seek [25/06/2007|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/10/2010|17:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [07/10/2010|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [16/08/2010|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com [25/06/2011|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [03/12/2010|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [23/06/2011|03:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08/04/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mpDRM [13/04/2009|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia [26/06/2010|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NokiaInstallerCache [28/03/2007|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [29/03/2009|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [29/03/2007|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [16/08/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [22/01/2011|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung [16/12/2010|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [28/12/2010|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [15/04/2010|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun [20/05/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk [20/09/2007|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity [28/04/2007|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [23/03/2011|13:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [10/09/2010|03:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [22/06/2011|15:55] C:\DOCUME~1\Gounou\APPLIC~1\Adobe [13/07/2008|22:30] C:\DOCUME~1\Gounou\APPLIC~1\AdobeUM [28/06/2007|22:09] C:\DOCUME~1\Gounou\APPLIC~1\Ahead [23/04/2007|21:54] C:\DOCUME~1\Gounou\APPLIC~1\AOL [30/03/2010|17:52] C:\DOCUME~1\Gounou\APPLIC~1\Apple Computer [24/06/2007|12:40] C:\DOCUME~1\Gounou\APPLIC~1\AVS4YOU [28/04/2011|17:44] C:\DOCUME~1\Gounou\APPLIC~1\Azureus [23/04/2007|21:44] C:\DOCUME~1\Gounou\APPLIC~1\BitTorrent [26/06/2007|19:08] C:\DOCUME~1\Gounou\APPLIC~1\Bowsfragbird [29/04/2007|22:04] C:\DOCUME~1\Gounou\APPLIC~1\CyberLink [11/10/2008|11:43] C:\DOCUME~1\Gounou\APPLIC~1\DAEMON Tools [01/05/2007|10:31] C:\DOCUME~1\Gounou\APPLIC~1\DeepBurner [23/04/2007|21:54] C:\DOCUME~1\Gounou\APPLIC~1\DNA [20/05/2009|16:27] C:\DOCUME~1\Gounou\APPLIC~1\Download Manager [12/08/2007|21:12] C:\DOCUME~1\Gounou\APPLIC~1\Google [01/05/2007|10:31] C:\DOCUME~1\Gounou\APPLIC~1\gtopala [22/04/2007|17:18] C:\DOCUME~1\Gounou\APPLIC~1\Help [27/03/2007|20:18] C:\DOCUME~1\Gounou\APPLIC~1\Identities [22/01/2011|11:01] C:\DOCUME~1\Gounou\APPLIC~1\InstallShield [12/07/2008|10:56] C:\DOCUME~1\Gounou\APPLIC~1\Lavasoft [07/10/2010|17:27] C:\DOCUME~1\Gounou\APPLIC~1\Leadertech [15/04/2010|16:08] C:\DOCUME~1\Gounou\APPLIC~1\Logitech [29/03/2007|18:47] C:\DOCUME~1\Gounou\APPLIC~1\Macromedia [25/06/2011|11:34] C:\DOCUME~1\Gounou\APPLIC~1\Malwarebytes [18/12/2010|09:27] C:\DOCUME~1\Gounou\APPLIC~1\Media Player Classic [28/04/2011|10:21] C:\DOCUME~1\Gounou\APPLIC~1\Microsoft [17/08/2010|11:35] C:\DOCUME~1\Gounou\APPLIC~1\Mozilla [22/02/2011|17:25] C:\DOCUME~1\Gounou\APPLIC~1\Nokia [04/04/2009|10:38] C:\DOCUME~1\Gounou\APPLIC~1\OpenOffice.org [24/10/2009|12:54] C:\DOCUME~1\Gounou\APPLIC~1\PC Suite [22/01/2011|11:45] C:\DOCUME~1\Gounou\APPLIC~1\Samsung [09/07/2007|21:38] C:\DOCUME~1\Gounou\APPLIC~1\SecuROM [23/06/2011|03:26] C:\DOCUME~1\Gounou\APPLIC~1\Skype [23/06/2011|00:08] C:\DOCUME~1\Gounou\APPLIC~1\skypePM [22/04/2007|20:44] C:\DOCUME~1\Gounou\APPLIC~1\Sun [23/03/2011|13:54] C:\DOCUME~1\Gounou\APPLIC~1\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 [24/05/2011|21:47] C:\DOCUME~1\Gounou\APPLIC~1\vlc [25/06/2007|22:41] C:\DOCUME~1\Gounou\APPLIC~1\Vso [12/08/2007|21:09] C:\DOCUME~1\Gounou\APPLIC~1\WholeSecurity [31/07/2007|20:41] C:\DOCUME~1\Gounou\APPLIC~1\WinRAR [07/04/2009|18:34] C:\DOCUME~1\Gounou\APPLIC~1\Yahoo! [29/03/2007|18:39] C:\DOCUME~1\Gounou\APPLIC~1\You've Got Pictures Screensaver [28/04/2007|08:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [10/09/2010|03:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [23/06/2011 16:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [26/06/2011 13:30][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{8FA9AE11-9EE1-44B6-A571-70C37AF786E3}.job [26/06/2011 13:00][--ah-----] C:\WINDOWS\tasks\A8B189E894BE014C.job [25/06/2011 13:19][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/09/2001 14:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini ( A8B189E894BE014C.job )=( c:\docume~1\gounou\applic~1\bowsfr~1\MediaGramDent.exe ) --------------------\\ Listing des dossiers dans C:\Program Files [24/06/2007|16:47] C:\Program Files\3nity Video Convert [22/06/2011|15:46] C:\Program Files\Adobe [25/06/2011|12:53] C:\Program Files\Ad-Remover [26/04/2007|20:05] C:\Program Files\ahead [07/07/2010|14:34] C:\Program Files\Alwil Software [28/03/2007|10:28] C:\Program Files\Analog Devices [29/03/2010|18:48] C:\Program Files\Apple Software Update [07/07/2010|14:16] C:\Program Files\Astonsoft [12/08/2007|21:11] C:\Program Files\AVS4YOU [22/04/2011|13:37] C:\Program Files\Azureus [23/04/2007|21:54] C:\Program Files\BitTorrent [29/03/2010|18:48] C:\Program Files\Bonjour [18/12/2010|09:29] C:\Program Files\Canon [12/08/2007|21:11] C:\Program Files\Catalencoder [22/06/2011|15:36] C:\Program Files\CCleaner [22/01/2011|11:46] C:\Program Files\Common Files [12/08/2007|21:11] C:\Program Files\ComPlus Applications [28/04/2011|16:41] C:\Program Files\Conquete 2.0 [12/08/2007|21:11] C:\Program Files\CyberLink [28/04/2011|16:41] C:\Program Files\DAEMON Tools Lite [28/04/2011|16:41] C:\Program Files\DAEMON Tools Toolbar [20/06/2009|10:19] C:\Program Files\DIFX [21/09/2007|09:03] C:\Program Files\eBay [18/07/2009|11:26] C:\Program Files\EBP [08/10/2007|18:36] C:\Program Files\eMule [22/06/2011|15:57] C:\Program Files\Fichiers communs [22/06/2009|20:46] C:\Program Files\Google [28/04/2011|16:41] C:\Program Files\gPotato.eu [12/07/2008|10:58] C:\Program Files\HardwareDetection [17/08/2010|11:40] C:\Program Files\HP [25/04/2011|17:25] C:\Program Files\InstallShield Installation Information [28/03/2007|09:41] C:\Program Files\Intel [24/06/2011|03:19] C:\Program Files\Internet Explorer [28/04/2011|16:41] C:\Program Files\IVT Corporation [22/06/2011|13:32] C:\Program Files\Java [28/04/2011|16:41] C:\Program Files\Landes Eternelles [28/04/2011|16:41] C:\Program Files\Lavasoft [16/08/2010|10:27] C:\Program Files\Lecteur CANALPLAY [22/01/2011|11:00] C:\Program Files\LG Electronics [22/01/2011|11:02] C:\Program Files\LGInternetKit [08/10/2010|03:18] C:\Program Files\Logitech [16/08/2010|10:30] C:\Program Files\ma-config.com [25/06/2011|11:34] C:\Program Files\Malwarebytes' Anti-Malware [22/01/2011|11:45] C:\Program Files\MarkAny [29/03/2007|11:39] C:\Program Files\MC2 [10/09/2010|03:26] C:\Program Files\Messenger [08/10/2010|03:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [27/03/2007|20:02] C:\Program Files\microsoft frontpage [09/09/2010|12:50] C:\Program Files\Microsoft Office [09/09/2010|12:50] C:\Program Files\Microsoft Visual Studio [10/09/2010|03:12] C:\Program Files\Microsoft Works [22/01/2011|11:28] C:\Program Files\Microsoft.NET [10/09/2010|03:04] C:\Program Files\Movie Maker [17/08/2010|11:35] C:\Program Files\Mozilla Firefox [12/08/2007|21:11] C:\Program Files\Mozilla Firefox(2) [09/09/2010|12:50] C:\Program Files\MSBuild [27/03/2007|19:59] C:\Program Files\MSN [27/03/2007|19:59] C:\Program Files\MSN Gaming Zone [10/09/2010|03:01] C:\Program Files\MSXML 4.0 [20/01/2008|16:34] C:\Program Files\MUSICMATCH [31/07/2007|20:41] C:\Program Files\Nero [05/03/2009|22:38] C:\Program Files\NetMeeting [28/04/2011|16:41] C:\Program Files\Nokia [22/02/2011|17:28] C:\Program Files\OpenOffice.org 3 [16/12/2010|04:00] C:\Program Files\Outlook Express [28/04/2011|16:41] C:\Program Files\Overland [15/04/2010|16:10] C:\Program Files\Panda Security [09/11/2008|17:42] C:\Program Files\Passbox2007 [25/04/2011|17:17] C:\Program Files\PC Connectivity Solution [29/03/2007|18:39] C:\Program Files\QuickTime [25/04/2011|16:53] C:\Program Files\Raptr [29/03/2007|18:38] C:\Program Files\Real [12/08/2007|21:11] C:\Program Files\Realtek [29/03/2010|18:49] C:\Program Files\Safari [28/04/2011|16:41] C:\Program Files\SAGEM [12/08/2007|21:11] C:\Program Files\SAGEM(2) [22/01/2011|11:59] C:\Program Files\Samsung [20/04/2007|12:58] C:\Program Files\Securitoo [27/03/2007|19:59] C:\Program Files\Services en ligne [16/08/2008|14:03] C:\Program Files\Siber Systems [16/12/2010|19:15] C:\Program Files\Skype [14/04/2010|16:37] C:\Program Files\Spybot - Search & Destroy [13/11/2008|16:43] C:\Program Files\Ubisoft [12/08/2007|21:11] C:\Program Files\Uninstall Information [27/01/2008|22:38] C:\Program Files\Valve [09/09/2010|16:46] C:\Program Files\VideoLAN [23/03/2011|13:54] C:\Program Files\VirginMega DownloadManager v3 [16/08/2010|10:24] C:\Program Files\VS Revo Group [25/06/2007|22:41] C:\Program Files\VSO [22/04/2011|13:35] C:\Program Files\Vuze_Remote [16/08/2010|13:40] C:\Program Files\Wanadoo [27/04/2007|15:58] C:\Program Files\Windows Media Connect 2 [05/03/2009|22:38] C:\Program Files\Windows Media Player [05/03/2009|22:38] C:\Program Files\Windows NT [31/07/2007|20:41] C:\Program Files\WinRAR [27/03/2007|20:02] C:\Program Files\xerox [28/04/2011|16:41] C:\Program Files\Yahoo! [25/06/2011|13:27] C:\Program Files\ZebHelpProcess [25/06/2011|15:17] C:\Program Files\ZHPDiag --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [22/06/2011|15:57] C:\Program Files\Fichiers communs\Adobe [23/03/2011|13:53] C:\Program Files\Fichiers communs\Adobe AIR [31/07/2007|20:41] C:\Program Files\Fichiers communs\Ahead [26/04/2007|20:40] C:\Program Files\Fichiers communs\AOL [29/03/2007|18:39] C:\Program Files\Fichiers communs\aolback [12/08/2007|21:11] C:\Program Files\Fichiers communs\aolshare [29/03/2010|18:48] C:\Program Files\Fichiers communs\Apple [25/06/2007|22:40] C:\Program Files\Fichiers communs\AVSMedia [09/09/2010|12:50] C:\Program Files\Fichiers communs\DESIGNER [08/04/2008|21:22] C:\Program Files\Fichiers communs\fluxDVD [28/03/2007|10:47] C:\Program Files\Fichiers communs\Hewlett-Packard [28/03/2007|10:45] C:\Program Files\Fichiers communs\HP [05/03/2009|23:01] C:\Program Files\Fichiers communs\InstallShield [22/06/2011|13:34] C:\Program Files\Fichiers communs\Java [18/12/2010|09:37] C:\Program Files\Fichiers communs\LogiShrd [07/10/2010|17:26] C:\Program Files\Fichiers communs\LWS [10/09/2010|03:13] C:\Program Files\Fichiers communs\Microsoft Shared [08/04/2008|21:22] C:\Program Files\Fichiers communs\mpDRM [27/03/2007|20:00] C:\Program Files\Fichiers communs\MSSoap [22/02/2011|17:26] C:\Program Files\Fichiers communs\Nokia [29/03/2007|18:38] C:\Program Files\Fichiers communs\Nullsoft [12/08/2007|21:11] C:\Program Files\Fichiers communs\ODBC [29/03/2007|18:38] C:\Program Files\Fichiers communs\Real [22/01/2011|11:18] C:\Program Files\Fichiers communs\Samsung [27/03/2007|20:00] C:\Program Files\Fichiers communs\Services [16/12/2010|19:15] C:\Program Files\Fichiers communs\Skype [26/03/2007|22:41] C:\Program Files\Fichiers communs\SpeechEngines [05/03/2009|22:38] C:\Program Files\Fichiers communs\System [20/05/2009|14:18] C:\Program Files\Fichiers communs\Vbox --------------------\\ Process ( 57 Processes ) IEXPLORE.EXE ~ [PID:2232] IEXPLORE.EXE ~ [PID:3544] IEXPLORE.EXE ~ [PID:3292] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\Gounou\APPLIC~1\bowsfr~1 C:\WINDOWS\Tasks\A8B189E894BE014C.job --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 10473 [ 70 ## added by CiD ] --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-26 13:32:04 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\Assassin_creed_crack+update_1-02-02-[www.search-torrent.com].torrent C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\Call_of_Duty_4_Modern_Warfare_+patch_1.6&1.7+Mappack_1-4+crack_[mininova].torrent C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\Call_of_Duty_4_Modern_Warfare_+patch_1.6&1.7+Mappack_1-4+crack_[mininova][1].torrent C:\DOCUME~1\Gounou\Application Data\Azureus\torrents\[PC_GAME]_Assassins_Creed_[FULL_GAME]___CRACK.4352568.TPB.torrent C:\DOCUME~1\Gounou\Mes documents\telechargement\changer la cle de XP\windows_xp_sp1_Service_pack_crack C:\DOCUME~1\Gounou\Mes documents\telechargement\changer la cle de XP\windows_xp_sp1_Service_pack_crack\readme2.txt C:\DOCUME~1\Gounou\Mes documents\telechargement\changer la cle de XP\windows_xp_sp1_Service_pack_crack\XPProCorp-keyChanger.exe [F:9][D:4]-> C:\DOCUME~1\Gounou\LOCALS~1\Temp [F:81][D:0]-> C:\DOCUME~1\Gounou\Cookies [F:4613][D:8]-> C:\DOCUME~1\Gounou\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 26/06/2011|13:33 - Option : [1] --------------------\\ Fin du rapport a 13:33:07
  11. gounou51
    Rapport de ZHPDiag v1.27.2347 par Nicolas Coolman, Update du 25/06/2011 Run by Gounou at 25/06/2011 15:16:16 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) ---\\ System Information Windows XP Professional Service Pack 3 (Build 2600) Processor: x86 Family 6 Model 15 Stepping 6, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1023 MB (28% free) System Restore: Activé (Enable) System drive C: has 82 GB (64%) free of 128 GB ---\\ Logged in mode Computer Name: CHRISTOP-76SWA3 User Name: Gounou All Users Names: SUPPORT_388945a0, HelpAssistant, Gounou, ASPNET, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\Gounou\Application Data %LocalAppData%=C:\Documents and Settings\Gounou\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\Gounou\Menu Démarrer ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 128 Go) D:\ CD-ROM drive (Not Inserted) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 19:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.42F5E14E33D79C236680468B1E4999F4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.25/04/2011 17:06:11.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 11:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 12:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 32/407 ~ Mes musiques (My Musics) : 15/38 ~ Mes Videos (My Videos) : 8/64 ~ Mes Favoris (My Favorites) : 2/116 ~ Mes Documents (My Documents) : 110/7736 ~ Mon Bureau (My Desktop) : 0/16 ~ Menu demarrer (Programs) : 5/32 ~ Dossier utilisateur (AppData) : 38/1755 ---\\ Processus lancés [MD5.7DE3EE7DBEE14C1F8375CB82466C9321] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [MD5.5C9B1D83755B36237B70F95DF3D46A52] - (.Microsoft Corporation - DDE Réseau - Communication DDE.) -- C:\WINDOWS\system32\netdde.exe [114176] [MD5.85180CF88C5EBAD73B452A43A004CA51] - (.AOL LLC - AOL Connectivity Service.) -- C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [46640] [MD5.A065F048E9E23E6C026A7BB548D126A7] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120] [MD5.F96C429788350DB4BA6771C3034DFD88] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.Exe [217088] [MD5.D1261099E03EEE90976EA19002995B89] - (.France Telecom - FTRTSVC NT Service.) -- C:\WINDOWS\System32\FTRTSVC.exe [40960] [MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.2333057542C91AE8228BDCCC2E5F2632] - (.Logitech Inc. - LVPrcSrv Module..) -- C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe [162648] [MD5.BE4A98439A5E26CBC70DB20E996938DC] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.31.) -- C:\WINDOWS\system32\nvsvc32.exe [155715] [MD5.EB9A99AB5D17B1727034FF191E6448D7] - (.America Online, Inc. - Wan Miniport (ATW) Service.) -- C:\WINDOWS\wanmpsvc.exe [65536] [MD5.1BE6FBEE744B1F35A8A57D7468DAA686] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [843776] [MD5.5A25A52B38E8406AAFD2E04325321165] - (.Analog Devices, Inc. - Audio Control Panel.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [729088] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\RunDLL32.exe [33792] [MD5.EA9D3466AC7A7F62D386937DF9CB8C41] - (.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\RealPlay.exe [26112] [MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe [3459712] [MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [MD5.4F7A6C9AA6AE9E333DA83A8835DC9B35] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [160592] [MD5.2C9FEE1A8A67B35E3FDBD1DDC8848A3A] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3373456] [MD5.F4BD4E21B7427C90A45BFB14E6E510BE] - (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [19872] [MD5.DA6B945E561B1D1DA67663BB45B4B868] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor (CUE).) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [237568] [MD5.5C1CADD1CB67C0B9D8A84EC6E4D6B5CC] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [65795] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [MD5.E75D8F09B954FB8EF4B83E4EE9E985F4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [660992] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Gounou\Application Data\Mozilla\Firefox\Profiles\5pqf3s5s.default\prefs.js P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@fluxdvd.com/NPAPIX] - (.Pas de propriétaire - APIX Mozilla Plugin.) -- C:\Program Files\Fichiers communs\fluxDVD\APIX\NPAPIX.dll P2 - FPN: [HKLM] [@fluxdvd.com/NPFluxBrowserHelper] - (.Pas de propriétaire - fluxDVD Browser Helper Plugin.) -- C:\Program Files\Fichiers communs\fluxDVD\BrowserIntegration\NPFluxBrowserHelper.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@protectdisc.com/NPMPDRM] - (.Pas de propriétaire - MPDRM License Acquisition Plugin.) -- C:\Program Files\Fichiers communs\mpDRM\NPMPDRM.dll M2 - MFEP: prefs.js [Gounou - 5pqf3s5s.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Toolbar v2.7.2.0 (.Conduit Ltd..) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Portail Orange – page d'accueil personnalisée non compatible avec votre navigateur R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = Portail Orange – page d'accueil personnalisée non compatible avec votre navigateur R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - SearchPageURL Module.) (1, 0, 0, 1) -- C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)) -- C:\WINDOWS\system32\ieframe.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar2.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (...) -- (.not file.) ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [JMB36X Configure] . (.JMicron Technology Corp. - JMicron JR036X RAID Application.) -- C:\WINDOWS\System32\JMRaidTool.exe O4 - HKLM\..\Run: [soundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] . (.Analog Devices, Inc. - Audio Control Panel.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\System32\NvMCTray.dll O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [RealTray] . (.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\RealPlay.exe O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ImageReady 7.0.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\ImageReady.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop 7.0.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 7.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A71000000002}\SC_Reader_PM.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\VirginMega DownloadManager v3.lnk . (...) -- C:\Program Files\VirginMega DownloadManager v3\VirginMega DownloadManager v3.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Azureus\Azureus.exe O4 - Global Startup: C:\Documents And Settings\Gounou\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\Gounou\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\Gounou\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\Gounou\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &eBay Search - (.not file.) - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: Barre RoboForm - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: Enregistrer le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Personnaliser le menu - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} . (...) -- C:\Program Files\Real\RealPlayer\eb_act.ico O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- C:\Program Files\Real\RealPlayer\eb_act.ico O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\Program Files\Real\RealPlayer\eb_act.ico O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] *.canalplay.com O15 - Trusted Zone: [HKCU\...\Domains\www] *.canalplay.com O15 - Trusted Zone: [HKCU\...\Domains] *.canalplusactive.com O15 - Trusted Zone: [HKCU\...\Domains\www] *.canalplusactive.com O15 - Trusted Zone: [HKCU\...\Domains\www] http.secuser.com O15 - Trusted Zone: [HKLM\...\Domains] *.canalplay.com O15 - Trusted Zone: [HKLM\...\Domains\www] *.canalplay.com O15 - Trusted Zone: [HKLM\...\Domains] *.canalplusactive.com O15 - Trusted Zone: [HKLM\...\Domains\www] *.canalplusactive.com ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} () - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} () - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236274462625 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{35997C0C-7573-4CF6-93BD-9A9380C08245}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{35997C0C-7573-4CF6-93BD-9A9380C08245}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{35997C0C-7573-4CF6-93BD-9A9380C08245}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{35997C0C-7573-4CF6-93BD-9A9380C08245}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} . (.Hewlett-Packard Company - HPCETIUI Protocol Handler Module.) -- C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: AOL Connectivity Service (AOL ACS) . (.AOL LLC - AOL Connectivity Service.) - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\WINDOWS\system32\FsUsbExService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom - FTRTSVC NT Service.) - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.31.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) . (.America Online, Inc. - Wan Miniport (ATW) Service.) - C:\WINDOWS\wanmpsvc.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\A8B189E894BE014C.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{8FA9AE11-9EE1-44B6-A571-70C37AF786E3}.job [MD5.00000000000000000000000000000000] [APT] [A8B189E894BE014C] (...) -- c:\docume~1\Gounou\applic~1\bowsfr~1\MediaGramDent.exe (.not file.) [MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: AI RoboForm (All Users) - (.Pas de propriétaire.) [HKLM] -- AI RoboForm O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {AFF7E080-1974-45BF-9310-10DE1A1F5ED0} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0 O42 - Logiciel: Adobe Reader 7.1.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A71000000002} O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {E1B2DF7C-A176-4A1D-9D32-3CEC5037A524} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {76BC2442-0002-47FA-9617-43BAD82BEF4C} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3} O42 - Logiciel: HP Image Zone 3.5 - (.HP.) [HKLM] -- HP Photo & Imaging O42 - Logiciel: HP PSC & OfficeJet 3.5 - (.HP.) [HKLM] -- {0FABD3D7-3036-4e78-B29D-58957ADB0A12} O42 - Logiciel: HP Software Update - (.Hewlett-Packard.) [HKLM] -- {34957B51-9676-41CE-9E52-44AE91B73F1C} O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2461678 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: JRAID - (.JMICRON Technologies, Inc..) [HKLM] -- {3A1B5D40-41E9-43FA-8C7B-A8667F5586EF} O42 - Logiciel: Java 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF} O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030} O42 - Logiciel: Java 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: LG Internet Kit - (.LG Electronics.) [HKLM] -- {40034B11-149E-4310-AE89-BB575B02525B} O42 - Logiciel: LG USB Modem Drivers - (.LG Electronics.) [HKLM] -- {E1640DA5-89B4-4F52-B15D-5DA3D14F29D4} O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB} O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9} O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6} O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA} O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967} O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM] -- {174A3B31-4C43-43DD-866F-73C9DB887B48} O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441} O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F} O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D} O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189} O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215} O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27} O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wdf01005 O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007 O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009 O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: Nero - Burning Rom - (.ahead software gmbh.) [HKLM] -- {A4D7B764-4140-11D4-88EB-0050DA3579C0} O42 - Logiciel: Nero Lite 7.8.5.0 - (.Updatepack.nl.) [HKLM] -- Nero 7 Lite_is1 O42 - Logiciel: OutlookAddInNet3Setup - (.Samsung.) [HKLM] -- {5B4383F2-37EE-4E97-AD81-F5FF76F286DA} O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525} O42 - Logiciel: RealPlayer Basic - (.Pas de propriétaire.) [HKLM] -- RealPlayer 6.0 O42 - Logiciel: Revo Uninstaller 1.89 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: SAGEM F@st 800-840 - (.Pas de propriétaire.) [HKLM] -- {4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F} O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {A67BB21E-D419-45BB-AB86-7D87D14BBCE2} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Skype™ 5.0 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2536413) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{95DF5260-331D-4FFD-A2D5-C64164751945} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2536413) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{95DF5260-331D-4FFD-A2D5-C64164751945} O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: VirginMega DownloadManager V3 - (.VirginMega.) [HKLM] -- VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 O42 - Logiciel: VirginMega DownloadManager V3 - (.VirginMega.) [HKLM] -- {2C04A015-8C68-AA1B-E4A2-33E11AAF6212} O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -- Vuze_Remote Toolbar O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: ZebHelpProcess 2.49 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1 O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} O42 - Logiciel: overland - (.HP.) [HKLM] -- {766273C1-A39B-47EB-ACE8-DEBDD8094BCC} ---\\ HKCU & HKLM Software Keys [HKCU\Software\AC3Filter] [HKCU\Software\ALWIL Software] [HKCU\Software\AOLToolbar] [HKCU\Software\ASUS] [HKCU\Software\AVAST Software] [HKCU\Software\AVS4YOU] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\America Online] [HKCU\Software\Analog Devices] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Astonsoft] [HKCU\Software\Azureus] [HKCU\Software\BVRP Software] [HKCU\Software\CISRA] [HKCU\Software\Canal+ Active] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreAAC] [HKCU\Software\CoreVorbis] [HKCU\Software\Cyberlink] [HKCU\Software\DivXNetworks] [HKCU\Software\Enigma Protector] [HKCU\Software\FRANCE TELECOM] [HKCU\Software\Freeware] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IGA] [HKCU\Software\INCAInternet] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Jitit Virtual Registry] [HKCU\Software\LG Electronics Inc] [HKCU\Software\Lake] [HKCU\Software\Lavasoft] [HKCU\Software\Leadertech] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogiShrd] [HKCU\Software\Logitech] [HKCU\Software\MGS] [HKCU\Software\MUSICMATCH] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Microgaming] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\NVIDIA nvCpl Container] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\Pegasys Inc.] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Rapl] [HKCU\Software\Raptr] [HKCU\Software\SOFTWARE] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Samsung] [HKCU\Software\Satsuki Decoder Pack] [HKCU\Software\Siber Systems] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\Trolltech] [HKCU\Software\Ubisoft] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VFPlugin] [HKCU\Software\VSO] [HKCU\Software\VSRevoGroup] [HKCU\Software\Valve] [HKCU\Software\Vuze_Remote] [HKCU\Software\WholeSecurity] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\ahead] [HKCU\Software\eMule] [HKCU\Software\ej-technologies] [HKCU\Software\fluxDVD] [HKCU\Software\kde.org] [HKLM\Software\3vc] [HKLM\Software\ALWIL Software] [HKLM\Software\ASUS] [HKLM\Software\AVAST Software] [HKLM\Software\AVS4YOU] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Analog Devices] [HKLM\Software\Andrea Electronics] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Azureus] [HKLM\Software\BVRP Software] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\Canal+ Active] [HKLM\Software\Canal+ Distribution] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DT Soft] [HKLM\Software\DivXNetworks] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\IDSimple inc.] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JMICRON Technologies, Inc.] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LEAD Technologies, Inc.] [HKLM\Software\LG Electronics] [HKLM\Software\Lake] [HKLM\Software\MAGIX] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\Oak Technology] [HKLM\Software\Panda Software] [HKLM\Software\PepiMK Software] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Preview Systems] [HKLM\Software\Program Groups] [HKLM\Software\Pure Networks] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SAGEM] [HKLM\Software\SOFTWARE] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung] [HKLM\Software\Sauleo3vc] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Sensaura] [HKLM\Software\Sensible Vision] [HKLM\Software\Siber Systems] [HKLM\Software\Skype] [HKLM\Software\Staccato] [HKLM\Software\TechCity] [HKLM\Software\Ubisoft] [HKLM\Software\Uniblue] [HKLM\Software\VSO] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\Vuze_Remote] [HKLM\Software\WholeSecurity] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Yahoo] [HKLM\Software\ej-technologies] [HKLM\Software\logishrd] [HKLM\Software\logitech] [HKLM\Software\magnet] [HKLM\Software\mozilla.org] [HKLM\Software\mpDRM] [HKLM\Software\nFlavor] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 24/06/2007 - 16:47:20 - [3154380804] ----D- C:\Program Files\3nity Video Convert O43 - CFD: 25/06/2011 - 12:53:20 - [71368628] ----D- C:\Program Files\Ad-Remover O43 - CFD: 22/06/2011 - 15:46:48 - [326991110] ----D- C:\Program Files\Adobe O43 - CFD: 26/04/2007 - 20:05:30 - [38271782] ----D- C:\Program Files\ahead O43 - CFD: 07/07/2010 - 14:34:28 - [158785579] ----D- C:\Program Files\Alwil Software O43 - CFD: 28/03/2007 - 10:28:36 - [5294614] ----D- C:\Program Files\Analog Devices O43 - CFD: 29/03/2010 - 18:48:06 - [2221118] ----D- C:\Program Files\Apple Software Update O43 - CFD: 07/07/2010 - 14:16:38 - [0] ----D- C:\Program Files\Astonsoft O43 - CFD: 12/08/2007 - 21:11:38 - [0] ----D- C:\Program Files\AVS4YOU O43 - CFD: 22/04/2011 - 13:37:18 - [152239485] ----D- C:\Program Files\Azureus O43 - CFD: 23/04/2007 - 21:54:14 - [11945339] ----D- C:\Program Files\BitTorrent O43 - CFD: 29/03/2010 - 18:48:48 - [599827] ----D- C:\Program Files\Bonjour O43 - CFD: 18/12/2010 - 09:29:36 - [4067971] ----D- C:\Program Files\Canon O43 - CFD: 12/08/2007 - 21:11:38 - [0] ----D- C:\Program Files\Catalencoder O43 - CFD: 22/06/2011 - 15:36:38 - [4554367] ----D- C:\Program Files\CCleaner O43 - CFD: 22/01/2011 - 11:46:28 - [20471030] ----D- C:\Program Files\Common Files O43 - CFD: 12/08/2007 - 21:11:38 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 28/04/2011 - 16:41:48 - [0] ----D- C:\Program Files\Conquete 2.0 O43 - CFD: 12/08/2007 - 21:11:38 - [5502409] ----D- C:\Program Files\CyberLink O43 - CFD: 28/04/2011 - 16:41:48 - [5224196] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 28/04/2011 - 16:41:48 - [0] ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD: 20/06/2009 - 10:19:30 - [1595928] ----D- C:\Program Files\DIFX O43 - CFD: 21/09/2007 - 09:03:26 - [81692] ----D- C:\Program Files\eBay O43 - CFD: 18/07/2009 - 11:26:04 - [1377] ----D- C:\Program Files\EBP O43 - CFD: 08/10/2007 - 18:36:08 - [612210] ----D- C:\Program Files\eMule O43 - CFD: 22/06/2011 - 15:57:52 - [741231845] ----D- C:\Program Files\Fichiers communs O43 - CFD: 22/06/2009 - 20:46:02 - [65171806] ----D- C:\Program Files\Google O43 - CFD: 28/04/2011 - 16:41:52 - [3625037] ----D- C:\Program Files\gPotato.eu O43 - CFD: 12/07/2008 - 10:58:40 - [408744] ----D- C:\Program Files\HardwareDetection O43 - CFD: 17/08/2010 - 11:40:42 - [333359475] ----D- C:\Program Files\HP O43 - CFD: 25/04/2011 - 17:25:32 - [22347285] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 28/03/2007 - 09:41:06 - [41111] ----D- C:\Program Files\Intel O43 - CFD: 24/06/2011 - 03:19:24 - [5732097] ----D- C:\Program Files\Internet Explorer O43 - CFD: 28/04/2011 - 16:41:54 - [2576701] ----D- C:\Program Files\IVT Corporation O43 - CFD: 22/06/2011 - 13:32:50 - [315394756] ----D- C:\Program Files\Java O43 - CFD: 28/04/2011 - 16:41:50 - [3560916] ----D- C:\Program Files\Landes Eternelles O43 - CFD: 28/04/2011 - 16:41:54 - [0] ----D- C:\Program Files\Lavasoft O43 - CFD: 16/08/2010 - 10:27:12 - [0] ----D- C:\Program Files\Lecteur CANALPLAY O43 - CFD: 22/01/2011 - 11:00:34 - [1040310] ----D- C:\Program Files\LG Electronics O43 - CFD: 22/01/2011 - 11:02:48 - [10274854] ----D- C:\Program Files\LGInternetKit O43 - CFD: 08/10/2010 - 03:18:12 - [132878013] ----D- C:\Program Files\Logitech O43 - CFD: 16/08/2010 - 10:30:16 - [250] ----D- C:\Program Files\ma-config.com O43 - CFD: 25/06/2011 - 11:34:16 - [7566871] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 22/01/2011 - 11:45:38 - [2569464] ----D- C:\Program Files\MarkAny O43 - CFD: 29/03/2007 - 11:39:16 - [512263] ----D- C:\Program Files\MC2 O43 - CFD: 10/09/2010 - 03:26:52 - [2175507] ----D- C:\Program Files\Messenger O43 - CFD: 08/10/2010 - 03:01:14 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 27/03/2007 - 20:02:46 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 09/09/2010 - 12:50:30 - [815684667] ----D- C:\Program Files\Microsoft Office O43 - CFD: 09/09/2010 - 12:50:12 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 10/09/2010 - 03:12:16 - [3726168] ----D- C:\Program Files\Microsoft Works O43 - CFD: 22/01/2011 - 11:28:04 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 10/09/2010 - 03:04:10 - [11350841] ----D- C:\Program Files\Movie Maker O43 - CFD: 17/08/2010 - 11:35:54 - [444361] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 12/08/2007 - 21:11:38 - [7401383] ----D- C:\Program Files\Mozilla Firefox(2) O43 - CFD: 09/09/2010 - 12:50:52 - [764] ----D- C:\Program Files\MSBuild O43 - CFD: 27/03/2007 - 19:59:32 - [32853033] ----D- C:\Program Files\MSN O43 - CFD: 27/03/2007 - 19:59:16 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 10/09/2010 - 03:01:38 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 20/01/2008 - 16:34:44 - [380480] ----D- C:\Program Files\MUSICMATCH O43 - CFD: 31/07/2007 - 20:41:38 - [93831964] ----D- C:\Program Files\Nero O43 - CFD: 05/03/2009 - 22:38:56 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 28/04/2011 - 16:41:54 - [0] ----D- C:\Program Files\Nokia O43 - CFD: 22/02/2011 - 17:28:34 - [31255116] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 16/12/2010 - 04:00:46 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 28/04/2011 - 16:41:52 - [5314224] ----D- C:\Program Files\Overland O43 - CFD: 15/04/2010 - 16:10:04 - [0] ----D- C:\Program Files\Panda Security O43 - CFD: 09/11/2008 - 17:42:52 - [282] ----D- C:\Program Files\Passbox2007 O43 - CFD: 25/04/2011 - 17:17:24 - [0] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 29/03/2007 - 18:39:10 - [2547686] ----D- C:\Program Files\QuickTime O43 - CFD: 25/04/2011 - 16:53:30 - [30451937] ----D- C:\Program Files\Raptr O43 - CFD: 29/03/2007 - 18:38:46 - [8442011] ----D- C:\Program Files\Real O43 - CFD: 12/08/2007 - 21:11:38 - [0] ----D- C:\Program Files\Realtek O43 - CFD: 29/03/2010 - 18:49:16 - [38024849] ----D- C:\Program Files\Safari O43 - CFD: 28/04/2011 - 16:41:52 - [3280968] ----D- C:\Program Files\SAGEM O43 - CFD: 12/08/2007 - 21:11:44 - [8662829] ----D- C:\Program Files\SAGEM(2) O43 - CFD: 22/01/2011 - 11:59:28 - [208864904] ----D- C:\Program Files\Samsung O43 - CFD: 20/04/2007 - 12:58:34 - [19049334] ----D- C:\Program Files\Securitoo O43 - CFD: 27/03/2007 - 19:59:32 - [2679] ----D- C:\Program Files\Services en ligne O43 - CFD: 16/08/2008 - 14:03:38 - [11796925] ----D- C:\Program Files\Siber Systems O43 - CFD: 16/12/2010 - 19:15:56 - [19057007] R---D- C:\Program Files\Skype O43 - CFD: 14/04/2010 - 16:37:34 - [74658901] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 13/11/2008 - 16:43:38 - [1972738] ----D- C:\Program Files\Ubisoft O43 - CFD: 12/08/2007 - 21:11:38 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 27/01/2008 - 22:38:56 - [176602294] ----D- C:\Program Files\Valve O43 - CFD: 09/09/2010 - 16:46:26 - [79254610] ----D- C:\Program Files\VideoLAN O43 - CFD: 23/03/2011 - 13:54:10 - [1419044] ----D- C:\Program Files\VirginMega DownloadManager v3 O43 - CFD: 16/08/2010 - 10:24:30 - [6540639] ----D- C:\Program Files\VS Revo Group O43 - CFD: 25/06/2007 - 22:41:32 - [178] ----D- C:\Program Files\VSO O43 - CFD: 22/04/2011 - 13:35:46 - [4549434] ----D- C:\Program Files\Vuze_Remote O43 - CFD: 16/08/2010 - 13:40:16 - [33141469] ----D- C:\Program Files\Wanadoo O43 - CFD: 27/04/2007 - 15:58:50 - [3581070] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 05/03/2009 - 22:38:52 - [11597649] ----D- C:\Program Files\Windows Media Player O43 - CFD: 05/03/2009 - 22:38:52 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 31/07/2007 - 20:41:46 - [3439256] ----D- C:\Program Files\WinRAR O43 - CFD: 27/03/2007 - 20:02:46 - [0] ----D- C:\Program Files\xerox O43 - CFD: 28/04/2011 - 16:41:54 - [0] ----D- C:\Program Files\Yahoo! O43 - CFD: 25/06/2011 - 13:27:02 - [155795013] ----D- C:\Program Files\ZebHelpProcess O43 - CFD: 25/06/2011 - 15:16:46 - [3970772] ----D- C:\Program Files\ZHPDiag O43 - CFD: 30/06/2007 - 09:46:20 - [7675777] ----D- C:\Program Files\Common Files\Borland Shared O43 - CFD: 05/03/2009 - 23:41:44 - [10680853] ----D- C:\Program Files\Common Files\INCA Shared O43 - CFD: 07/10/2010 - 17:26:06 - [1953552] ----D- C:\Program Files\Common Files\LogiShrd O43 - CFD: 22/01/2011 - 11:46:28 - [160848] ----D- C:\Program Files\Common Files\Samsung O43 - CFD: 22/06/2011 - 15:55:26 - [46860431] ----D- C:\Documents and Settings\Gounou\Application Data\Adobe O43 - CFD: 13/07/2008 - 22:30:58 - [164] ----D- C:\Documents and Settings\Gounou\Application Data\AdobeUM O43 - CFD: 28/06/2007 - 22:09:36 - [81663] ----D- C:\Documents and Settings\Gounou\Application Data\Ahead O43 - CFD: 23/04/2007 - 21:54:32 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\AOL O43 - CFD: 30/03/2010 - 17:52:22 - [3489641] ----D- C:\Documents and Settings\Gounou\Application Data\Apple Computer O43 - CFD: 24/06/2007 - 12:40:52 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\AVS4YOU O43 - CFD: 28/04/2011 - 17:44:56 - [114912223] ----D- C:\Documents and Settings\Gounou\Application Data\Azureus O43 - CFD: 23/04/2007 - 21:44:04 - [98696] ----D- C:\Documents and Settings\Gounou\Application Data\BitTorrent O43 - CFD: 26/06/2007 - 19:08:36 - [1060] ----D- C:\Documents and Settings\Gounou\Application Data\Bowsfragbird O43 - CFD: 29/04/2007 - 22:04:52 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\CyberLink O43 - CFD: 11/10/2008 - 11:43:50 - [481] ----D- C:\Documents and Settings\Gounou\Application Data\DAEMON Tools O43 - CFD: 01/05/2007 - 10:31:34 - [27854] ----D- C:\Documents and Settings\Gounou\Application Data\DeepBurner O43 - CFD: 23/04/2007 - 21:54:14 - [17148] ----D- C:\Documents and Settings\Gounou\Application Data\DNA O43 - CFD: 20/05/2009 - 16:27:36 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\Download Manager O43 - CFD: 12/08/2007 - 21:12:44 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\Google O43 - CFD: 01/05/2007 - 10:31:56 - [620] ----D- C:\Documents and Settings\Gounou\Application Data\gtopala O43 - CFD: 22/04/2007 - 17:18:14 - [63] ----D- C:\Documents and Settings\Gounou\Application Data\Help O43 - CFD: 27/03/2007 - 20:18:08 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\Identities O43 - CFD: 22/01/2011 - 11:01:20 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\InstallShield O43 - CFD: 12/07/2008 - 10:57:00 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\Lavasoft O43 - CFD: 07/10/2010 - 17:27:22 - [353] ----D- C:\Documents and Settings\Gounou\Application Data\Leadertech O43 - CFD: 15/04/2010 - 16:08:52 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\Logitech O43 - CFD: 29/03/2007 - 18:47:52 - [1975349] ----D- C:\Documents and Settings\Gounou\Application Data\Macromedia O43 - CFD: 25/06/2011 - 11:34:20 - [2922769] ----D- C:\Documents and Settings\Gounou\Application Data\Malwarebytes O43 - CFD: 18/12/2010 - 09:27:38 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\Media Player Classic O43 - CFD: 28/04/2011 - 10:21:44 - [8152924] -S--D- C:\Documents and Settings\Gounou\Application Data\Microsoft O43 - CFD: 17/08/2010 - 11:35:52 - [3616503] ----D- C:\Documents and Settings\Gounou\Application Data\Mozilla O43 - CFD: 22/02/2011 - 17:25:28 - [660227] ----D- C:\Documents and Settings\Gounou\Application Data\Nokia O43 - CFD: 04/04/2009 - 10:38:32 - [2356157] ----D- C:\Documents and Settings\Gounou\Application Data\OpenOffice.org O43 - CFD: 24/10/2009 - 12:54:58 - [4876482] ----D- C:\Documents and Settings\Gounou\Application Data\PC Suite O43 - CFD: 22/01/2011 - 11:45:42 - [4860741] ----D- C:\Documents and Settings\Gounou\Application Data\Samsung O43 - CFD: 09/07/2007 - 21:38:10 - [6000] ----D- C:\Documents and Settings\Gounou\Application Data\SecuROM O43 - CFD: 23/06/2011 - 03:26:48 - [4159231] ----D- C:\Documents and Settings\Gounou\Application Data\Skype O43 - CFD: 23/06/2011 - 00:08:08 - [29640] ----D- C:\Documents and Settings\Gounou\Application Data\skypePM O43 - CFD: 22/04/2007 - 20:44:36 - [32428422] ----D- C:\Documents and Settings\Gounou\Application Data\Sun O43 - CFD: 23/03/2011 - 13:54:30 - [640] ----D- C:\Documents and Settings\Gounou\Application Data\VirginMega.DownloadManager.v3.4AE6D9B37411D7D7A2C457954142B8FA4EE6E198.1 O43 - CFD: 24/05/2011 - 21:47:48 - [1205297] ----D- C:\Documents and Settings\Gounou\Application Data\vlc O43 - CFD: 25/06/2007 - 22:41:22 - [14673] ----D- C:\Documents and Settings\Gounou\Application Data\Vso O43 - CFD: 12/08/2007 - 21:09:12 - [139940] ----D- C:\Documents and Settings\Gounou\Application Data\WholeSecurity O43 - CFD: 31/07/2007 - 20:41:46 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\WinRAR O43 - CFD: 07/04/2009 - 18:34:28 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\Yahoo! O43 - CFD: 29/03/2007 - 18:39:20 - [0] ----D- C:\Documents and Settings\Gounou\Application Data\You've Got Pictures Screensaver O43 - CFD: 22/06/2011 - 15:57:16 - [276823] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Adobe O43 - CFD: 02/04/2007 - 22:05:38 - [138683] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\AOL O43 - CFD: 29/03/2010 - 18:48:10 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Apple O43 - CFD: 27/03/2010 - 12:10:28 - [36017385] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Apple Computer O43 - CFD: 10/09/2010 - 15:24:34 - [33041] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\ApplicationHistory O43 - CFD: 23/04/2007 - 20:57:30 - [5836546] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\DNA O43 - CFD: 25/04/2011 - 17:13:38 - [76342716] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Downloaded Installations O43 - CFD: 22/06/2009 - 20:46:42 - [220323959] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Google O43 - CFD: 29/04/2007 - 22:07:12 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Help O43 - CFD: 26/04/2007 - 18:49:00 - [2712318] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\HP O43 - CFD: 20/04/2007 - 16:10:54 - [19989592] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Identities O43 - CFD: 26/04/2007 - 18:49:02 - [2577] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\IsolatedStorage O43 - CFD: 07/10/2010 - 17:29:36 - [2514239] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\LogiShrd O43 - CFD: 14/01/2008 - 13:18:46 - [5565] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\MediaLife O43 - CFD: 03/12/2010 - 18:52:04 - [42539074] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Microsoft O43 - CFD: 09/09/2010 - 12:41:50 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Microsoft Help O43 - CFD: 30/07/2007 - 18:23:50 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Mozilla O43 - CFD: 19/07/2010 - 17:53:42 - [5076843] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Nokia O43 - CFD: 19/07/2010 - 17:53:08 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\NokiaAccount O43 - CFD: 13/07/2008 - 22:32:36 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\NOS O43 - CFD: 03/12/2010 - 18:03:36 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\PackageAware O43 - CFD: 09/09/2010 - 14:29:28 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\PCHealth O43 - CFD: 14/01/2008 - 13:18:46 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Powercinema O43 - CFD: 25/04/2011 - 17:29:34 - [8011] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Samsung O43 - CFD: 27/01/2008 - 22:43:44 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Steam O43 - CFD: 26/10/2010 - 18:46:32 - [0] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Temp O43 - CFD: 22/06/2011 - 13:27:02 - [5002402] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Vuze_Remote ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D0EE1200FEFFFFFF000000000CF21200] - 25/06/2011 - 14:00:00 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32398] O44 - LFC:[MD5.D0EE1200FEFFFFFF57494E444F577E31] - 25/06/2011 - 13:35:18 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1058762] O44 - LFC:[MD5.3F24520FB8A2E633EEFB6515EC6EAA8A] - 25/06/2011 - 12:42:49 ---A- . (...) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.F849CB2B92F999D6B93976B2A2B67DB5] - 25/06/2011 - 12:23:52 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [5847] O44 - LFC:[MD5.A3467518AE33984EF7A67E4924388045] - 25/06/2011 - 12:23:02 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [5780] O44 - LFC:[MD5.F31E4FB56F4C1884914565677A7FB8CD] - 25/06/2011 - 12:21:10 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [63804] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/06/2011 - 12:20:43 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.D0EE1200FEFFFFFF000000000CF21200] - 25/06/2011 - 12:20:01 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.D0EE1200FEFFFFFF000000000CF21200] - 25/06/2011 - 12:20:00 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 25/06/2011 - 12:19:43 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/06/2011 - 12:19:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\lvuvc.hs [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/06/2011 - 12:19:33 ---A- . (...) -- C:\WINDOWS\System32\drivers\logiflt.iad [0] O44 - LFC:[MD5.AC02978B1E9140998271CEAED986260C] - 25/06/2011 - 10:26:41 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.203D6C80ECD4F03CFF4ADC894B6AA33E] - 22/06/2011 - 14:48:01 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 22/06/2011 - 12:32:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 22/06/2011 - 12:32:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 22/06/2011 - 12:32:51 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [157472] O44 - LFC:[MD5.3FA50D19887B754914491A29DF836171] - 22/06/2011 - 12:32:48 ---A- . (...) -- C:\WINDOWS\System32\jupdate-1.6.0_26-b03.log [3794] O44 - LFC:[MD5.C56A6AD54A2089FB16FDB2B438953E5A] - 22/06/2011 - 12:32:15 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.TMP [4338] O44 - LFC:[MD5.BD498AE699EE08BD6778B30BFE5F6806] - 22/06/2011 - 12:32:15 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [63710] O44 - LFC:[MD5.98A60CE9E00D1A4F6E22F9B0AE094D5D] - 22/06/2011 - 12:32:15 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [76046] O44 - LFC:[MD5.1891B19AF41C767469673EC433637449] - 22/06/2011 - 12:32:15 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [428320] O44 - LFC:[MD5.4B7DD4FAD32B8BC29BD5DDDB4FBC21A0] - 22/06/2011 - 12:32:15 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [494748] O44 - LFC:[MD5.83EEB82E9ED7098EBC0C083C6BFD3116] - 22/06/2011 - 12:19:36 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 31/05/2011 - 16:58:19 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69] O44 - LFC:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [39984] O44 - LFC:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712] O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 20/01/1999 - 04:01:00 ---A- . (...) -- C:\WINDOWS\System32\DBCLIENT.DLL [210032] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - URL Exec Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [Enabled] .(.AOL LLC - AOL Autoconnect.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" [Enabled] .(.AOL LLC - AOL Connectivity Service.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\waol.exe" [Enabled] .(...) -- C:\Program Files\AOL 9.0\waol.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(...) -- C:\Program Files\eMule\emule.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mshta.exe" [Enabled] .(.Microsoft Corporation - Microsoft ® HTML Application host.) -- C:\WINDOWS\system32\mshta.exe O47 - AAKE:Key Export SP - "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" [Enabled] .(...) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe" [Enabled] .(...) -- C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [Enabled] .(...) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\drivers\svchost.exe" [Disabled] .(...) -- C:\WINDOWS\system32\drivers\svchost.exe (.not file.) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Vid HD\Vid.exe" [Enabled] .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files\Logitech\Vid HD\Vid.exe O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe" [Enabled] .(...) -- C:\Program Files\VideoLAN\VLC\vlc.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\muzapp.exe" [Enabled] .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\WINDOWS\system32\muzapp.exe O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe" [Enabled] .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Azureus\Azureus.exe O47 - AAKE:Key Export SP - "C:\Program Files\Raptr\raptr.exe" [Enabled] .(...) -- C:\Program Files\Raptr\raptr.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Raptr\raptr_im.exe" [Enabled] .(.Pas de propriétaire - Raptr Client.) -- C:\Program Files\Raptr\raptr_im.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [Enabled] .(.AOL LLC - AOL Autoconnect.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe" [Enabled] .(.AOL LLC - AOL Connectivity Service.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe O47 - AAKE:Key Export DP - "C:\Program Files\AOL 9.0\waol.exe" [Enabled] .(...) -- C:\Program Files\AOL 9.0\waol.exe (.not file.) O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\System32\Drivers\Wdf01000.sys ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\WINDOWS\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"vct3216.acm"="Voxware Compression Toolkit" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\WINDOWS\System32\vct3216.acm O52 - TDSD: \drivers.desc\"scg726.acm"="Sharp G.726 Audio Decoder" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"alf2cd.acm"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\WINDOWS\System32\alf2cd.acm O52 - TDSD: \drivers.desc\"AC3ACM.acm"="AC-3 ACM Decompressor" . (.fccHandler - AC-3 ACM Decompressor.) -- C:\WINDOWS\System32\AC3ACM.acm O52 - TDSD: \drivers.desc\"mcdvd_32.dll"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\WINDOWS\System32\mcdvd_32.dll O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (...) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \drivers.desc\"divx.dll"="DivX 5.0.5 Codec" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"mpg4c32.dll"="MS MPEG-4 v1,2,3 driver 4.1.0.3927" . (...) -- (.not file.) ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"= O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.3F6884EFF406238D39AAA892218F1DF7] - 10/05/2011 - 12:59:37 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808] O58 - SDL:[MD5.AB0D9669BAB1009E48CC91117E59912B] - 02/05/2006 - 18:12:06 R--A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys [229376] O58 - SDL:[MD5.2B3B8C0A2C979DD77BA6DC9376074854] - 02/03/2004 - 07:26:58 ---A- . (.Analog Deivces - USB Firmware loader.) -- C:\WINDOWS\system32\drivers\adildr.sys [50007] O58 - SDL:[MD5.8474AE96E3C5AF18F1B520D160099444] - 19/09/2005 - 12:28:08 ---A- . (.Analog Devices Inc. - ADSL USB Driver.) -- C:\WINDOWS\system32\drivers\adiusbaw.sys [126489] O58 - SDL:[MD5.03BE587E90C8B37C7FF1FE2E9C1D1C90] - 27/04/2006 - 07:42:40 R--A- . (.Andrea Electronics Corporation - Audio Noise Filtering Driver (32-bit).) -- C:\WINDOWS\system32\drivers\aeaudio.sys [93824] O58 - SDL:[MD5.2C5C22990156A1063E19AD162191DC1D] - 21/09/2007 - 13:30:40 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [17801] O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 03:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\drivers\ASACPI.sys [5810] O58 - SDL:[MD5.D880831279ED91F9A4190A2DB9539EA9] - 29/03/2007 - 17:38:47 ---A- . (.Windows ® 2000 DDK provider - TR Manager.) -- C:\WINDOWS\system32\drivers\asctrm.sys [8552] O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 27/04/2004 - 08:26:48 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824] O58 - SDL:[MD5.7F08D9C504B015D81A8ABD75C80028C5] - 10/05/2011 - 12:59:35 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544] O58 - SDL:[MD5.FF028BFF4FE4E5CE35C797FBF1B21609] - 10/05/2011 - 13:02:22 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344] O58 - SDL:[MD5.C2181EF6B54752273A0759A968C59279] - 10/05/2011 - 13:02:25 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102616] O58 - SDL:[MD5.AC48BDD4CD5D44AF33087C06D6E9511C] - 10/05/2011 - 12:59:56 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432] O58 - SDL:[MD5.B64134316FCD1F20E0F10EF3E65BD522] - 10/05/2011 - 13:03:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [441176] O58 - SDL:[MD5.D6788E3211AFA9951ED7A4D617F68A4F] - 10/05/2011 - 13:03:44 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [307928] O58 - SDL:[MD5.4D100C45517809439C7B6DD98997FA00] - 10/05/2011 - 13:02:37 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [49240] O58 - SDL:[MD5.02E3A18D2CC5E448E40E8783C0F8299B] - 16/11/2006 - 17:44:08 ---A- . (.America Online - ATW Protocol Driver.) -- C:\WINDOWS\system32\drivers\atwpkt2.sys [25136] O58 - SDL:[MD5.ED2BA4A16128B3FF5502480F72C19FC9] - 16/11/2006 - 17:44:22 ---A- . (.America Online - ATW Protocol Driver.) -- C:\WINDOWS\system32\drivers\atwpkt264.sys [33592] O58 - SDL:[MD5.B990976940E0E93B4932CCCB536F446D] - 21/09/2004 - 17:18:36 ---A- . (.Broadcom Corporation - USB Driver for Bluetooth Adapter.) -- C:\WINDOWS\system32\drivers\bcbthub.sys [148830] O58 - SDL:[MD5.04E84C8049EE93614A2FF6D676D1E247] - 31/05/2005 - 14:40:20 ---A- . (.IVT Corporation - Bluelet Audio Driver.) -- C:\WINDOWS\system32\drivers\blueletaudio.sys [20480] O58 - SDL:[MD5.7304ACC25455746912DE37D7DED387ED] - 31/05/2005 - 08:42:28 ---A- . (.IVT Corporation - Bluetooth USB Device Driver.) -- C:\WINDOWS\system32\drivers\btcusb.sys [23000] O58 - SDL:[MD5.A9164C2A39BD917B9F42AE087560AC3D] - 30/04/2005 - 13:50:10 ---A- . (.IVT Corporation - Bluetooth HID Manager driver.) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys [28271] O58 - SDL:[MD5.D1813668A0117AE05BC0B81C874F91D4] - 30/04/2005 - 13:48:58 ---A- . (.IVT Corporation - Bluetooth PAN Network Adapter Driver.) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys [10804] O58 - SDL:[MD5.6B05FDC0CFC3753B520D2D4176CC32D0] - 16/12/2004 - 15:32:54 ---A- . (...) -- C:\WINDOWS\system32\drivers\BTNetFilter.sys [13304] O58 - SDL:[MD5.18E0F9C1E7EC4AAE40B3F67EAB0AEE99] - 07/10/2006 - 23:59:06 R--A- . (.BVRP Software - BVRP NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [44224] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/09/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 08/03/2011 - 13:40:58 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\WINDOWS\system32\drivers\dgderdrv.sys [20032] O58 - SDL:[MD5.1A03A7B28D12239A573DC20422C3068D] - 02/03/2006 - 18:25:04 ---A- . (.Analog Deivces - USB Firmware loader.) -- C:\WINDOWS\system32\drivers\e4ldr.sys [63555] O58 - SDL:[MD5.3E1971E0F64FCF2FBE05CE4AB0132963] - 04/05/2006 - 17:50:20 ---A- . (.Analog Devices Inc. - ADSL USB Driver.) -- C:\WINDOWS\system32\drivers\e4usbaw.sys [114616] O58 - SDL:[MD5.4198F23618E7C8BCD24CC108C36F93A3] - 21/09/2004 - 17:18:36 ---A- . (.Broadcom - BBTFW_2_15_007.) -- C:\WINDOWS\system32\drivers\fw203x.sys [116021] O58 - SDL:[MD5.F22BF7F345DF95C09942951246AAA28D] - 02/05/2004 - 09:47:08 R--A- . (...) -- C:\WINDOWS\system32\drivers\GVCplDrv.sys [23040] O58 - SDL:[MD5.287A63BD8509BD78E7978823B38AFA81] - 05/01/2004 - 10:44:28 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\hpzid412.sys [51056] O58 - SDL:[MD5.0B4FDA2657C3E0315EAA57F9C6D4FD1F] - 05/01/2004 - 10:44:30 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496] O58 - SDL:[MD5.29559DB25258B60510A60C4E470FCE32] - 05/01/2004 - 10:44:30 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21488] O58 - SDL:[MD5.C995C0E8B4503FAC38793BB0236AD246] - 07/02/2006 - 12:52:58 R--A- . (.JMicron - SCSI Port upper filter driver.) -- C:\WINDOWS\system32\drivers\JGOGO.sys [6912] O58 - SDL:[MD5.DAFCAFACDE7DE95E136FF5109422531D] - 04/08/2006 - 09:29:24 R--A- . (.JMicron Technology Corp. - JMicron JR036X RAID Driver.) -- C:\WINDOWS\system32\drivers\jraid.sys [43904] O58 - SDL:[MD5.9419FAAC6552A51542DBBA02971C841C] - 19/11/2008 - 17:09:08 ---A- . (.LG Electronics Inc. - LG CDMA USB Multi function Driver.) -- C:\WINDOWS\system32\drivers\lgusbbus.sys [13056] O58 - SDL:[MD5.C0A466FA4FFEC464320E159BC1BBDC0C] - 19/11/2008 - 17:09:08 ---A- . (.LG Electronics Inc. - LG CDMA USB Diagnostics Driver.) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys [19968] O58 - SDL:[MD5.F74A54774A9B0AFEB3C40ADEC68AA600] - 19/11/2008 - 17:09:10 ---A- . (.LG Electronics Inc. - LG CDMA USB Modem Driver.) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys [24832] O58 - SDL:[MD5.F61A8FF029614E403E9D001A6741981F] - 07/05/2010 - 19:51:20 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys [114784] O58 - SDL:[MD5.8BE71D7EDB8C7494913722059F760DD0] - 07/05/2010 - 17:43:30 ---A- . (...) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys [25824] O58 - SDL:[MD5.F01FC94EB8F39F7D6E5F5B367473381E] - 07/05/2010 - 19:51:32 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\WINDOWS\system32\drivers\lvrs.sys [276448] O58 - SDL:[MD5.CAFFD79278B3D8FE75FDFE1B66C2565F] - 07/05/2010 - 19:53:14 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys [6842592] O58 - SDL:[MD5.F9183D35AD38F093D5E1AA8BA072D51B] - 07/05/2010 - 19:53:30 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys [23904] O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [39984] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.2282AD3B19B00967C6E48531C25BFE01] - 01/06/2006 - 10:22:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.31.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3925920] O58 - SDL:[MD5.8DB0DBDEC7880E81B73B8E7E8E9A666A] - 28/04/2003 - 18:31:18 R--A- . (.OEM - OX16C95x Serial Device Driver.) -- C:\WINDOWS\system32\drivers\OXSER.SYS [51169] O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 26/08/2008 - 09:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816] O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 04/05/2007 - 13:32:15 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/09/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [43872] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.F58A92E8B9CAEBE2FA8E73ADA7D9BD4C] - 27/07/2006 - 02:49:10 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [83712] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 09:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.B6A6B409FDA9D9EBD3AADB838D3D7173] - 17/03/2006 - 19:18:58 R--A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\senfilt.sys [392960] O58 - SDL:[MD5.0B179A959FF6B6CA5927D4F255AB9F90] - 17/05/2005 - 13:48:21 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\system32\drivers\sfdrv01.sys [50176] O58 - SDL:[MD5.15BE2B5E4DC5B8623CF167720682ABC9] - 16/05/2005 - 14:20:39 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\drivers\sfhlp02.sys [6656] O58 - SDL:[MD5.A62EFE6AA55C6A599DDBB6BD00E8FB9C] - 16/05/2005 - 14:23:38 ---A- . (.Protection Technology - StarForce Protection Synchronization Driver.) -- C:\WINDOWS\system32\drivers\sfsync02.sys [19968] O58 - SDL:[MD5.F6ACD9575B5D77673B979BB46FF6A837] - 11/02/2004 - 06:29:34 R--A- . (.Socket Communications, Inc. - WDM serial port device driver.) -- C:\WINDOWS\system32\drivers\Sio9502k.sys [48076] O58 - SDL:[MD5.42A39AA7ED51616E36ADB5ABDDF8349B] - 23/03/2004 - 03:26:22 R--A- . (.Socket Communications, Inc. - WDM serial port device driver.) -- C:\WINDOWS\system32\drivers\SktBt2k.sys [48556] O58 - SDL:[MD5.D0EE1200FEFFFFFF00000000A0F11200] - 11/10/2008 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [717296] O58 - SDL:[MD5.3F0164FBC0BD1ADBD02DF9759181451A] - 27/04/2010 - 03:25:16 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\WINDOWS\system32\drivers\ss_bbus.sys [98432] O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcm.sys [12416] O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcmnt.sys [12416] O58 - SDL:[MD5.B89D62206034E5FE573C80A24DD55675] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys [14848] O58 - SDL:[MD5.1ED0FCEA586FE2A416EE15196E5631DD] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys [123648] O58 - SDL:[MD5.994D2E5378CC337EC7DD73C1E04FCAA4] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Logging Device Driver.) -- C:\WINDOWS\system32\drivers\ss_bserd.sys [100224] O58 - SDL:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwh.sys [12288] O58 - SDL:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwhnt.sys [12288] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/09/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.161969D2DD1D39CD2F1EDBC60C61FA99] - 30/04/2005 - 13:50:20 ---A- . (...) -- C:\WINDOWS\system32\drivers\vbtenum.sys [11860] O58 - SDL:[MD5.9EBEE4A060C5364A31AEAA04EAC2AF1E] - 19/10/2004 - 12:37:38 ---A- . (.IVT Corporation - Bluetooth Serial Port Driver.) -- C:\WINDOWS\system32\drivers\VComm.sys [61312] O58 - SDL:[MD5.630BBDBF5490F8F57ABE650DA63661A0] - 25/03/2005 - 16:18:48 ---A- . (.IVT Corporation - Bluetooth VcommMgr driver.) -- C:\WINDOWS\system32\drivers\VcommMgr.sys [82148] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.568B1AACFE031D0860AB1565765D9F26] - 30/04/2005 - 13:50:24 ---A- . (.IVT Corporation - Bluetooth HID Mini driver.) -- C:\WINDOWS\system32\drivers\VHIDMini.sys [11736] O58 - SDL:[MD5.0A716C08CB13C3A8F4F51E882DBF7416] - 10/01/2003 - 15:13:04 ---A- . (.America Online, Inc. - Wan Miniport (ATW).) -- C:\WINDOWS\system32\drivers\wanatw4.sys [33588] O58 - SDL:[MD5.85C3BAA151A6118B24D7701DDFC2D1EB] - 03/07/2003 - 19:58:34 R--A- . (.National Semiconductor Sweden AB - wssbt.) -- C:\WINDOWS\system32\drivers\wssbtr1f.sys [63488] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.D2EE54CDBCED01D48F2B18642BE79A98] - 24/07/2003 - 11:10:34 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\DNINDIS5.sys [17149] O58 - SDL:[MD5.B07663A810E861EEBFD0EAC7E82CA62D] - 09/09/2010 - 08:43:20 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36640] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 21:46:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 30/12/2004 - 22:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\WINDOWS\system32\npptNT2.sys [4682] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 21/09/2007 - C:\WINDOWS\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.2.0.3(AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - 06/10/2006 - C:\WINDOWS\system32\drivers\BVRPMPR5.sys - BVRPMPR5 NDIS Protocol Driver(BVRPMPR5) .(.BVRP Software - BVRP NDIS 5.0 MPR Protocol Driver.) - LEGACY_BVRPMPR5 O64 - Services: CurCS - 08/03/2011 - C:\WINDOWS\System32\drivers\dgderdrv.sys - dgderdrv(dgderdrv) .(.Devguru Co., Ltd - Device Error Recovery SDK(x86).) - LEGACY_DGDERDRV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 24/07/2003 - C:\WINDOWS\system32\DNINDIS5.sys - DNINDIS5 NDIS Protocol Driver(DNINDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_DNINDIS5 O64 - Services: CurCS - 09/09/2010 - C:\WINDOWS\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK O64 - Services: CurCS - 09/09/2010 - C:\WINDOWS\system32\FsUsbExService.exe - FsUsbExService(FsUsbExService) .(.Teruten - FsUsbDevice.) - LEGACY_FSUSBEXSERVICE O64 - Services: CurCS - 23/08/2004 - C:\WINDOWS\System32\FTRTSVC.exe - France Telecom Routing Table Service(FTRTSVC) .(.France Telecom - FTRTSVC NT Service.) - LEGACY_FTRTSVC O64 - Services: CurCS - 04/05/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 07/05/2010 - C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(...) - LEGACY_LVPR2MON O64 - Services: CurCS - 07/05/2010 - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe - Process Monitor(LVPrcSrv) .(.Logitech Inc. - LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - 29/05/2011 - C:\WINDOWS\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy(MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\Gounou\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys - mdmxsdk(mdmxsdk) .(.Conexant - Diagnostic Interface DRIVER.) - LEGACY_MDMXSDK O64 - Services: CurCS - 01/06/2006 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.31.) - LEGACY_NVSVC O64 - Services: CurCS - 04/08/2003 - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver(PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5 O64 - Services: CurCS - 17/05/2005 - C:\WINDOWS\System32\drivers\sfdrv01.sys - StarForce Protection Environment Driver (version 1.x)(sfdrv01) .(.Protection Technology - StarForce Protection Environment Driver.) - LEGACY_SFDRV01 O64 - Services: CurCS - 16/05/2005 - C:\WINDOWS\System32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x)(sfhlp02) .(.Protection Technology - StarForce Protection Helper Driver.) - LEGACY_SFHLP02 O64 - Services: CurCS - 16/05/2005 - C:\WINDOWS\System32\drivers\sfsync02.sys - StarForce Protection Synchronization Driver (version 2.x)(sfsync02) .(.Protection Technology - StarForce Protection Synchronization Driver.) - LEGACY_SFSYNC02 O64 - Services: CurCS - 15/04/2010 - C:\WINDOWS\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 27/08/2003 - C:\WINDOWS\wanmpsvc.exe - WAN Miniport (ATW) Service(WANMiniportService) .(.America Online, Inc. - Wan Miniport (ATW) Service.) - LEGACY_WANMINIPORTSERVICE ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <aol.exe> <>[HKLM\..\Shell\open\Command] (...) -- C:\PROGRA~1\AOL9~1.0\aol.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe O68 - StartMenuInternet: <Orange Web> <>[HKLM\..\Shell\open\Command] (.France Télécom R&D - Espace Client.) -- C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe O68 - StartMenuInternet: <WOOBrowser.exe> <>[HKLM\..\Shell\open\Command] (.France Telecom - Web Browser.) -- C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0F2A88D7-7F62-4410-8675-CA10A1817015} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {16E518F6-7CB3-4E38-9315-8781E045C8A7} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {425AF472-3DD4-4162-B2A9-ECB687CA48F9} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {570F333D-1AF7-4B82-8355-5BA36E5595E3} - (Search-torrent) - Search Torrent : Moteur de recherche bittorrent O69 - SBI: SearchScopes [HKCU] {7EEF768E-165F-4B7E-811C-AAC594175C13} - (mininova) - Mininova : The ultimate BitTorrent source! O69 - SBI: SearchScopes [HKCU] {8F1C6691-D500-4846-83FA-4B2B5A97DE73} - (mininova) - Mininova : The ultimate BitTorrent source! O69 - SBI: SearchScopes [HKCU] {95D67C8D-5CB6-475E-8342-836A748B51DA} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {E968AEFD-66DA-4945-93CB-2195D3015E4D} - (Yahoo!) - Yahoo! Search - Recherche Web ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF] (...) -- C:\Documents and Settings\Gounou\Application Data\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Documents and Settings\Gounou\Application Data\pcouffin.sys [47360] ---\\ Scan Additionnel (O88) Database Version : 8450 - (25/06/2011) Clés trouvées (Keys found) : 12 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 3 Fichiers trouvés (Files found) : 0 [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] =>PUP.Eorezo [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer] =>Adware.MetaStream [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] =>PUP.Eorezo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] =>PUP.Eorezo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}] =>PUP.Eorezo [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Toolbar] =>Toolbar.Conduit [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent C:\Program Files\Vuze_Remote =>Toolbar.Conduit C:\Documents and Settings\Gounou\Local Settings\Application Data\Vuze_Remote =>Toolbar.Conduit ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 23/10/2006 46640 | (AOL ACS) . (.AOL LLC.) - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe SR - | Auto 10/05/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SR - | Auto 12/02/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SR - | Auto 09/09/2010 217088 | (FsUsbExService) . (.Teruten.) - C:\WINDOWS\system32\FsUsbExService.exe SR - | Auto 23/08/2004 40960 | (FTRTSVC) . (.France Telecom.) - C:\WINDOWS\System32\FTRTSVC.exe SS - | Demand 31/07/2007 138168 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 04/05/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 07/05/2010 162648 | (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe SR - | Auto 01/06/2006 155715 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SR - | Demand 05/01/2004 65795 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe SR - | Auto 27/08/2003 65536 | (WANMiniportService) . (.America Online, Inc..) - C:\WINDOWS\wanmpsvc.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Gounou at 25/06/2011 15:17:38 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys spsp.sys >>UNKNOWN [0x86F87938]<< C:\WINDOWS\system32\drivers\sfsync02.sys Protection Technology StarForce Protection System spsp.sys 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86EDA030] 3 CLASSPNP[0xF760CFD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\0000007a[0x86F171A0] 5 ACPI[0xF735A620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x86F36940] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Gounou at 25/06/2011 15:17:40 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 04/05/2007 - 13:32:15 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.D0EE1200FEFFFFFF00000000A0F11200] - 11/10/2008 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [717296] End of the scan (1380 lines in 01mn 23s)(0)
  12. gounou51
    voici les rapports, j'ai ete oblige de recommencer la manip avec ad-remover car j'avais effacer les rapports. merci pour ton aide ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 13:22:01 le 25/06/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Gounou@CHRISTOP-76SWA3 ( ) ============== RECHERCHE ============== Dossier trouvé: C:\Documents and Settings\Gounou\Local Settings\Application Data\Conduit Dossier trouvé: C:\Documents and Settings\Gounou\Local Settings\Application Data\ConduitEngine Clé trouvée: HKCU\Software\Conduit Clé trouvée: HKCU\Software\conduitEngine ============== SCAN ADDITIONNEL ============== -- C:\Documents and Settings\Gounou\Application Data\Mozilla\FireFox\Profiles\5pqf3s5s.default -- Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar) ======================================== **** Internet Explorer Version [8.0.6001.18702] **** Plugins\NPWMin32.dll (SYNERSOFT) HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|First Home Page - hxxp://www.fr.msn.com/ HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\PROGRA~1\Wanadoo\SEARCH~1.DLL) HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKCU_SearchScopes\{0F2A88D7-7F62-4410-8675-CA10A1817015} - "?" (?) HKCU_SearchScopes\{16E518F6-7CB3-4E38-9315-8781E045C8A7} - "?" (?) HKCU_SearchScopes\{425AF472-3DD4-4162-B2A9-ECB687CA48F9} - "?" (?) HKCU_SearchScopes\{570F333D-1AF7-4B82-8355-5BA36E5595E3} - "Search-torrent" (hxxp://www.search-torrent.com/search.php?t={searchTerms}) HKCU_SearchScopes\{7EEF768E-165F-4B7E-811C-AAC594175C13} - "mininova" (hxxp://www.mininova.org/search/?search={searchTerms}) HKCU_SearchScopes\{8F1C6691-D500-4846-83FA-4B2B5A97DE73} - "?" (?) HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x) HKCU_Toolbar\WebBrowser|{4982D40A-C53B-4615-B15B-B5B5E98D167C} (x) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_Toolbar|{724d43a0-0d85-11d4-9908-00400523e39a} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_ElevationPolicy\{307C8551-FB4F-4CB1-B06E-0E76D2C05948} - C:\Program Files\Fichiers communs\fluxDVD\APIX\APIXCore.exe (ACE GmbH) HKLM_ElevationPolicy\{35821CD8-CE49-4AB9-87A0-1A85634FB449} - C:\Documents and Settings\Gounou\Local Settings\Application Data\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x) HKLM_ElevationPolicy\{44270ABA-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar2user.exe (?) HKLM_ElevationPolicy\{5B78ED0B-553B-4300-AC3A-C376A6D2F784} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{8BC2979A-D47A-41B6-ACA8-1815D6B61F17} - C:\Program Files\Fichiers communs\fluxDVD\Download Manager\XEBDLMgr.exe (ACE GmbH) HKLM_ElevationPolicy\{C69C0E28-C73B-40F3-8B0D-AC43598C49D1} - C:\Program Files\Fichiers communs\mpDRM\mpDRMBroker.exe (Protect Software GmbH) HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (C:\PROGRA~1\Wanadoo\Audience\Icones\Orange.ico) HKLM_Extensions\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - "Messenger" (C:\Program Files\Messenger\msmsgs.exe,301) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46} - "Remplir" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,880) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49} - "Enregistrer" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,873) HKLM_Extensions\{724d43aa-0d85-11d4-9908-00400523e39a} - "Barre RoboForm" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900) HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?) HKLM_Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - "Real.com" (C:\Program Files\Real\RealPlayer\eb_inact.ico) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{724d43a9-0d85-11d4-9908-00400523e39a} - "?" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 3 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 25/06/2011 13:22:06 (3493 Octet(s)) Fin à: 13:22:42, 25/06/2011 ============== E.O.F ============== ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:23:11 le 25/06/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Gounou@CHRISTOP-76SWA3 ( ) ============== ACTION(S) ============== Dossier supprimé: C:\Documents and Settings\Gounou\Local Settings\Application Data\Conduit Dossier supprimé: C:\Documents and Settings\Gounou\Local Settings\Application Data\ConduitEngine (!) -- Fichiers temporaires supprimés. Clé supprimée: HKCU\Software\Conduit Clé supprimée: HKCU\Software\conduitEngine ============== SCAN ADDITIONNEL ============== -- C:\Documents and Settings\Gounou\Application Data\Mozilla\FireFox\Profiles\5pqf3s5s.default -- Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar) ======================================== **** Internet Explorer Version [8.0.6001.18702] **** Plugins\NPWMin32.dll (SYNERSOFT) HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\PROGRA~1\Wanadoo\SEARCH~1.DLL) HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKCU_SearchScopes\{0F2A88D7-7F62-4410-8675-CA10A1817015} - "?" (?) HKCU_SearchScopes\{16E518F6-7CB3-4E38-9315-8781E045C8A7} - "?" (?) HKCU_SearchScopes\{425AF472-3DD4-4162-B2A9-ECB687CA48F9} - "?" (?) HKCU_SearchScopes\{570F333D-1AF7-4B82-8355-5BA36E5595E3} - "Search-torrent" (hxxp://www.search-torrent.com/search.php?t={searchTerms}) HKCU_SearchScopes\{7EEF768E-165F-4B7E-811C-AAC594175C13} - "mininova" (hxxp://www.mininova.org/search/?search={searchTerms}) HKCU_SearchScopes\{8F1C6691-D500-4846-83FA-4B2B5A97DE73} - "?" (?) HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x) HKCU_Toolbar\WebBrowser|{4982D40A-C53B-4615-B15B-B5B5E98D167C} (x) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_Toolbar|{724d43a0-0d85-11d4-9908-00400523e39a} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_ElevationPolicy\{307C8551-FB4F-4CB1-B06E-0E76D2C05948} - C:\Program Files\Fichiers communs\fluxDVD\APIX\APIXCore.exe (ACE GmbH) HKLM_ElevationPolicy\{35821CD8-CE49-4AB9-87A0-1A85634FB449} - C:\Documents and Settings\Gounou\Local Settings\Application Data\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x) HKLM_ElevationPolicy\{44270ABA-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar2user.exe (?) HKLM_ElevationPolicy\{5B78ED0B-553B-4300-AC3A-C376A6D2F784} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{8BC2979A-D47A-41B6-ACA8-1815D6B61F17} - C:\Program Files\Fichiers communs\fluxDVD\Download Manager\XEBDLMgr.exe (ACE GmbH) HKLM_ElevationPolicy\{C69C0E28-C73B-40F3-8B0D-AC43598C49D1} - C:\Program Files\Fichiers communs\mpDRM\mpDRMBroker.exe (Protect Software GmbH) HKCU_Extensions\{1462651F-F4BA-4C76-A001-C4284D0FE16E} - "Orange" (C:\PROGRA~1\Wanadoo\Audience\Icones\Orange.ico) HKLM_Extensions\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - "Messenger" (C:\Program Files\Messenger\msmsgs.exe,301) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46} - "Remplir" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,880) HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49} - "Enregistrer" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,873) HKLM_Extensions\{724d43aa-0d85-11d4-9908-00400523e39a} - "Barre RoboForm" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900) HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?) HKLM_Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - "Real.com" (C:\Program Files\Real\RealPlayer\eb_inact.ico) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{724d43a9-0d85-11d4-9908-00400523e39a} - "?" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll) BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 3 Fichier(s) C:\Program Files\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 25/06/2011 13:23:15 (755 Octet(s)) C:\Ad-Report-SCAN[1].txt - 25/06/2011 13:22:06 (5780 Octet(s)) Fin à: 13:23:52, 25/06/2011 ============== E.O.F ============== Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 6944 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 25/06/2011 13:17:38 mbam-log-2011-06-25 (13-17-38).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 223830 Temps écoulé: 26 minute(s), 59 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 6 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gxvxcserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\documents and settings\Gounou\mes documents\telechargement\changer la cle de xp\xpkeyfinder chercher cle xp.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\documents and settings\Gounou\mes documents\telechargement\changer la cle de xp\xpkeyfinder.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\documents and settings\Gounou\mes documents\telechargement\changer la cle de xp\windowsxpkeyforsp1\update_xp_cd_key.exe (Backdoor.IRCbot) -> Quarantined and deleted successfully. c:\documents and settings\Gounou\mes documents\telechargement\changer la cle de xp\windows_xp_sp1_service_pack_crack\windowsxp product key viewer.exe (Hacktool.KeySteal) -> Quarantined and deleted successfully. c:\system volume information\_restore{9366e850-5684-4818-8006-49017f7738f1}\RP1370\A0127952.exe (Spyware.AgenceExclusive) -> Quarantined and deleted successfully. c:\WINDOWS\system32\wini10841.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. Zeb Help Process 2 by Nicolas Coolman - Rapport de synthèse du 25/06/2011 13:33:38 INFECTION IDENTIFIEE Liste disponible seulement en version Helper PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\A8B189E894BE014C.job O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\drivers\svchost.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\svchost.exe (.not file.) O64 - Services: CurCS - (.not file.) - gxvxcserv.sys (gxvxcserv.sys) .(...) - LEGACY_GXVXCSERV.SYS [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer] [HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}] PROCESSUS SUPERFLU DU SYSTEME [MD5.A065F048E9E23E6C026A7BB548D126A7] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} () - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab [MD5.00000000000000000000000000000000] [APT] [A8B189E894BE014C] (.Pas de propriétaire.) -- c:\docume~1\Gounou\applic~1\bowsfr~1\MediaGramDent.exe (.not file.) O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 [HKCU\Software\MGS] O43 - CFD: 14/04/2010 - 16:37:34 - [74658901] ----D- C:\Program Files\Spybot - Search & Destroy O44 - LFC:[MD5.F849CB2B92F999D6B93976B2A2B67DB5] - 25/06/2011 - 12:23:52 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [5847] O44 - LFC:[MD5.A3467518AE33984EF7A67E4924388045] - 25/06/2011 - 12:23:02 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [5780] O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (.not file.) TOOLBAR INUTILE (Navigateur internet) M2 - MFEP: prefs.js [Gounou - 5pqf3s5s.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Toolbar v2.7.2.0 (.Conduit Ltd..) R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O43 - CFD: 28/04/2011 - 16:41:48 - [0] ----D- C:\Program Files\DAEMON Tools Toolbar [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCR\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] C:\Program Files\DAEMON Tools Toolbar PROCESSUS INUTILE (Au démarrage du système) O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O64 - Services: CurCS - 12/02/2010 - C:\Program Files\Bonjour\mDNSResponder.exe - Service Bonjour(Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE A VERIFIER (Adresse IP, domaine ou site) O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab MISE A JOUR DE PRODUIT Avast®Antivirus Adobe Reader 7.0 Sun Microsystems PROCESSUS P2P (Vecteurs d'infections) Vuze®Azureus PeerToPeer Azureus PeerToPeer eMule PeerToPeer Bittorent PeerToPeer BitTorrent DNA PeerToPeer eMule®PeerToPeer O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe" [Enabled] .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Azureus\Azureus.exe PROTECTION DU SYSTEME (Antivirus, FireWall, Anti-Malwares) [MD5.7DE3EE7DBEE14C1F8375CB82466C9321] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe [3459712] [MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] Avast®Antivirus Alwil Avast! Antivirus Panda Software Panda Antivirus RAPPORT SIMPLIFIE M2 - MFEP: prefs.js [Gounou - 5pqf3s5s.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Toolbar v2.7.2.0 (.Conduit Ltd..) R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-583907252-1078081533-725345543-1003\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 7.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A71000000002}\SC_Reader_PM.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Azureus\Azureus.exe O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} () - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\A8B189E894BE014C.job [MD5.00000000000000000000000000000000] [APT] [A8B189E894BE014C] (.Pas de propriétaire.) -- c:\docume~1\Gounou\applic~1\bowsfr~1\MediaGramDent.exe (.not file.) O42 - Logiciel: Adobe Reader 7.1.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A71000000002} O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030} O42 - Logiciel: Java 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 [HKCU\Software\Azureus] [HKCU\Software\MGS] [HKCU\Software\Vuze_Remote] [HKCU\Software\eMule] [HKLM\Software\3vc] [HKLM\Software\Azureus] [HKLM\Software\Canal+ Distribution] [HKLM\Software\IDSimple inc.] [HKLM\Software\Sauleo3vc] [HKLM\Software\Vuze_Remote] O43 - CFD: 24/06/2007 - 16:47:20 - [3154380804] ----D- C:\Program Files\3nity Video Convert O43 - CFD: 22/04/2011 - 13:37:18 - [152239485] ----D- C:\Program Files\Azureus O43 - CFD: 23/04/2007 - 21:54:14 - [11945339] ----D- C:\Program Files\BitTorrent O43 - CFD: 28/04/2011 - 16:41:48 - [0] ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD: 08/10/2007 - 18:36:08 - [612210] ----D- C:\Program Files\eMule O43 - CFD: 22/02/2011 - 17:28:34 - [31255116] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 14/04/2010 - 16:37:34 - [74658901] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 22/04/2011 - 13:35:46 - [4549434] ----D- C:\Program Files\Vuze_Remote O43 - CFD: 28/04/2011 - 17:44:56 - [114912223] ----D- C:\Documents and Settings\Gounou\Application Data\Azureus O43 - CFD: 23/04/2007 - 21:44:04 - [98696] ----D- C:\Documents and Settings\Gounou\Application Data\BitTorrent O43 - CFD: 26/06/2007 - 19:08:36 - [1060] ----D- C:\Documents and Settings\Gounou\Application Data\Bowsfragbird O43 - CFD: 23/04/2007 - 21:54:14 - [17148] ----D- C:\Documents and Settings\Gounou\Application Data\DNA O43 - CFD: 23/04/2007 - 20:57:30 - [5836546] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\DNA O43 - CFD: 22/06/2011 - 13:27:02 - [5002402] ----D- C:\Documents and Settings\Gounou\Local Settings\Application Data\Vuze_Remote O44 - LFC:[MD5.F849CB2B92F999D6B93976B2A2B67DB5] - 25/06/2011 - 12:23:52 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [5847] O44 - LFC:[MD5.A3467518AE33984EF7A67E4924388045] - 25/06/2011 - 12:23:02 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [5780] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/06/2011 - 12:19:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\lvuvc.hs [0] O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\eMule\emule.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mshta.exe" [Enabled] .(.Microsoft Corporation - Microsoft HTML Application host.) -- C:\WINDOWS\system32\mshta.exe O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\drivers\svchost.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\svchost.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe" [Enabled] .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Azureus\Azureus.exe O64 - Services: CurCS - 12/02/2010 - C:\Program Files\Bonjour\mDNSResponder.exe - Service Bonjour(Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE O64 - Services: CurCS - (.not file.) - gxvxcserv.sys (gxvxcserv.sys) .(...) - LEGACY_GXVXCSERV.SYS O69 - SBI: SearchScopes [HKCU] {570F333D-1AF7-4B82-8355-5BA36E5595E3} - (Search-torrent) - Search Torrent : Moteur de recherche bittorrent Number of Keys Founds (Clés trouvées) : 13 Number of Directories Founds (Dossiers trouvés) : 3 [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer] [HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCR\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}] C:\Program Files\DAEMON Tools Toolbar C:\Program Files\Vuze_Remote C:\Documents and Settings\Gounou\Local Settings\Application Data\Vuze_Remote Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover spsp.sys
  13. gounou51
    Salut à tous, Depuis pas mal de temps j'ai quelques problème de plantages, de fenetres internet qui s'ouvrent toutes seules au démarrage du Pc etc..., j'ai donc décidé d'y mettre un terme mais n'étant pas un spécialiste je vous soumet donc un rapport d'analyse fait avec ZHP qui fait apparaitre de nombreuses lignes rouges !!! merci de votre aide Zeb Help Process 2 by Nicolas Coolman - Rapport de synthèse du 25/06/2011 10:33:44 INFORMATION NOTE : Toutes les lignes du rapport sont traitées WARNING : Il existe plusieurs barres inutiles de navigateur internet (toolbar) PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...) O71 - BDRI:[hklm\software\mozilla\firefox\extensions]:spidermessengerhelper@spidermessenger.com O71 - BDRI:[hklm\software\mozillaplugins\@viewpoint.com/vmp] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\explorer\networkcrawler\objects\workgroupcrawler] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\explorer\browser helper objects\{30f9b915-b755-4826-820b-08fba6bd249d}] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\app management\arpcache\viewpointmediaplayer] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\app management\arpcache\softwareupdate_is1] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\uninstall\viewpointmediaplayer] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctl] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctlsecondary] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctlsecondary.1] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctl.1] O71 - BDRI:[hklm\software\trymedia systems] O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaultname O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaulturl O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\settings\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8}] O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\settings\{30f9b915-b755-4826-820b-08fba6bd249d}] O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}] O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\stats\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8}] O71 - BDRI:[hkus\s-1-5-18\software\microsoft\windows\currentversion\run]:ctfmon.exe TOOLBAR INUTILE (Navigateur internet) O71 - BDRI:[hklm\software\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}] O71 - BDRI:[hkcr\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}] PROTECTION DU SYSTEME (Antivirus, FireWall, Anti-Malwares) RAPPORT SIMPLIFIE O71 - BDRI:[hklm\software\mozilla\firefox\extensions]:spidermessengerhelper@spidermessenger.com O71 - BDRI:[hklm\software\mozillaplugins\@viewpoint.com/vmp] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\explorer\networkcrawler\objects\workgroupcrawler] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\explorer\browser helper objects\{30f9b915-b755-4826-820b-08fba6bd249d}] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\app management\arpcache\viewpointmediaplayer] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\app management\arpcache\softwareupdate_is1] O71 - BDRI:[hklm\software\microsoft\windows\currentversion\uninstall\viewpointmediaplayer] O71 - BDRI:[hklm\software\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctl] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctlsecondary] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctlsecondary.1] O71 - BDRI:[hklm\software\classes\axmetastream.metastreamctl.1] O71 - BDRI:[hklm\software\trymedia systems] O71 - BDRI:[hkcr\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}] O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaultname O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaulturl O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\settings\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8}] O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\settings\{30f9b915-b755-4826-820b-08fba6bd249d}] O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}] O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\ext\stats\{c10dc1f4-ccdf-4224-a24d-b23afc3573c8}] O71 - BDRI:[hkus\s-1-5-18\software\microsoft\windows\currentversion\run]:ctfmon.exe
×
×
  • Créer...