laborantin

Bonjour Pear et merci Le rapport de MBAM suivra # AdwCleaner v1.310 - Rapport créé le 12/10/2011 à 07:28:43 # Mis à jour le 07/10/11 à 19h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : HUEDAKOR Anoumou - PLATEAUX (Administrateur) # Exécuté depuis : C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\Sécurité\adwcleaner.exe # Option [Recherche] ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Présent : C:\Documents and Settings\All Users\Application Data\Viewpoint Dossier Présent : C:\Program Files\Viewpoint ***** [Registre] ***** Clé Présente : HKCU\Software\Conduit Clé Présente : HKLM\SOFTWARE\Conduit Clé Présente : HKLM\SOFTWARE\MetaStream Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{9dbb28c1-1925-11d3-a498-00104b6eb52e} Clé Présente : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Présente : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1651 octets] - [12/10/2011 07:28:44] ########## EOF - C:\AdwCleaner[R1].txt - [1779 octets] ########## # AdwCleaner v1.310 - Rapport créé le 12/10/2011 à 07:30:59 # Mis à jour le 07/10/11 à 19h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : HUEDAKOR Anoumou - PLATEAUX (Administrateur) # Exécuté depuis : C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\Sécurité\adwcleaner.exe # Option [suppression] ***** [KillNav] ***** Aucun navigateur n'était en cours d'exécution. ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Viewpoint Dossier Supprimé : C:\Program Files\Viewpoint ***** [Registre] ***** Clé Supprimée : HKCU\Software\Conduit Clé Supprimée : HKLM\SOFTWARE\Conduit Clé Supprimée : HKLM\SOFTWARE\MetaStream Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9dbb28c1-1925-11d3-a498-00104b6eb52e} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1780 octets] - [12/10/2011 07:28:44] AdwCleaner[s1].txt - [1802 octets] - [12/10/2011 07:30:59] ************************* Dossier Temporaire : 128 dossier(s) et 31 fichier(s) supprimé(s) ########## EOF - C:\AdwCleaner[s1].txt - [2027 octets] ##########

Bonjour à tous le pc de mon frère redémarrage à tout bout de champs et ne s'éteint plus jamais. J'ai fait une diagnostic et le résultat est le suivant. Aidez moi à l'aider. merci Rapport de ZHPDiag v1.28.1321 par Nicolas Coolman, Update du 09/08/2011 Run by HUEDAKOR Anoumou at 11/10/2011 21:19:38 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) ---\\ Windows Product Information Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Adventage : KO ---\\ System Information ~ Processor: x86 Family 15 Model 2 Stepping 7, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 247.5 MB (21% free) System Restore: Activé (Enable) System drive C: has 10 GB (25%) free of 38 GB ---\\ Logged in mode ~ Computer Name: PLATEAUX ~ User Name: HUEDAKOR Anoumou ~ All Users Names: SUPPORT_388945a0, HUEDAKOR Anoumou, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\ ~ %Desktop% : C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\ ~ %Favorites% : C:\Documents and Settings\HUEDAKOR Anoumou\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\HUEDAKOR Anoumou\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 38 Go) D:\ CD-ROM drive (Free 0 Go of 0 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 149 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2011 - 19:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.11/10/2011 - 19:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.11/10/2011 - 23:53:04.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.11/10/2011 - 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.11/10/2011 - 11:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.11/10/2011 - 12:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 10/249 ~ Mes musiques (My Musics) : 5/19 ~ Mes Videos (My Video) : 0/0 ~ Mes Favoris (My Favorites) : 2/31 ~ Mes Documents (My Documents) : 274/11506 ~ Mon Bureau (My Desktop) : 2/589 ~ Menu demarrer (Programs) : 5/52 ~ Scan Hidden Files in 00mn 49s ---\\ Processus lancés [MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [MD5.9BDBDA21D3BA8E374FD06A405BE10215] - (.Macrovision - Macrovision RTS Service.) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE [54784] [MD5.C773D093D5C18765E71C7992AEE051A2] - (.Nero AG - incdsrv.) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1550896] [MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [MD5.D93108A20FA4B4317952234DE106F199] - (.PC Tools - PC Tools Firewall Plus service.) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe [146800] [MD5.ACCDF944417FCE3B9BDDFC197C704A27] - (.SafeNet, Inc - Pas de description.) -- C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400] [MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [MD5.DFDAE315CA76A490F1BB3FD1C552C1C1] - (.Nero AG - NBH.) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1628208] [MD5.0FD0C380888A89ABEF7569841677FF2B] - (.Nero AG - InCD.) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057328] [MD5.093D3EE722542BA2E7AD929AA3CA6ABC] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [155648] [MD5.E4CF942A4AEA9D27C87F190F65E7D0F6] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [126976] [MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768] [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064] [MD5.BFA83B551ABD8084B4623887D0E3B53C] - (.Roxio - DirectCD Application.) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [684032] [MD5.0D916CEB96006EE9FFE670DB3FFEAA73] - (.BonSoft - ClocX.) -- C:\Program Files\ClocX\ClocX.exe [270336] [MD5.5A7A792D32CC1126F9D80B8D4653C723] - (...) -- C:\Program Files\USBAntiVirus\USBAntiVirus.exe [488448] [MD5.45268019C5FBFB0203AA86F062C77AF8] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime7\qttask.exe [286720] [MD5.64F635240DB9FB0C6E6CA7725ED56544] - (.PC Tools - PC Tools Firewall GUI.) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2652056] [MD5.B5279597BB8577FE056F042F81FA00D0] - (.S!Ri - Alerte d'anniversaire.) -- C:\Program Files\Anniversaire\AlerteAnniversaire.exe [209920] [MD5.2BAD84B393AF47006D80BA2F03B18029] - (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [213936] [MD5.A388FE989CA7B8CBCAC9FB256B5DD79E] - (.Netlog - Netlog 24 Notifier.) -- C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe [1380352] [MD5.B6C6DF3D320D931038C9EE8B12E87D5D] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe [639864] [MD5.CFE5228556C93D03D6753E7953CCD4A9] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [217194] [MD5.2FE253973433442C2CB234FB2BC4BF29] - (.WinZip Computing, Inc. - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE [106560] [MD5.6C74578CF2050956C4B4D7F44C0C95CF] - (.The Webshots Corporation - Webshots Desktop Tray Application.) -- C:\Program Files\Webshots\WebshotsTray.exe [208896] [MD5.FEE2BA1AD38F457F418E82EA30724053] - (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\WINDOWS\system32\msfeedssync.exe [13312] [MD5.9C492FEC0D62844ADFA1FD910F0AF3B8] - (.Microsoft Corporation - Microsoft Tablet PC Component.) -- C:\WINDOWS\system32\wisptis.exe [293376] [MD5.B83C9E55754E2884DA46239C6D3EC271] - (.Adobe Systems Incorporated - Adobe Acrobat 6.0.) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe [10219587] [MD5.EB97818CDCEA0D8E2D19C10D5DC014E2] - (...) -- C:\UsbFix\UsbFix.exe [535159] [MD5.92AD41A429FFB04E0A0E5B871091D144] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [912384] [MD5.75DEC256FCEC374BE83C6486D9A7B850] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZebHelpProcess\ZHPDiag.exe [2106368] ~ Scan Processes Running in 00mn 04s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - MetaStream 3 Plugin r4.) -- C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Webshots - Photo Sharing, Free Wallpaper and Free Screensavers R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R0 - HKUS\S-1-5-21-329068152-1275210071-1606980848-1004\Software\Microsoft\Internet Explorer\Main,Start Page = Webshots - Photo Sharing, Free Wallpaper and Free Screensavers R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 6.0 for Act.) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] . (.Nero AG - NBH.) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] . (.Nero AG - InCD.) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [setRefresh] . (.Hewlett-Packard Company - SetRefresh.) -- C:\Program Files\COMPAQ\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [AdaptecDirectCD] . (.Roxio - DirectCD Application.) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe O4 - HKLM\..\Run: [ClocX] . (.BonSoft - ClocX.) -- C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [uSBAntiVirus.exe] . (...) -- C:\Program Files\USBAntiVirus\USBAntiVirus.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime7\qttask.exe O4 - HKLM\..\Run: [00PCTFW] . (.PC Tools - PC Tools Firewall GUI.) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [Anniversaire] . (.S!Ri - Alerte d'anniversaire.) -- C:\Program Files\Anniversaire\AlerteAnniversaire.exe O4 - HKLM\..\Run: [iSUSPM] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Netlog 24] . (.Netlog - Netlog 24 Notifier.) -- C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-329068152-1275210071-1606980848-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-329068152-1275210071-1606980848-1004\..\Run: [Netlog 24] . (.Netlog - Netlog 24 Notifier.) -- C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe O4 - HKUS\S-1-5-21-329068152-1275210071-1606980848-1004\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Distiller 6.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Distiller_PFM.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.0.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Acrobat 6.0 Professional.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Acrobat_PFM_1.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ImageReady CS.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Photoshop CS\ImageReady.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop CS\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 6.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-000000000001}\SC_Reader_PM.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}\AppleSoftwareUpdateIco.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Gravure de CD & DVD avec Roxio.lnk . (.Roxio.) -- C:\Program Files\Fichiers communs\Adaptec Shared\CreateCD\CreateCD50.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Prism - Convertisseur de fichiers vidéo.lnk . (.NCH Software.) -- C:\Program Files\NCH Software\Prism\prism.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\HUEDAKOR Anoumou\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\HUEDAKOR Anoumou\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\HUEDAKOR Anoumou\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Documents And Settings\HUEDAKOR Anoumou\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe ~ Scan Global Startup in 00mn 10s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Service client pour le fournisseur NetWare et DLL d'authentification.) -- C:\WINDOWS\system32\nwprovau.dll ~ Scan Winsock in 00mn 00s ---\\ Internet Explorer Plugins (O12) O12 - Plugin for .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll ~ Scan IE Extra Buttons in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1268734898142 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 03s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ArcGIS License Manager (ArcGIS License Manager) . (.Macrovision Corporation - Pas de description.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) . (.Macrovision - Macrovision RTS Service.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) . (.PC Tools - PC Tools Firewall Plus service.) - C:\Program Files\PC Tools Firewall Plus\FWService.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) . (.SafeNet, Inc - Pas de description.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe ~ Scan Services in 00mn 07s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\prismShakeIcon.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Programme d'arrêt du système de l'onduleur.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{2369D0E7-4CC7-4461-8B7C-709950B6B876}.job [MD5.7A4D5C521E6C11268C1D2131E7951B5D] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [MD5.5693046138FB7B08A4EDC1EE79CAF724] [APT] [prismShakeIcon] (.NCH Software.) -- C:\Program Files\NCH Software\Prism\prism.exe ~ Scan Scheduled Task in 00mn 02s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\drivers\InCDPass.sys O41 - Driver: (incdrm) . (.Nero AG - Nero MRW Filter Driver.) - C:\WINDOWS\system32\drivers\InCDRm.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\WINDOWS\system32\DRIVERS\MpFilter.sys O41 - Driver: (MpKsl00c87769) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl00c87769.sys (.not file.) O41 - Driver: (MpKsl00d6fec9) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl00d6fec9.sys (.not file.) O41 - Driver: (MpKsl045b9bbb) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl045b9bbb.sys (.not file.) O41 - Driver: (MpKsl057682bb) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl057682bb.sys (.not file.) O41 - Driver: (MpKsl066a1320) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl066a1320.sys (.not file.) O41 - Driver: (MpKsl067cd807) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl067cd807.sys (.not file.) O41 - Driver: (MpKsl06dc6e67) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl06dc6e67.sys (.not file.) O41 - Driver: (MpKsl073f43ec) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl073f43ec.sys (.not file.) O41 - Driver: (MpKsl07fb6e42) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl07fb6e42.sys (.not file.) O41 - Driver: (MpKsl0975345b) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl0975345b.sys (.not file.) O41 - Driver: (MpKsl14c7c4cc) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl14c7c4cc.sys (.not file.) O41 - Driver: (MpKsl16a0999c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl16a0999c.sys (.not file.) O41 - Driver: (MpKsl1a806cd4) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl1a806cd4.sys (.not file.) O41 - Driver: (MpKsl1f2239e7) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl1f2239e7.sys (.not file.) O41 - Driver: (MpKsl239ea6bb) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl239ea6bb.sys (.not file.) O41 - Driver: (MpKsl23c621e4) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl23c621e4.sys (.not file.) O41 - Driver: (MpKsl2605895d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl2605895d.sys (.not file.) O41 - Driver: (MpKsl28ec18fe) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl28ec18fe.sys (.not file.) O41 - Driver: (MpKsl2fe08916) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKsl2fe08916.sys O41 - Driver: (MpKsl352cd58a) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl352cd58a.sys (.not file.) O41 - Driver: (MpKsl35550c6f) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl35550c6f.sys (.not file.) O41 - Driver: (MpKsl35e1d653) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl35e1d653.sys (.not file.) O41 - Driver: (MpKsl39f69be0) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl39f69be0.sys (.not file.) O41 - Driver: (MpKsl40a7cbcc) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl40a7cbcc.sys (.not file.) O41 - Driver: (MpKsl41929ba9) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl41929ba9.sys (.not file.) O41 - Driver: (MpKsl492050ae) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl492050ae.sys (.not file.) O41 - Driver: (MpKsl4b6067aa) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl4b6067aa.sys (.not file.) O41 - Driver: (MpKsl4c27d6fd) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl4c27d6fd.sys (.not file.) O41 - Driver: (MpKsl4ceed522) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl4ceed522.sys (.not file.) O41 - Driver: (MpKsl4d198d82) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl4d198d82.sys (.not file.) O41 - Driver: (MpKsl4d692fbf) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl4d692fbf.sys (.not file.) O41 - Driver: (MpKsl4fab2c21) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl4fab2c21.sys (.not file.) O41 - Driver: (MpKsl510fcfbf) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl510fcfbf.sys (.not file.) O41 - Driver: (MpKsl53b4e627) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl53b4e627.sys (.not file.) O41 - Driver: (MpKsl54c15dfc) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl54c15dfc.sys (.not file.) O41 - Driver: (MpKsl56b28493) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl56b28493.sys (.not file.) O41 - Driver: (MpKsl58840337) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKsl58840337.sys O41 - Driver: (MpKsl66d70268) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl66d70268.sys (.not file.) O41 - Driver: (MpKsl7c06a767) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl7c06a767.sys (.not file.) O41 - Driver: (MpKsl7d6cb506) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl7d6cb506.sys (.not file.) O41 - Driver: (MpKsl7ede6cc2) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl7ede6cc2.sys (.not file.) O41 - Driver: (MpKsl81eff7e2) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl81eff7e2.sys (.not file.) O41 - Driver: (MpKsl8a4991a6) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl8a4991a6.sys (.not file.) O41 - Driver: (MpKsl8affb05a) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl8affb05a.sys (.not file.) O41 - Driver: (MpKsl8d368865) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl8d368865.sys (.not file.) O41 - Driver: (MpKsl8d6979d2) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl8d6979d2.sys (.not file.) O41 - Driver: (MpKsl8d7076d3) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKsl8d7076d3.sys (.not file.) O41 - Driver: (MpKsl8d856cfe) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl8d856cfe.sys (.not file.) O41 - Driver: (MpKsl8e53df2b) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl8e53df2b.sys (.not file.) O41 - Driver: (MpKsl8fddaed2) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl8fddaed2.sys (.not file.) O41 - Driver: (MpKsl908f4d75) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl908f4d75.sys (.not file.) O41 - Driver: (MpKsl91aff9d9) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKsl91aff9d9.sys O41 - Driver: (MpKsl92530325) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl92530325.sys (.not file.) O41 - Driver: (MpKsl9767687a) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl9767687a.sys (.not file.) O41 - Driver: (MpKsl985eb70a) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl985eb70a.sys (.not file.) O41 - Driver: (MpKsl9a1c6eb1) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKsl9a1c6eb1.sys O41 - Driver: (MpKsl9c2b1860) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl9c2b1860.sys (.not file.) O41 - Driver: (MpKsl9f538db5) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl9f538db5.sys (.not file.) O41 - Driver: (MpKsl9fb71f9c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl9fb71f9c.sys (.not file.) O41 - Driver: (MpKsla34cbd7d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsla34cbd7d.sys (.not file.) O41 - Driver: (MpKsla3833ed8) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsla3833ed8.sys (.not file.) O41 - Driver: (MpKsla47f878d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsla47f878d.sys (.not file.) O41 - Driver: (MpKsla50a8d4b) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsla50a8d4b.sys (.not file.) O41 - Driver: (MpKsla68bdd13) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsla68bdd13.sys (.not file.) O41 - Driver: (MpKsla7179e0b) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsla7179e0b.sys (.not file.) O41 - Driver: (MpKsla8a0532f) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKsla8a0532f.sys (.not file.) O41 - Driver: (MpKsla9844c27) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsla9844c27.sys (.not file.) O41 - Driver: (MpKslad02c76f) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKslad02c76f.sys (.not file.) O41 - Driver: (MpKslae56d262) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslae56d262.sys (.not file.) O41 - Driver: (MpKslafc78c99) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslafc78c99.sys (.not file.) O41 - Driver: (MpKslb03a05c3) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKslb03a05c3.sys (.not file.) O41 - Driver: (MpKslb0663980) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKslb0663980.sys (.not file.) O41 - Driver: (MpKslb08519cc) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslb08519cc.sys (.not file.) O41 - Driver: (MpKslb108da77) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslb108da77.sys (.not file.) O41 - Driver: (MpKslb3559b7a) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKslb3559b7a.sys (.not file.) O41 - Driver: (MpKslb60eed5e) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslb60eed5e.sys (.not file.) O41 - Driver: (MpKslbda6b9be) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslbda6b9be.sys (.not file.) O41 - Driver: (MpKslc02090f3) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKslc02090f3.sys (.not file.) O41 - Driver: (MpKslc27a997c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslc27a997c.sys (.not file.) O41 - Driver: (MpKslc2ffa6e4) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslc2ffa6e4.sys (.not file.) O41 - Driver: (MpKslc3844fe9) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKslc3844fe9.sys O41 - Driver: (MpKslc3e8dfd1) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslc3e8dfd1.sys (.not file.) O41 - Driver: (MpKslc8543c5d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKslc8543c5d.sys (.not file.) O41 - Driver: (MpKslc8c05f85) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslc8c05f85.sys (.not file.) O41 - Driver: (MpKslc9305c8f) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslc9305c8f.sys (.not file.) O41 - Driver: (MpKslc9ce08ac) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKslc9ce08ac.sys (.not file.) O41 - Driver: (MpKslc9d5ac8b) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslc9d5ac8b.sys (.not file.) O41 - Driver: (MpKslca1126a0) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKslca1126a0.sys (.not file.) O41 - Driver: (MpKslcb1c75c7) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKslcb1c75c7.sys (.not file.) O41 - Driver: (MpKslcd7518f2) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKslcd7518f2.sys O41 - Driver: (MpKslcfe67d01) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKslcfe67d01.sys (.not file.) O41 - Driver: (MpKsld137de9d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsld137de9d.sys (.not file.) O41 - Driver: (MpKsld3227bbe) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsld3227bbe.sys (.not file.) O41 - Driver: (MpKsld46cfdd0) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsld46cfdd0.sys (.not file.) O41 - Driver: (MpKsld89bbe27) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsld89bbe27.sys (.not file.) O41 - Driver: (MpKsle04d0bbc) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle04d0bbc.sys (.not file.) O41 - Driver: (MpKsle1116699) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsle1116699.sys (.not file.) O41 - Driver: (MpKsle164a476) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKsle164a476.sys O41 - Driver: (MpKsle21c8d12) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsle21c8d12.sys (.not file.) O41 - Driver: (MpKsle2aa727c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle2aa727c.sys (.not file.) O41 - Driver: (MpKsle34ceecc) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle34ceecc.sys (.not file.) O41 - Driver: (MpKsle381b84e) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle381b84e.sys (.not file.) O41 - Driver: (MpKsle8d8956c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsle8d8956c.sys (.not file.) O41 - Driver: (MpKsle978735e) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle978735e.sys (.not file.) O41 - Driver: (MpKslecf6d442) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslecf6d442.sys (.not file.) O41 - Driver: (MpKslf061a0cb) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslf061a0cb.sys (.not file.) O41 - Driver: (MpKslf088d14d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslf088d14d.sys (.not file.) O41 - Driver: (MpKslf1768dc2) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslf1768dc2.sys (.not file.) O41 - Driver: (MpKslf4b3f681) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKslf4b3f681.sys (.not file.) O41 - Driver: (MpKslf607f03d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslf607f03d.sys (.not file.) O41 - Driver: (MpKslf9c00f4b) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{521C9429-A947-4CDC-81AD-6FCAF6D093B6}\MpKslf9c00f4b.sys O41 - Driver: (MpKslff2648c7) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKslff2648c7.sys (.not file.) O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (pctgntdi) . (.PC Tools - PC Tools Generic TDI Driver.) - C:\WINDOWS\system32\drivers\pctgntdi.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ~ Scan Drivers in 00mn 05s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0 O42 - Logiciel: Adobe Atmosphere Player for Acrobat and Adobe Reader - (.Pas de propriétaire.) [HKLM] -- Adobe Atmosphere Player O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC} O42 - Logiciel: Anniversaire v1.2 - (.S!Ri.) [HKLM] -- Anniversaire_is1 O42 - Logiciel: ArcGIS Desktop - (.Environmental Systems Research Institute, Inc..) [HKLM] -- ArcGIS Desktop O42 - Logiciel: ArcGIS License Manager - (.Pas de propriétaire.) [HKLM] -- ArcGIS License Manager O42 - Logiciel: ArcView GIS 3.2a - (.Pas de propriétaire.) [HKCU] -- ArcView GIS 3.2a O42 - Logiciel: ArchiCAD 12 FRA - (.Pas de propriétaire.) [HKLM] -- 001FFFFFFF12FF00FF0501F02F02F000-R1 O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: AutoCAD LT 2000 - Français - (.Pas de propriétaire.) [HKLM] -- Désinstallation de AutoCAD LT 2000 - Français O42 - Logiciel: AutoCAD Map R2 - (.Pas de propriétaire.) [HKLM] -- AutoCAD Map R2 Uninstall O42 - Logiciel: Autodesk Express Viewer - (.Autodesk, Inc..) [HKLM] -- Autodesk Express Viewer O42 - Logiciel: ClocX (1.5b2) - (.Pas de propriétaire.) [HKLM] -- ClocX O42 - Logiciel: Com600(3.0) - (.Pas de propriétaire.) [HKLM] -- {1FC9399A-E062-4A34-B1A4-03CBA64AC7D1} O42 - Logiciel: Covadis Topo 2004 - (.Pas de propriétaire.) [HKLM] -- Covadis Topo 2004 O42 - Logiciel: DATEY veille4.SCR - (.Pas de propriétaire.) [HKLM] -- DATEY veille4.SCR O42 - Logiciel: Data Access Objects (DAO) 3.5 - (.Pas de propriétaire.) [HKLM] -- DAO 3.5 O42 - Logiciel: DataLink DL01 v2.0 - (.Pas de propriétaire.) [HKLM] -- {24204140-0A0B-11D4-A0FA-0080C845E265} O42 - Logiciel: ECW Compressor 2.2 - (.Pas de propriétaire.) [HKLM] -- ECW Compressor 2.2 O42 - Logiciel: FOIF EXCHANGE TS - (.Pas de propriétaire.) [HKLM] -- {9EECFC81-371F-4925-827D-6617E8D0EE9C} O42 - Logiciel: GeoPrinter 1.20 - (.Geographic Enterprises.) [HKLM] -- GeoPrinter O42 - Logiciel: Huawei PCAssistant - (.Pas de propriétaire.) [HKLM] -- PCAssistant O42 - Logiciel: Intel® Extreme Graphics Driver - (.Pas de propriétaire.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20} O42 - Logiciel: Jeu de données - (.Pas de propriétaire.) [HKLM] -- Jeu de données MapInfo Professional O42 - Logiciel: L&H Power Translator Pro 7.0 - (.Pas de propriétaire.) [HKLM] -- L&H Power Translator Pro 7.0 O42 - Logiciel: Leica SurveyOffice - (.Pas de propriétaire.) [HKLM] -- Leica SurveyOffice O42 - Logiciel: LiveUpdate 2.6 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MapInfo Professional 5.5 - (.Pas de propriétaire.) [HKLM] -- MapInfo O42 - Logiciel: MapInfo Professional® - Jeu de données - (.Pas de propriétaire.) [HKLM] -- MapInfo Professional® - Jeu de données O42 - Logiciel: MapLogix - (.Pas de propriétaire.) [HKLM] -- MapLogix O42 - Logiciel: Micro Application - Compositeur - (.Pas de propriétaire.) [HKLM] -- Micro Application - Compositeur O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Nero Media Player - (.Pas de propriétaire.) [HKLM] -- NMPUninstallKey O42 - Logiciel: Netlog 24 - (.Pas de propriétaire.) [HKLM] -- Netlog 24 O42 - Logiciel: PC Tools Firewall Plus 5.0 - (.PC Tools.) [HKLM] -- PC Tools Firewall Plus O42 - Logiciel: Pixia 3.3b - (.Seagrand.) [HKLM] -- Pixia_is1 O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: Prism - Convertisseur de fichiers vidéo - (.NCH Software.) [HKLM] -- Prism O42 - Logiciel: Python 2.5 numpy-1.0.3 - (.Pas de propriétaire.) [HKLM] -- Python 2.5 numpy-1.0.3 O42 - Logiciel: Python 2.5.1 - (.Pas de propriétaire.) [HKLM] -- Python 2.5.1 O42 - Logiciel: QuantumV2.18 - (.Pas de propriétaire.) [HKLM] -- QuantumV2.18 O42 - Logiciel: Readiris Pro 9 - (.Pas de propriétaire.) [HKLM] -- {3CA9D105-113C-11D8-AB3E-000102B0F79A} O42 - Logiciel: Replay Converter 4 - (.Applian Technologies Inc..) [HKLM] -- Replay Converter 4 O42 - Logiciel: SafeCast Shared Components - (.Macrovision.) [HKLM] -- CdaC13Ba O42 - Logiciel: Seagate Crystal Reports for ESRI - (.Pas de propriétaire.) [HKLM] -- CrystalReports7 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Sentinel System Driver - (.Pas de propriétaire.) [HKLM] -- Rainbow Sentinel Driver O42 - Logiciel: USB Drive AntiVirus 2.3 - (.USB AntiVirus.) [HKLM] -- USB Drive AntiVirus_is1 O42 - Logiciel: Undelete 360 - (.File Recovery Ltd..) [HKLM] -- Undelete 360_is1 O42 - Logiciel: Vertical Mapper 2.6 - (.Pas de propriétaire.) [HKLM] -- {97042B20-E491-11D3-96D4-00105A111647} O42 - Logiciel: Virtual DJ Home - Atomix Productions - (.Pas de propriétaire.) [HKLM] -- Virtual DJ Home - Atomix Productions O42 - Logiciel: Webshots! - (.Pas de propriétaire.) [HKLM] -- Webshots O42 - Logiciel: WinZip - (.WinZip Computing, Inc..) [HKLM] -- WinZip O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Yahoo! Barre d'outils - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion O42 - Logiciel: Yahoo! Software Update - (.Pas de propriétaire.) [HKLM] -- Yahoo! Software Update O42 - Logiciel: ZebHelpProcess 2.50 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1 O42 - Logiciel: doPDF 6.0 printer - (.Softland.) [HKLM] -- doPDF 6 printer_is1 O42 - Logiciel: iColorFolder - (.Pas de propriétaire.) [HKLM] -- iColorFolder O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\AC3Filter] [HKCU\Software\Adaptec] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Amyuni Technologies] [HKCU\Software\Analog Devices] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Applian] [HKCU\Software\Autodesk] [HKCU\Software\BitTorrent] [HKCU\Software\BonSoft] [HKCU\Software\Classes] [HKCU\Software\Conduit] [HKCU\Software\Cyberlink] [HKCU\Software\Digital River] [HKCU\Software\Dx6.2] [HKCU\Software\ESRI] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\FLEXlm License Manager] [HKCU\Software\FreeCDRIP] [HKCU\Software\GNU] [HKCU\Software\Garmin] [HKCU\Software\GeoPrinter] [HKCU\Software\Geomedia SA] [HKCU\Software\Golden Software] [HKCU\Software\Google] [HKCU\Software\Graphisoft] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\Hilgraeve Inc] [HKCU\Software\IE] [HKCU\Software\ISSS] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\InterTrust] [HKCU\Software\Iris] [HKCU\Software\JavaSoft] [HKCU\Software\L&H Language Technology] [HKCU\Software\L&H] [HKCU\Software\Lake] [HKCU\Software\Leica Geosystems] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\METRISPENTAX] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MapInfo] [HKCU\Software\NCH Software] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\Northwood] [HKCU\Software\ODBC] [HKCU\Software\PCTools] [HKCU\Software\Policies] [HKCU\Software\PopCap] [HKCU\Software\Pvm] [HKCU\Software\ReplayConverter] [HKCU\Software\Revenger inc.] [HKCU\Software\Seagate Software] [HKCU\Software\Softland] [HKCU\Software\Softonic] [HKCU\Software\Staccato] [HKCU\Software\SystemSafe] [HKCU\Software\TVP] [HKCU\Software\Totem] [HKCU\Software\Usbfix] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSO] [HKCU\Software\VirtualDJ] [HKCU\Software\WIBU-SYSTEMS] [HKCU\Software\Webshots] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WinZip Computing] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\iColorFolder] [HKLM\Software\Adaptec] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Andrea Electronics] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Applian] [HKLM\Software\Audible] [HKLM\Software\Autodesk] [HKLM\Software\AviSynth] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] [HKLM\Software\ConversApi] [HKLM\Software\Convers] [HKLM\Software\Creative Tech] [HKLM\Software\Crystal Decisions] [HKLM\Software\CyberLink] [HKLM\Software\DIOC] [HKLM\Software\ER Mapper] [HKLM\Software\ESRI] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\FLEXlm License Manager] [HKLM\Software\FOIF] [HKLM\Software\FoifSoft] [HKLM\Software\GNU] [HKLM\Software\GarminUTM] [HKLM\Software\Garmin] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Géomédia] [HKLM\Software\HUAWEI TECHNOLOGIES] [HKLM\Software\HajeSoft] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Huawei] [HKLM\Software\I.R.I.S.] [HKLM\Software\INTEL] [HKLM\Software\ISSS] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\JavaSoft] [HKLM\Software\Joel Technologies] [HKLM\Software\JreMetrics] [HKLM\Software\L&H Language Technology] [HKLM\Software\L&H] [HKLM\Software\Lake] [HKLM\Software\Le Groupe Korem] [HKLM\Software\Leica Geosystems] [HKLM\Software\Licenses] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Mapinfo] [HKLM\Software\MetaStream] [HKLM\Software\Metris] [HKLM\Software\Micro Application/Data Becker] [HKLM\Software\MicroQuill] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NCH Software] [HKLM\Software\NSIS_PCAssistant] [HKLM\Software\Nero] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Northwood] [HKLM\Software\ODBC] [HKLM\Software\PCTools] [HKLM\Software\Policies] [HKLM\Software\PopCap] [HKLM\Software\Program Groups] [HKLM\Software\Python] [HKLM\Software\Rainbow Technologies] [HKLM\Software\ReplayConverter] [HKLM\Software\Revenger inc.] [HKLM\Software\Roxio] [HKLM\Software\Safe Software Inc.] [HKLM\Software\Safenet Sentinel] [HKLM\Software\Schlumberger] [HKLM\Software\Seagate Software] [HKLM\Software\Softland] [HKLM\Software\Staccato] [HKLM\Software\Suzhou FOIF Co., Ltd.] [HKLM\Software\Symantec] [HKLM\Software\SystemSafe] [HKLM\Software\Totem] [HKLM\Software\VSO] [HKLM\Software\Vantage Software Technologies] [HKLM\Software\VirtualDJ] [HKLM\Software\Voice] [HKLM\Software\WIBU-SYSTEMS] [HKLM\Software\WexTech Systems] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Wondershare] [HKLM\Software\Yahoo] [HKLM\Software\callas software gmbh] [HKLM\Software\iTinySoft] ~ Scan Softwares in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 17/11/2010 - 17:17:32 - [164013629] ----D- C:\Program Files\Acad2000 O43 - CFD: 11/03/2011 - 18:59:04 - [47428533] ----D- C:\Program Files\Acme Photo ScreenSaver Maker O43 - CFD: 18/02/2011 - 16:57:24 - [522024303] ----D- C:\Program Files\Adobe O43 - CFD: 12/07/2010 - 09:24:02 - [14394280] ----D- C:\Program Files\Ahead O43 - CFD: 12/07/2010 - 09:24:00 - [3358144] ----D- C:\Program Files\Ahead(2) O43 - CFD: 22/02/2010 - 09:42:00 - [0] ----D- C:\Program Files\Analog Devices O43 - CFD: 17/07/2010 - 07:24:22 - [1219251] ----D- C:\Program Files\Anniversaire O43 - CFD: 27/03/2011 - 09:09:20 - [3997789] ----D- C:\Program Files\AnswerWorks 4.0 O43 - CFD: 05/06/2010 - 20:44:42 - [2199758] ----D- C:\Program Files\Apple Software Update O43 - CFD: 07/10/2011 - 23:50:52 - [4311563417] ----D- C:\Program Files\ArcGIS O43 - CFD: 19/09/2010 - 19:08:02 - [45253068] ----D- C:\Program Files\ArchiCAD 8.1 O43 - CFD: 06/10/2011 - 17:15:16 - [176469309] ----D- C:\Program Files\AutoCAD 2004 O43 - CFD: 27/05/2010 - 11:06:30 - [70760598] ----D- C:\Program Files\AutoCAD LT 2000 O43 - CFD: 02/04/2010 - 10:52:50 - [130205540] ----D- C:\Program Files\Autodesk O43 - CFD: 17/11/2010 - 17:17:32 - [12193061] ----D- C:\Program Files\ClocX O43 - CFD: 09/11/2010 - 20:33:02 - [12943543] ----D- C:\Program Files\Com600 O43 - CFD: 22/02/2010 - 09:45:04 - [525824] ----D- C:\Program Files\COMPAQ O43 - CFD: 19/02/2010 - 09:09:20 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 30/09/2010 - 09:47:14 - [5844772] ----D- C:\Program Files\conjugaison O43 - CFD: 16/03/2010 - 10:53:18 - [34022950] ----D- C:\Program Files\CyberLink O43 - CFD: 17/11/2010 - 17:17:44 - [19955654] ----D- C:\Program Files\Dictionnaire O43 - CFD: 15/03/2011 - 19:38:38 - [4965848] ----D- C:\Program Files\ER Mapper O43 - CFD: 06/10/2011 - 21:03:54 - [21168123] ----D- C:\Program Files\ESRI O43 - CFD: 11/10/2011 - 15:02:46 - [870927364] ----D- C:\Program Files\Fichiers communs O43 - CFD: 31/12/2010 - 07:52:16 - [6731670] ----D- C:\Program Files\File Recovery O43 - CFD: 26/05/2011 - 16:36:26 - [3394710] ----D- C:\Program Files\FOIF EXCHANGE TS O43 - CFD: 11/03/2011 - 19:14:04 - [3626459] ----D- C:\Program Files\Free Audio Pack O43 - CFD: 16/03/2011 - 22:04:46 - [3268594] ----D- C:\Program Files\Geomedia SA O43 - CFD: 15/03/2011 - 19:39:40 - [5735911] ----D- C:\Program Files\GeoPrinter O43 - CFD: 14/09/2010 - 21:32:02 - [32668145] ----D- C:\Program Files\Google O43 - CFD: 19/06/2010 - 11:41:38 - [492537345] ----D- C:\Program Files\Graphisoft O43 - CFD: 16/03/2011 - 23:58:04 - [187069290] ----D- C:\Program Files\Géomédia O43 - CFD: 29/06/2010 - 16:03:56 - [12982751] ----D- C:\Program Files\HuaweiPcAssistant O43 - CFD: 23/07/2010 - 22:35:58 - [8955305] ----D- C:\Program Files\iColorFolder O43 - CFD: 26/05/2011 - 16:36:06 - [22337850] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 22/02/2010 - 09:07:38 - [47903] ----D- C:\Program Files\Intel O43 - CFD: 27/03/2011 - 07:42:04 - [6110695] ----D- C:\Program Files\Internet Explorer O43 - CFD: 01/03/2011 - 14:11:00 - [153538947] ----D- C:\Program Files\Java O43 - CFD: 27/08/2011 - 11:41:10 - [16463696] ----D- C:\Program Files\Leica Geosystems O43 - CFD: 30/03/2010 - 07:55:56 - [804195926] ----D- C:\Program Files\LHSP O43 - CFD: 10/09/2010 - 13:09:42 - [2401798] ----D- C:\Program Files\LRE O43 - CFD: 09/09/2010 - 23:21:24 - [3925983] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 15/04/2010 - 13:33:02 - [127458635] ----D- C:\Program Files\MapInfo O43 - CFD: 14/02/2011 - 20:53:32 - [189725528] ----D- C:\Program Files\mapinfo5.5 O43 - CFD: 15/03/2011 - 21:56:06 - [391259532] ----D- C:\Program Files\MapInfo8.5 O43 - CFD: 21/02/2011 - 00:47:02 - [2174045] ----D- C:\Program Files\Messenger O43 - CFD: 25/04/2010 - 06:44:00 - [1793087] ----D- C:\Program Files\Metris O43 - CFD: 27/11/2010 - 09:18:26 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 19/02/2010 - 09:15:08 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 27/03/2011 - 09:09:10 - [399655891] ----D- C:\Program Files\Microsoft Office O43 - CFD: 23/07/2010 - 21:58:48 - [60753272] ----D- C:\Program Files\Microsoft Office Proj O43 - CFD: 04/03/2011 - 12:15:02 - [18110254] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 27/02/2011 - 14:29:28 - [0] ----D- C:\Program Files\Microsoft Security Essentials O43 - CFD: 19/02/2010 - 11:16:04 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 19/02/2010 - 12:19:50 - [4368271] ----D- C:\Program Files\Microsoft Works O43 - CFD: 19/02/2010 - 11:19:06 - [184320] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 21/02/2011 - 00:40:06 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 19/02/2010 - 12:13:04 - [29794014] ----D- C:\Program Files\MSECache O43 - CFD: 19/02/2010 - 09:08:06 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 19/02/2010 - 09:08:44 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 27/11/2010 - 09:08:52 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 13/08/2011 - 12:22:54 - [3010152] ----D- C:\Program Files\NCH Software O43 - CFD: 12/07/2010 - 08:13:34 - [263175963] ----D- C:\Program Files\Nero O43 - CFD: 13/08/2011 - 14:40:58 - [1380352] ----D- C:\Program Files\Netlog 24 O43 - CFD: 19/02/2010 - 09:11:40 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 19/02/2010 - 09:09:00 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 28/02/2011 - 07:33:18 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 30/03/2011 - 07:09:50 - [23220200] ----D- C:\Program Files\PC Tools Firewall Plus O43 - CFD: 13/08/2011 - 18:50:30 - [636354] ----D- C:\Program Files\Piano virtuel midi O43 - CFD: 21/08/2011 - 19:37:52 - [34481791] ----D- C:\Program Files\QuantumV2.18 O43 - CFD: 28/03/2010 - 14:45:20 - [2618811] ----D- C:\Program Files\QuickTime O43 - CFD: 05/06/2010 - 20:47:16 - [79994325] ----D- C:\Program Files\QuickTime7 O43 - CFD: 25/04/2010 - 09:45:10 - [51335442] ----D- C:\Program Files\Readiris Pro 9 O43 - CFD: 13/06/2011 - 21:47:42 - [38109305] ----D- C:\Program Files\Replay Converter 4 O43 - CFD: 12/07/2010 - 07:44:48 - [7936791] ----D- C:\Program Files\Roxio O43 - CFD: 16/03/2011 - 22:15:22 - [327659] ----D- C:\Program Files\SafeNet Sentinel O43 - CFD: 14/02/2011 - 23:22:00 - [35775332] ----D- C:\Program Files\Seagate Crystal Reports O43 - CFD: 29/01/2011 - 23:27:54 - [7578138] ----D- C:\Program Files\Seagate Software O43 - CFD: 14/09/2010 - 20:55:54 - [11804837] ----D- C:\Program Files\Seagrand O43 - CFD: 19/02/2010 - 09:12:16 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 25/04/2010 - 17:09:16 - [1330468] ----D- C:\Program Files\Softland O43 - CFD: 16/03/2010 - 12:45:14 - [0] ----D- C:\Program Files\Surfer O43 - CFD: 28/03/2010 - 13:51:12 - [9493264] ----D- C:\Program Files\Symantec O43 - CFD: 28/03/2010 - 13:51:06 - [0] ----D- C:\Program Files\Symantec AntiVirus O43 - CFD: 19/02/2010 - 09:20:32 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 16/03/2010 - 13:39:36 - [2368378] ----D- C:\Program Files\USBAntiVirus O43 - CFD: 13/08/2011 - 14:43:32 - [639864] ----D- C:\Program Files\uTorrent O43 - CFD: 18/04/2011 - 09:34:50 - [12897614] ----D- C:\Program Files\Viewpoint O43 - CFD: 13/03/2011 - 06:16:48 - [19903202] ----D- C:\Program Files\VirtualDJ O43 - CFD: 11/03/2011 - 19:05:20 - [3317984] ----D- C:\Program Files\VSO O43 - CFD: 11/10/2011 - 13:18:08 - [125335076] ----D- C:\Program Files\Webshots O43 - CFD: 19/02/2010 - 10:08:14 - [4106093] ----D- C:\Program Files\Windows Media Player O43 - CFD: 19/02/2010 - 09:08:34 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 19/02/2010 - 09:12:22 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 19/02/2010 - 09:48:52 - [3111820] ----D- C:\Program Files\WinRAR O43 - CFD: 19/02/2010 - 09:49:14 - [4797080] ----D- C:\Program Files\WinZip O43 - CFD: 19/02/2010 - 09:15:08 - [0] ----D- C:\Program Files\xerox O43 - CFD: 16/02/2011 - 09:14:18 - [5133282] ----D- C:\Program Files\Yahoo! O43 - CFD: 11/10/2011 - 21:20:36 - [103458842] ----D- C:\Program Files\ZebHelpProcess O43 - CFD: 12/07/2010 - 13:11:30 - [35586198] ----D- C:\Program Files\Fichiers Communs\Adaptec Shared O43 - CFD: 18/02/2011 - 17:02:38 - [98474189] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 18/02/2011 - 17:03:48 - [68096] ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD: 19/02/2010 - 10:20:40 - [115625451] ----D- C:\Program Files\Fichiers Communs\Ahead O43 - CFD: 06/10/2011 - 21:53:26 - [5133227] ----D- C:\Program Files\Fichiers Communs\AnswerWorks 4.0 O43 - CFD: 27/03/2011 - 09:09:22 - [45661047] ----D- C:\Program Files\Fichiers Communs\Autodesk Shared O43 - CFD: 11/10/2011 - 15:02:46 - [7675825] ----D- C:\Program Files\Fichiers Communs\Borland Shared O43 - CFD: 27/03/2011 - 09:09:14 - [197904] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 06/10/2011 - 21:46:48 - [52457526] ----D- C:\Program Files\Fichiers Communs\ESRI O43 - CFD: 07/10/2011 - 23:50:08 - [16470796] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 08/07/2010 - 16:43:04 - [283294] ----D- C:\Program Files\Fichiers Communs\iS3 O43 - CFD: 01/03/2011 - 14:19:36 - [29186792] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 30/03/2010 - 07:56:36 - [101305722] ----D- C:\Program Files\Fichiers Communs\L&H Shared O43 - CFD: 27/03/2011 - 09:13:48 - [275616] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 06/10/2011 - 21:47:26 - [331789088] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 19/02/2010 - 09:11:34 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 19/02/2010 - 08:19:14 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 28/12/2010 - 11:27:00 - [3472677] ----D- C:\Program Files\Fichiers Communs\PC Tools O43 - CFD: 06/10/2011 - 21:06:02 - [1812007] ----D- C:\Program Files\Fichiers Communs\SafeNet Sentinel O43 - CFD: 19/02/2010 - 09:11:38 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 19/02/2010 - 08:19:10 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 28/03/2010 - 13:51:14 - [56455] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 19/02/2010 - 11:15:28 - [21012855] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 28/03/2010 - 22:07:16 - [303104] ----D- C:\Program Files\Fichiers Communs\Totem Shared O43 - CFD: 15/08/2011 - 15:08:40 - [21458938] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Adobe O43 - CFD: 18/04/2011 - 12:24:52 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\AdobeUM O43 - CFD: 28/03/2010 - 18:52:30 - [97736] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Ahead O43 - CFD: 07/07/2010 - 22:32:36 - [3015] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Apple Computer O43 - CFD: 16/03/2010 - 12:31:52 - [4371298] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Autodesk O43 - CFD: 16/03/2010 - 10:58:56 - [20992] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\CyberLink O43 - CFD: 06/10/2011 - 22:16:38 - [14336] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\ESRI O43 - CFD: 22/02/2011 - 15:32:00 - [6708] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Free Audio Editor O43 - CFD: 19/02/2011 - 14:55:44 - [549] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\FreeAudioPack O43 - CFD: 20/02/2011 - 09:01:30 - [2052] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\FreeCDRipper O43 - CFD: 16/04/2010 - 16:28:52 - [9496] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\GARMIN O43 - CFD: 14/09/2010 - 21:41:40 - [33081] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Google O43 - CFD: 19/06/2010 - 11:19:34 - [3672603] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Graphisoft O43 - CFD: 26/05/2010 - 22:57:28 - [63] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Help O43 - CFD: 10/03/2010 - 15:59:16 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Identities O43 - CFD: 31/03/2010 - 21:11:54 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\InterTrust O43 - CFD: 30/04/2010 - 15:42:08 - [17108] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Macromedia O43 - CFD: 09/09/2010 - 23:21:40 - [20522] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Malwarebytes O43 - CFD: 15/03/2011 - 19:50:12 - [3239564] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\MapInfo O43 - CFD: 27/08/2011 - 09:38:46 - [6178814] -S--D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Microsoft O43 - CFD: 13/08/2011 - 12:22:48 - [7138] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\NCH Software O43 - CFD: 28/12/2010 - 11:47:08 - [2] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\PCToolsFirewallPlus O43 - CFD: 05/06/2010 - 21:08:56 - [22985666] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Sun O43 - CFD: 17/05/2011 - 18:38:44 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\U3 O43 - CFD: 11/10/2011 - 21:23:00 - [13300] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\uTorrent O43 - CFD: 11/03/2011 - 19:03:38 - [1340] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Vso O43 - CFD: 16/02/2011 - 09:10:14 - [19283] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\Yahoo! O43 - CFD: 28/03/2010 - 15:01:20 - [32339] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Adobe O43 - CFD: 11/07/2010 - 14:33:48 - [1973271] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Ahead O43 - CFD: 05/06/2010 - 20:44:50 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Apple O43 - CFD: 05/06/2010 - 20:43:14 - [17783] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Apple Computer O43 - CFD: 11/07/2011 - 00:35:56 - [3434] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\ApplicationHistory O43 - CFD: 16/03/2010 - 12:24:52 - [39026093] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Autodesk O43 - CFD: 14/09/2010 - 21:41:40 - [16445090] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Google O43 - CFD: 29/06/2010 - 21:28:02 - [6557245] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Graphisoft O43 - CFD: 02/04/2010 - 08:07:52 - [25030] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Help O43 - CFD: 11/07/2010 - 14:33:58 - [1745188] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Identities O43 - CFD: 15/04/2010 - 13:39:30 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\MapInfo O43 - CFD: 17/02/2011 - 04:37:32 - [360668263] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Microsoft O43 - CFD: 13/08/2011 - 14:40:48 - [39] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Netlog O43 - CFD: 23/07/2010 - 22:10:44 - [45056] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\NOS O43 - CFD: 16/03/2010 - 08:53:50 - [5534289] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\PCHealth O43 - CFD: 10/03/2010 - 15:59:56 - [21845] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Symantec O43 - CFD: 13/08/2011 - 14:41:58 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\uTorrent O43 - CFD: 18/02/2011 - 23:49:08 - [0] ----D- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Application Data\Yahoo ~ Scan Program Folder in 02mn 33s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A58F6999C5BA2CE9F91C334641E666E7] - 11/10/2011 - 21:21:52 ---A- . (...) -- C:\WINDOWS\WebshotsForHUEDAKOR Anoumou.bmp [1459254] O44 - LFC:[MD5.93447198B32CAA8314AC06887662BDFF] - 11/10/2011 - 21:20:42 ---A- . (...) -- C:\WINDOWS\webshots.ini [91] O44 - LFC:[MD5.53350F475606C4826DA290CEF554C7BC] - 11/10/2011 - 21:19:04 ---A- . (...) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/10/2011 - 21:16:43 ---A- . (...) -- C:\UsbFix.txt [0] O44 - LFC:[MD5.5C5BFE7EAC72432ED03EF0CBD31A918B] - 11/10/2011 - 21:00:38 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1882822] O44 - LFC:[MD5.0A459C8FCD742D2140D4598183EF4250] - 11/10/2011 - 21:00:28 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/10/2011 - 20:51:32 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.A8A56DF0AC78D3BF925FDC9F5E27317D] - 11/10/2011 - 20:51:26 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157] O44 - LFC:[MD5.5B06D1DF0D77516656E34361491999E6] - 11/10/2011 - 20:50:58 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 11/10/2011 - 20:49:54 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.6CC8BEF4C204CD784902620DAD04A5D0] - 11/10/2011 - 14:40:11 ---A- . (...) -- C:\DelFixSuppr.txt [990] O44 - LFC:[MD5.D1A6A411515C5F1E439541084426792F] - 11/10/2011 - 14:39:05 ---A- . (...) -- C:\DelFixSearch.txt [959] O44 - LFC:[MD5.E91FCDA032EDE5789FC923317467FCAB] - 11/10/2011 - 14:27:35 ---A- . (...) -- C:\WINDOWS\Hlp.cmp [1249] O44 - LFC:[MD5.C37BB9136E4604B610C9EB1A8EC0DACF] - 11/10/2011 - 14:27:35 ---A- . (...) -- C:\WINDOWS\Inv.cmp [1210] O44 - LFC:[MD5.4427481E7890842C6DAA914C3D5B4208] - 09/10/2011 - 22:18:55 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32514] O44 - LFC:[MD5.932492B43EB8EBA1DA0D07A1877CE103] - 08/10/2011 - 01:16:48 ---A- . (...) -- C:\WINDOWS\system32\FNTCACHE.DAT [419040] O44 - LFC:[MD5.828FD89B4211988ACD61925764AB9B69] - 07/10/2011 - 23:38:52 ---A- . (...) -- C:\WORK.LOG [153] O44 - LFC:[MD5.7D6192F8099580531546AD6C819B51AA] - 07/10/2011 - 14:05:17 ---A- . (...) -- C:\WINDOWS\ModemLog_JOA Mobile USB Modem #2.txt [8890] O44 - LFC:[MD5.1E8C11C36F5391F7FCC050C41F0D5105] - 07/10/2011 - 14:04:05 ---A- . (...) -- C:\WINDOWS\setupapi.log [124478] O44 - LFC:[MD5.6E087B1CDBE342D8CA485711B31C9165] - 07/10/2011 - 01:15:42 ---A- . (.Python Software Foundation - Python Core.) -- C:\WINDOWS\system32\python25.dll [2113536] O44 - LFC:[MD5.828845D51CEB04766844F8EA87831F33] - 06/10/2011 - 17:04:45 ---A- . (...) -- C:\WINDOWS\ModemLog_JOA Mobile USB Modem #10.txt [4896] O44 - LFC:[MD5.C0CDF67E6F37B528C3BE01F861E6608F] - 06/10/2011 - 17:04:45 ---A- . (...) -- C:\WINDOWS\ModemLog_JOA Mobile USB Modem #9.txt [4896] O44 - LFC:[MD5.175A3C54E7A44355D88943C3DE9F7A39] - 06/10/2011 - 17:04:27 ---A- . (...) -- C:\WINDOWS\ModemLog_JOA Mobile USB Modem.txt [8734] O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 20/01/1999 - 05:01:00 ---A- . (...) -- C:\WINDOWS\system32\DBCLIENT.DLL [210032] O44 - LFC:[MD5.4BC02BD73338C3A26265F5C64DBEC770] - 12/11/1999 - 05:11:00 ---A- . (...) -- C:\WINDOWS\system32\BDEADMIN.CPL [183808] ~ Scan Files in 02mn 36s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Graphisoft\ArchiCAD 12\ArchiCAD.exe" [Enabled] .(...) -- C:\Program Files\Graphisoft\ArchiCAD 12\ArchiCAD.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Graphisoft\ArchiCAD 12fra\ArchiCAD.exe" [Enabled] .(.Graphisoft R&D - ArchiCAD 12.0.0 Component.) -- C:\Program Files\Graphisoft\ArchiCAD 12fra\ArchiCAD.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe" [Enabled] .(.Nero AG - MSI starter.) -- C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe O47 - AAKE:Key Export SP - "C:\Python30\pythonw.exe" [Enabled] .(...) -- C:\Python30\pythonw.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\HUEDAKOR Anoumou\Mes documents\My eBooks\FLVPlayerSetup.exe" [Enabled] .(.InstallCore© Technologies.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Mes documents\My eBooks\FLVPlayerSetup.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Temp\ICReinstall\FLVPlayerSetup.exe" [Enabled] .(.InstallCore© Technologies.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Local Settings\Temp\ICReinstall\FLVPlayerSet O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "F:\Mes ePrograms\FlvPlayerSetup.exe" [Enabled] .(.FLV Player Techno - FLV Player Installer.) -- F:\Mes ePrograms\FlvPlayerSetup.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe ~ Scan Keys in 01mn 03s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys . (...) -- C:\WINDOWS\system32\Drivers\nm.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"SENTINEL"="snti386.dll" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\system32\snti386.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc." . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \drivers.desc\"snti386.dll"="Sentinel for i386 Systems" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\system32\snti386.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=255 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.0F2D66D5F08EBE2F77BB904288DCF6F0] - 11/10/2011 - 20:20:04 ---A- . (.Intel Corporation - Intel® Integrated Controller Hub Audio Driver.) -- C:\WINDOWS\system32\drivers\ac97intc.sys [96256] O58 - SDL:[MD5.F76CB7259AA575CC53F3996BC6B68C18] - 11/10/2011 - 09:13:42 ---A- . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS [12464] O58 - SDL:[MD5.658CDEA65FFFAC193482E10407E45DA1] - 11/10/2011 - 11:20:24 ---A- . (.Roxio - CDR4_XP CDR Helper.) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [62288] O58 - SDL:[MD5.6123DA1EC51F4F016554535B88BEFBF6] - 11/10/2011 - 11:20:16 ---A- . (.Roxio - CDRAL for Windows 2000 Kernel Driver.) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [23436] O58 - SDL:[MD5.8C7746ACDE6225A46B58ED7AE09EC166] - 11/10/2011 - 11:15:02 ---A- . (.Roxio - CD-UDF NT Filesystem Driver.) -- C:\WINDOWS\system32\drivers\cdudf_xp.sys [241280] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 11/10/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 11/10/2011 - 12:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.E2B1AEDB62845581D848037F0A614EE6] - 11/10/2011 - 20:19:20 ---A- . (.Copyright © Creative Technology Ltd. 1994 - Sound Blaster 16 Adapter Driver.) -- C:\WINDOWS\system32\drivers\ctlsb16.sys [96256] O58 - SDL:[MD5.64A6260D961FA2B0B5BFD626C44AB5A1] - 11/10/2011 - 20:19:24 ---A- . (.Crystal Semiconductor Corp. - Crystal WDM Base Driver.) -- C:\WINDOWS\system32\drivers\cwbase.sys [3072] O58 - SDL:[MD5.86E32E528092092188C58BCF4A9F96C5] - 11/10/2011 - 20:19:28 ---A- . (.Crystal Semiconductor Corp. - Crystal ISA WDM Driver.) -- C:\WINDOWS\system32\drivers\cwbwdm.sys [72832] O58 - SDL:[MD5.19AD271AF8FF58433F587818E811D690] - 11/10/2011 - 13:12:07 ---A- . (.Roxio - DVD-RAM AddOn Driver.) -- C:\WINDOWS\system32\drivers\Dvd_2k.sys [25930] O58 - SDL:[MD5.AB570FB40832BEE65F4D90A7F02792BF] - 11/10/2011 - 20:19:56 ---A- . (.ESS Technology, Inc. - ESS Technology, Inc. Adapter Driver.) -- C:\WINDOWS\system32\drivers\ess.sys [63360] O58 - SDL:[MD5.252969C6ABC6291D29830B36C49F085B] - 11/10/2011 - 20:51:36 ---A- . (.GARMIN Corp. - grmn0200 driver.) -- C:\WINDOWS\system32\drivers\grmn0200.sys [23208] O58 - SDL:[MD5.5E9E62C45037D0E0D0AFA4E6E1708413] - 11/10/2011 - 20:51:40 ---A- . (.GARMIN Corp. - grmn0400.) -- C:\WINDOWS\system32\drivers\grmn0400.sys [22184] O58 - SDL:[MD5.EAC8FD83F9CD6D994F5AFD92B3FA3244] - 11/10/2011 - 20:51:38 ---A- . (...) -- C:\WINDOWS\system32\drivers\grmn1200.sys [17448] O58 - SDL:[MD5.9CFCD5DF1CEE66681AB2DF079A8FF3CA] - 11/10/2011 - 20:48:14 ---A- . (.GARMIN Corp. - Generic WDM Support Driver.) -- C:\WINDOWS\system32\drivers\grmngen.sys [18304] O58 - SDL:[MD5.6003BC70F1A8307262BD3C941BDA0B7E] - 11/10/2011 - 20:48:14 ---A- . (.GARMIN Corp. - grmnusb.sys.) -- C:\WINDOWS\system32\drivers\grmnusb.sys [9344] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 11/10/2011 - 09:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.44B7D5A4F2BD9FE21AEA0BB0BACE38C4] - 11/10/2011 - 17:12:34 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys [807998] O58 - SDL:[MD5.7BFC3EDA22190C0FE8C2CA19E5379DA5] - 11/10/2011 - 15:55:36 ---A- . (.Nero AG - InCD File System Driver.) -- C:\WINDOWS\system32\drivers\InCDfs.sys [118576] O58 - SDL:[MD5.FC4DBF18A4EB0D2FE3171471A3D0F9A8] - 11/10/2011 - 15:55:36 ---A- . (.Nero AG - Ahead RW Filter Driver.) -- C:\WINDOWS\system32\drivers\InCDPass.sys [37040] O58 - SDL:[MD5.F8E7C551DEF07FDC12CA5CC7AE5D975B] - 11/10/2011 - 15:55:36 ---A- . (.Nero AG - InCD File System Recognizer.) -- C:\WINDOWS\system32\drivers\InCDrec.sys [16304] O58 - SDL:[MD5.31A5A3809249A326EB0EF58D563A9654] - 11/10/2011 - 15:55:36 ---A- . (.Nero AG - Nero MRW Filter Driver.) -- C:\WINDOWS\system32\drivers\InCDRm.sys [38576] O58 - SDL:[MD5.436D2A8B24E9B407155A177548B02AF2] - 11/10/2011 - 02:33:49 R--A- . (.JOA - JOA Mobile USB Device.) -- C:\WINDOWS\system32\drivers\JA_bus.sys [22144] O58 - SDL:[MD5.372D0557ACFED311D7A78E7CCD5DDAB0] - 11/10/2011 - 02:33:49 R--A- . (.JOA - JOA USB Filter Drivers.) -- C:\WINDOWS\system32\drivers\JA_flt.sys [3456] O58 - SDL:[MD5.2F64E5F1E4C9AE78346695238F82EFEC] - 11/10/2011 - 02:33:49 R--A- . (.JOA - JOA Mobile USB Modem.) -- C:\WINDOWS\system32\drivers\JA_mdm.sys [40064] O58 - SDL:[MD5.6B442A73A5E8FE89E1F1641DB39CD7C0] - 11/10/2011 - 11:25:16 ---A- . (.Guang Zhou ZLG_MCU Development Co. LTD. - USB Device Driver.) -- C:\WINDOWS\system32\drivers\lpc214x.sys [10752] O58 - SDL:[MD5.C942F5D37337AD31819CFAA0E6E87D10] - 11/10/2011 - 00:07:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [17200] O58 - SDL:[MD5.6E2C719A904C21495192B2F4DE9C1990] - 11/10/2011 - 00:07:22 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38528] O58 - SDL:[MD5.FB15AD65E4D204688B9F63E567E851C7] - 11/10/2011 - 13:12:07 ---A- . (.Roxio - CD-R/RW AddOn MMC Driver (W2K).) -- C:\WINDOWS\system32\drivers\Mmc_2k.sys [30662] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 11/10/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.221D171A602F964D0567C9C90E82FD92] - 11/10/2011 - 20:20:16 ---A- . (.Yamaha Corp. - OPL3-SAx Sound System (WDM).) -- C:\WINDOWS\system32\drivers\opl3sax.sys [54528] O58 - SDL:[MD5.3379E7A840DE135FB7A829E03BC9CC25] - 11/10/2011 - 12:16:56 ---A- . (.PC Tools - PC Tools App Monitor Driver.) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys [73840] O58 - SDL:[MD5.9963F7D5882A539B467BA06D83F93C04] - 11/10/2011 - 10:11:46 ---A- . (.PC Tools - PC Tools KDS Core Driver.) -- C:\WINDOWS\system32\drivers\PCTCore.sys [130424] O58 - SDL:[MD5.975F4E44FD48C36BEED30C96A115B2B8] - 11/10/2011 - 12:29:18 ---A- . (.PC Tools - PC Tools NDIS Driver.) -- C:\WINDOWS\system32\drivers\pctfw.sys [97408] O58 - SDL:[MD5.BF770A5817FA8FBA1402B2286A7F394C] - 11/10/2011 - 08:38:22 ---A- . (.PC Tools - PC Tools Generic TDI Driver.) -- C:\WINDOWS\system32\drivers\pctgntdi.sys [159600] O58 - SDL:[MD5.0EEC24AFFC5AB0A2BBE4A6A886230AA5] - 11/10/2011 - 10:38:32 ---A- . (.PC Tools - PC Tools FW Plugin Driver.) -- C:\WINDOWS\system32\drivers\pctplfw.sys [95640] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 11/10/2011 - 12:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.1840112F3F3B7ECE84DBBD93A70C4135] - 11/10/2011 - 11:17:10 ---A- . (.Roxio - Win2000 Framework for Packet Write Driver.) -- C:\WINDOWS\system32\drivers\pwd_2K.sys [144250] O58 - SDL:[MD5.DA6EDD4FBD0C73CC9AEB11CE61D0CA4B] - 11/10/2011 - 05:49:34 R--A- . (.Qualcomm Inc. - USB/Serial Device Driver.) -- C:\WINDOWS\system32\drivers\qcusbmdm.sys [64384] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 11/10/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 11/10/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 11/10/2011 - 09:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.7E5C2C58FC4E3862E7BF88BFB809A9B0] - 11/10/2011 - 07:30:00 ---A- . (.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\WINDOWS\system32\drivers\sentinel.sys [90688] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 11/10/2011 - 12:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.E1B5BFBA7F1CDE1FC28934639E83B3CF] - 11/10/2011 - 11:15:28 ---A- . (.Roxio - CD-UDF NT Filesystem Reader Driver.) -- C:\WINDOWS\system32\drivers\udfreadr_xp.sys [206464] O58 - SDL:[MD5.889C5043FD95D83315FD63EFFB69F698] - 11/10/2011 - 22:39:08 ---A- . (.Texas Instruments - Win2K/WinXP UMP USB Device Driver.) -- C:\WINDOWS\system32\drivers\UmpUsbXP.sys [75584] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 11/10/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.85ECE26F326C2D07BA77A60343468272] - 11/10/2011 - 15:19:40 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys [16640] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 11/10/2011 - 09:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 11/10/2011 - 09:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 11/10/2011 - 09:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 11/10/2011 - 09:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 11/10/2011 - 09:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 11/10/2011 - 09:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.286C93191D49E24FC78B27E993F44B16] - 11/10/2011 - 16:17:00 ---A- . (.Compaq Computer Corporation - Client Management Device Driver.) -- C:\WINDOWS\system32\sp24329.SYS [50520] ~ Scan Drivers in 00mn 04s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: UsbFix By TeamXscript - (.TeamXscript.) [HKLM] -- Usbfix ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 27/03/2011 - C:\WINDOWS\system32\drivers\CDAC11BA.exe - C-DillaCdaC11BA(C-DillaCdaC11BA) .(.Macrovision - Macrovision RTS Service.) - LEGACY_C-DILLACDAC11BA O64 - Services: CurCS - 27/03/2011 - C:\WINDOWS\system32\drivers\CDAC15BA.sys - CdaC15BA(CdaC15BA) .(.Macrovision Europe Ltd - Macrovision SECURITY Driver.) - LEGACY_CDAC15BA O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 28/08/2001 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 22/10/2004 - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - 15/05/2007 - C:\WINDOWS\system32\drivers\InCDFs.sys - InCD File System(InCDfs) .(.Nero AG - InCD File System Driver.) - LEGACY_INCDFS O64 - Services: CurCS - 15/05/2007 - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe - InCD Helper(InCDsrv) .(.Nero AG - incdsrv.) - LEGACY_INCDSRV O64 - Services: CurCS - 01/03/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 10/09/2008 - C:\WINDOWS\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy(MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl00c87769.sys (.not file.) - MpKsl00c87769 (MpKsl00c87769) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl00d6fec9.sys (.not file.) - MpKsl00d6fec9 (MpKsl00d6fec9) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl045b9bbb.sys (.not file.) - MpKsl045b9bbb (MpKsl045b9bbb) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl057682bb.sys (.not file.) - MpKsl057682bb (MpKsl057682bb) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl066a1320.sys (.not file.) - MpKsl066a1320 (MpKsl066a1320) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl067cd807.sys (.not file.) - MpKsl067cd807 (MpKsl067cd807) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl073f43ec.sys (.not file.) - MpKsl073f43ec (MpKsl073f43ec) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl07fb6e42.sys (.not file.) - MpKsl07fb6e42 (MpKsl07fb6e42) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl0975345b.sys (.not file.) - MpKsl0975345b (MpKsl0975345b) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl14c7c4cc.sys (.not file.) - MpKsl14c7c4cc (MpKsl14c7c4cc) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl1a806cd4.sys (.not file.) - MpKsl1a806cd4 (MpKsl1a806cd4) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl1f2239e7.sys (.not file.) - MpKsl1f2239e7 (MpKsl1f2239e7) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl239ea6bb.sys (.not file.) - MpKsl239ea6bb (MpKsl239ea6bb) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl23c621e4.sys (.not file.) - MpKsl23c621e4 (MpKsl23c621e4) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl2605895d.sys (.not file.) - MpKsl2605895d (MpKsl2605895d) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl28ec18fe.sys (.not file.) - MpKsl28ec18fe (MpKsl28ec18fe) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl352cd58a.sys (.not file.) - MpKsl352cd58a (MpKsl352cd58a) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl35550c6f.sys (.not file.) - MpKsl35550c6f (MpKsl35550c6f) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl35e1d653.sys (.not file.) - MpKsl35e1d653 (MpKsl35e1d653) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl39f69be0.sys (.not file.) - MpKsl39f69be0 (MpKsl39f69be0) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl40a7cbcc.sys (.not file.) - MpKsl40a7cbcc (MpKsl40a7cbcc) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl41929ba9.sys (.not file.) - MpKsl41929ba9 (MpKsl41929ba9) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl492050ae.sys (.not file.) - MpKsl492050ae (MpKsl492050ae) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl4b6067aa.sys (.not file.) - MpKsl4b6067aa (MpKsl4b6067aa) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl4c27d6fd.sys (.not file.) - MpKsl4c27d6fd (MpKsl4c27d6fd) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl4ceed522.sys (.not file.) - MpKsl4ceed522 (MpKsl4ceed522) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl4d198d82.sys (.not file.) - MpKsl4d198d82 (MpKsl4d198d82) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl4d692fbf.sys (.not file.) - MpKsl4d692fbf (MpKsl4d692fbf) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl510fcfbf.sys (.not file.) - MpKsl510fcfbf (MpKsl510fcfbf) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl53b4e627.sys (.not file.) - MpKsl53b4e627 (MpKsl53b4e627) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl54c15dfc.sys (.not file.) - MpKsl54c15dfc (MpKsl54c15dfc) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl56b28493.sys (.not file.) - MpKsl56b28493 (MpKsl56b28493) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl66d70268.sys (.not file.) - MpKsl66d70268 (MpKsl66d70268) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl7c06a767.sys (.not file.) - MpKsl7c06a767 (MpKsl7c06a767) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl7ede6cc2.sys (.not file.) - MpKsl7ede6cc2 (MpKsl7ede6cc2) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsl81eff7e2.sys (.not file.) - MpKsl81eff7e2 (MpKsl81eff7e2) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl8a4991a6.sys (.not file.) - MpKsl8a4991a6 (MpKsl8a4991a6) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl8affb05a.sys (.not file.) - MpKsl8affb05a (MpKsl8affb05a) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl8d368865.sys (.not file.) - MpKsl8d368865 (MpKsl8d368865) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl8d6979d2.sys (.not file.) - MpKsl8d6979d2 (MpKsl8d6979d2) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKsl8d7076d3.sys (.not file.) - MpKsl8d7076d3 (MpKsl8d7076d3) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsl8d856cfe.sys (.not file.) - MpKsl8d856cfe (MpKsl8d856cfe) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl8e53df2b.sys (.not file.) - MpKsl8e53df2b (MpKsl8e53df2b) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl908f4d75.sys (.not file.) - MpKsl908f4d75 (MpKsl908f4d75) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKsl92530325.sys (.not file.) - MpKsl92530325 (MpKsl92530325) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl9767687a.sys (.not file.) - MpKsl9767687a (MpKsl9767687a) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsl9c2b1860.sys (.not file.) - MpKsl9c2b1860 (MpKsl9c2b1860) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsl9f538db5.sys (.not file.) - MpKsl9f538db5 (MpKsl9f538db5) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsl9fb71f9c.sys (.not file.) - MpKsl9fb71f9c (MpKsl9fb71f9c) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsla34cbd7d.sys (.not file.) - MpKsla34cbd7d (MpKsla34cbd7d) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsla3833ed8.sys (.not file.) - MpKsla3833ed8 (MpKsla3833ed8) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsla47f878d.sys (.not file.) - MpKsla47f878d (MpKsla47f878d) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKsla50a8d4b.sys (.not file.) - MpKsla50a8d4b (MpKsla50a8d4b) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsla68bdd13.sys (.not file.) - MpKsla68bdd13 (MpKsla68bdd13) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsla7179e0b.sys (.not file.) - MpKsla7179e0b (MpKsla7179e0b) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKsla8a0532f.sys (.not file.) - MpKsla8a0532f (MpKsla8a0532f) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsla9844c27.sys (.not file.) - MpKsla9844c27 (MpKsla9844c27) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKslad02c76f.sys (.not file.) - MpKslad02c76f (MpKslad02c76f) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslae56d262.sys (.not file.) - MpKslae56d262 (MpKslae56d262) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslafc78c99.sys (.not file.) - MpKslafc78c99 (MpKslafc78c99) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKslb03a05c3.sys (.not file.) - MpKslb03a05c3 (MpKslb03a05c3) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKslb0663980.sys (.not file.) - MpKslb0663980 (MpKslb0663980) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslb08519cc.sys (.not file.) - MpKslb08519cc (MpKslb08519cc) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslb108da77.sys (.not file.) - MpKslb108da77 (MpKslb108da77) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslb60eed5e.sys (.not file.) - MpKslb60eed5e (MpKslb60eed5e) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslbda6b9be.sys (.not file.) - MpKslbda6b9be (MpKslbda6b9be) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{35B528E3-A868-4CDF-B124-79482778708A}\MpKslc02090f3.sys (.not file.) - MpKslc02090f3 (MpKslc02090f3) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslc27a997c.sys (.not file.) - MpKslc27a997c (MpKslc27a997c) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslc2ffa6e4.sys (.not file.) - MpKslc2ffa6e4 (MpKslc2ffa6e4) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslc3e8dfd1.sys (.not file.) - MpKslc3e8dfd1 (MpKslc3e8dfd1) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKslc8543c5d.sys (.not file.) - MpKslc8543c5d (MpKslc8543c5d) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslc8c05f85.sys (.not file.) - MpKslc8c05f85 (MpKslc8c05f85) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKslc9305c8f.sys (.not file.) - MpKslc9305c8f (MpKslc9305c8f) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKslc9ce08ac.sys (.not file.) - MpKslc9ce08ac (MpKslc9ce08ac) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslc9d5ac8b.sys (.not file.) - MpKslc9d5ac8b (MpKslc9d5ac8b) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKslca1126a0.sys (.not file.) - MpKslca1126a0 (MpKslca1126a0) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8C156D5-5428-4AEF-9762-9D0CE3570682}\MpKslcb1c75c7.sys (.not file.) - MpKslcb1c75c7 (MpKslcb1c75c7) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKslcfe67d01.sys (.not file.) - MpKslcfe67d01 (MpKslcfe67d01) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKsld137de9d.sys (.not file.) - MpKsld137de9d (MpKsld137de9d) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsld46cfdd0.sys (.not file.) - MpKsld46cfdd0 (MpKsld46cfdd0) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsld89bbe27.sys (.not file.) - MpKsld89bbe27 (MpKsld89bbe27) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle04d0bbc.sys (.not file.) - MpKsle04d0bbc (MpKsle04d0bbc) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3267882F-FEC5-4F55-829A-C6EA67A45E3E}\MpKsle1116699.sys (.not file.) - MpKsle1116699 (MpKsle1116699) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle2aa727c.sys (.not file.) - MpKsle2aa727c (MpKsle2aa727c) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle34ceecc.sys (.not file.) - MpKsle34ceecc (MpKsle34ceecc) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle381b84e.sys (.not file.) - MpKsle381b84e (MpKsle381b84e) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKsle8d8956c.sys (.not file.) - MpKsle8d8956c (MpKsle8d8956c) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB4CC749-6EB8-42C8-8281-61DE4A832A25}\MpKsle978735e.sys (.not file.) - MpKsle978735e (MpKsle978735e) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslecf6d442.sys (.not file.) - MpKslecf6d442 (MpKslecf6d442) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslf061a0cb.sys (.not file.) - MpKslf061a0cb (MpKslf061a0cb) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslf1768dc2.sys (.not file.) - MpKslf1768dc2 (MpKslf1768dc2) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0933A98D-1916-4EA4-A4BB-D4D02C17CBCA}\MpKslf4b3f681.sys (.not file.) - MpKslf4b3f681 (MpKslf4b3f681) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD166D33-8C92-43D1-9852-BC005C8BBA2D}\MpKslf607f03d.sys (.not file.) - MpKslf607f03d (MpKslf607f03d) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{213D45CF-9B1E-43C2-87D8-EB561120FF56}\MpKslff2648c7.sys (.not file.) - MpKslff2648c7 (MpKslff2648c7) .(...) - L O64 - Services: CurCS - 13/04/2007 - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe - NBService(NBService) .(.Nero AG - Nero BackItUp.) - LEGACY_NBSERVICE O64 - Services: CurCS - 08/05/2007 - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe - NMIndexingService(NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - 18/12/2008 - C:\WINDOWS\system32\drivers\PCTAppEvent.sys - PCTAppEvent Driver(PCTAppEvent) .(.PC Tools - PC Tools App Monitor Driver.) - LEGACY_PCTAPPEVENT O64 - Services: CurCS - 11/12/2008 - C:\WINDOWS\system32\drivers\pctgntdi.sys - pctgntdi(pctgntdi) .(.PC Tools - PC Tools Generic TDI Driver.) - LEGACY_PCTGNTDI O64 - Services: CurCS - 11/12/2008 - C:\Program Files\PC Tools Firewall Plus\FWService.exe - PC Tools Firewall Plus(PCToolsFirewallPlus) .(.PC Tools - PC Tools Firewall Plus service.) - LEGACY_PCTOOLSFIREWALLPLUS O64 - Services: CurCS - 21/01/2009 - C:\WINDOWS\system32\drivers\pctplfw.sys - pctplfw(pctplfw) .(.PC Tools - PC Tools FW Plugin Driver.) - LEGACY_PCTPLFW O64 - Services: CurCS - 07/05/2006 - C:\WINDOWS\system32\Drivers\SENTINEL.sys - Sentinel(Sentinel) .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL O64 - Services: CurCS - 14/03/2006 - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe - Sentinel Protection Server(SentinelProtectionServer) .(.SafeNet, Inc - Pas de description.) - LEGACY_SENTINELPROTECTI O64 - Services: CurCS - 09/11/2008 - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - Yahoo! Updater(YahooAUService) .(.Yahoo! Inc. - AutoUpater Service Module.) - LEGACY_YAHOOAUSERVICE ~ Scan Services in 00mn 13s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 01s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {3C6BAD96-3820-46A3-875B-7672804164B9} - (Yahoo!) - Yahoo! Search - Recherche Web O69 - SBI: SearchScopes [HKCU] {C2159092-EECD-4258-9743-5DFE241ADCF5} - (Flickr) - Welcome to Flickr - Photo Sharing O69 - SBI: SearchScopes [HKCU] {D85032BB-2246-4B2B-B87B-8158DD384938} - (eBay) - eBay O69 - SBI: SearchScopes [HKCU] {E349F102-4357-4AB5-A163-68914619D1C0} [DefaultScope] - (PC Astuces) - PC Astuces : Aide Informatique ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF][11/03/2011] (...) -- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF][11/03/2011] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Application Data\pcouffin.sys [47360] [MD5.505D1071D5D6E0C6FF60280772531124] [sPRF][26/06/2010] (...) -- C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\AC13-3259-HOTFIX4-WIN64.exe [45260] [MD5.52B0B80DC2057C63832157A09EB2D705] [sPRF][09/06/2008] (.Softland - doPDF 6 printer Setup.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\dopdf.exe [1493504] [MD5.FE82548CCC0004B9DBD0153EF0E90A30] [sPRF][22/07/2010] (.PC Drivers HeadQuarters - This installer database contains the logic and data required t.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\DriverDetective.exe [1045320] [MD5.63AEB09CA13CEE8CFF8AFA827C73A665] [sPRF][21/07/2010] (...) -- C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\ie8-setup-fr-xp.exe [113115] [MD5.FE37F318F46E21FBA5777E23A57D1F90] [sPRF][28/02/2011] (.Microsoft Corporation - MSE Package.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\mseinstall.exe [8134272] [MD5.D2EB455AEB7F27F3029A023E19FCCBEB] [sPRF][16/11/2010] (.Microsoft Corporation - Microsoft Windows Malicious Software Removal Tool (KB890830) - Setup Self-Extracting Cabinet.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\outil-de-suppression-d [MD5.62232DBA79A8882F26913D0473FF5EC2] [sPRF][19/02/2011] (.Wondershare Software - Wondershare Streaming Audio Recorder Setup.) -- C:\Documents and Settings\HUEDAKOR Anoumou\Bureau\streaming-audio-recorder_full383.exe [5779879] [MD5.0CD50475286B21AD0F214F463D57BBCB] [sPRF][02/11/2010] (.Microsoft Corporation - Outil de suppression de logiciels malveillants Microsoft Windows.) -- C:\Program Files\mrt.exe [35758536] [MD5.86C805CBE67592BC50C478F64D115720] [sPRF][02/11/2010] (.Microsoft Corporation - Malicious Software Removal Tool Update Stub.) -- C:\Program Files\mrtstub.exe [82376] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][20/03/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][20/03/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608] [MD5.61FB16B6016BCC9AA42E02F787DC87FC] [sPRF][26/01/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1955384] [MD5.55A78B0E5AE741DDE96E2D9345602F5F] [sPRF][14/02/2003] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropENU.dll [114848] [MD5.D5C3D1D685BF3350D2AB6AFBCA0757AA] [sPRF][13/03/2003] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropFRA.dll [114600] [MD5.1245E33C050E61191059EAA33D9CE6C9] [sPRF][20/03/2006] (.Macrovision Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [484272] [MD5.842B2C495E82BBD698C92A87170EEBC5] [sPRF][19/08/2009] (.Microsoft® Corporation - Windows Live Photo Upload Tool.) -- C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll [829288] [MD5.03F57E8A00774D831926DAC89B21BB2D] [sPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\WINDOWS\Downloaded Program Files\PURen-us.dll [117088] [MD5.732CACA8E848F6E721B093E51FC50B1D] [sPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\WINDOWS\Downloaded Program Files\PURfr-fr.dll [110592] ~ Scan Files in 00mn 04s ---\\ Recherche d'infection Rogue (O86) C:\Program Files\Acad2000 [MD5.A42CE126250F317ACA143DCD84AE56F8] [sRI] (.Autodesk, Inc. - AutoCAD Application.) -- C:\Program Files\Acad2000\acad.exe [6868992] [MD5.3CA4B063D0D1905625DF25E5DA6E3658] [sRI] (...) -- C:\Program Files\Acad2000\acadaut.reg [53479] [MD5.4219DE140B1290595FC891BF510AE616] [sRI] (...) -- C:\Program Files\Acad2000\acadbtn.dll [315392] [MD5.6EF6F38EB299801610BE67FAAD23CCEA] [sRI] (.Pas de propriétaire - AcadInet DLL.) -- C:\Program Files\Acad2000\acadinet.dll [118784] [MD5.5ACD31E364A8609C73A03B752EA046EF] [sRI] (...) -- C:\Program Files\Acad2000\acadres.dll [1286144] [MD5.BA796267EAF246C659448A22095DBAEC] [sRI] (.Stingray Software Inc. - Objective Studio Common DLL - Release Ver..) -- C:\Program Files\Acad2000\AcDcCom.dll [167936] [MD5.445647F3F2B8D22B0306F2009ECD9441] [sRI] (.ClassWorks - ObjGrid DLL Shared Library - Release Version.) -- C:\Program Files\Acad2000\acdcgrid.dll [1171456] [MD5.050449FE15308BE6EDBC8B4013D22E20] [sRI] (.Stingray Software Inc. - Objective Toolkit DLL - Release Ver..) -- C:\Program Files\Acad2000\acdcman.dll [663552] [MD5.DD90DE6BF9BFE2B7E6D5FB96C399020C] [sRI] (...) -- C:\Program Files\Acad2000\acDcUtils.dll [143360] [MD5.F94B34041555A8F55579073628CAD5E4] [sRI] (...) -- C:\Program Files\Acad2000\acgs.dll [401408] [MD5.BF556254F9815131DCF05A824CA1AAF4] [sRI] (.Autodesk - ACLBED.) -- C:\Program Files\Acad2000\aclbed.dll [110592] [MD5.75E395E8FD519BECCABAC9A19E30EB23] [sRI] (...) -- C:\Program Files\Acad2000\acspl15.dll [175104] [MD5.3C9376324AE06F3F94AC3B62E82E9900] [sRI] (.Autodesk, Inc. - The Ultimate Software Machine.) -- C:\Program Files\Acad2000\actusm.dll [115920] [MD5.AB9010D7879743EFE39C0DDFFAA8771B] [sRI] (...) -- C:\Program Files\Acad2000\actusma.dll [3432448] [MD5.1EA0F71D28B5FB3AC06152D66988BF7B] [sRI] (.Pas de propriétaire - AcUi DLL.) -- C:\Program Files\Acad2000\acui15.dll [131072] [MD5.8E97AAD1BCAD95227680DA469D9D4EB1] [sRI] (.Pas de propriétaire - ADCTRLS DLL.) -- C:\Program Files\Acad2000\adctrls.dll [94208] [MD5.BBF7819F82D2F7B211AC77F0ABA55770] [sRI] (.Autodesk, Inc. - Autodesk Hardcopy Add-A-Plotter Wizard.) -- C:\Program Files\Acad2000\addplwiz.exe [200704] [MD5.CC1E478135BF31C96D350337928150FA] [sRI] (...) -- C:\Program Files\Acad2000\adesksys.dll [90112] [MD5.6F3D1EBB281E2B4E50FFF2CBC7678ACB] [sRI] (.Pas de propriétaire - adui DLL.) -- C:\Program Files\Acad2000\adui15.dll [188416] [MD5.24972B0C46D746E58C99ED1B329E8B21] [sRI] (.Pas de propriétaire - Autodesk Hidden Line Husk DLL base 19.) -- C:\Program Files\Acad2000\ahl42.dll [471040] [MD5.352CA5E18843C56E8167090D7BA8524C] [sRI] (.Autodesk, Inc. - Autodesk Hardcopy Error-Handler DLL.) -- C:\Program Files\Acad2000\apperr.dll [32768] [MD5.E0E66E091030FA5D9A2929D53A98362C] [sRI] (.Autodesk Inc. - AseLoc DLL.) -- C:\Program Files\Acad2000\aseloc.dll [196608] [MD5.B85D4245BA55ECB9BEC4E6A295D0414D] [sRI] (.Autodesk, Inc. - AsilLoc.) -- C:\Program Files\Acad2000\asilloc.dll [12288] [MD5.3406A5C1AD8649A8F6D070AE96989C3A] [sRI] (.Autodesk, Inc. - AsiLoc.) -- C:\Program Files\Acad2000\asiloc.dll [49152] ~ Scan Files in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 8606 - (09/08/2011) Clés trouvées (Keys found) : 17 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKLM\Software\MozillaPlugins\@viewpoint.com/VMP] =>Adware.MetaStream [HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare [HKLM\Software\Classes\axmetastream.metastreamctl] =>Adware.MetaStream [HKLM\Software\Classes\axmetastream.metastreamctl.1] =>Adware.MetaStream [HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary] =>Adware.MetaStream [HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1] =>Adware.MetaStream [HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream [HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream [HKLM\Software\Classes\TypeLib\{9dbb28c1-1925-11d3-a498-00104b6eb52e}] =>Adware.MetaStream [HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare [HKCU\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\MetaStream] =>Adware.MetaStream [HKCU\Software\PopCap] =>Adware.PopCap [HKLM\Software\PopCap] =>Adware.PopCap [HKCU\Software\Totem] =>Adware.VirtualGirl [HKLM\Software\Totem] =>Adware.VirtualGirl C:\Program Files\Viewpoint =>Adware.MetaStream ~ Scan Additionnel in 00mn 28s ---\\ Recherche détournement de DNS routeur (O89) Serveur : UnKnown Address: 127.0.0.1 ~ Scan DNS in 00mn 04s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 11/10/2011 68096 | (Adobe LM Service) . (...) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe SS - | Auto 11/10/2011 1372160 | (ArcGIS License Manager) . (.Macrovision Corporation.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe SR - | Auto 11/10/2011 54784 | (C-DillaCdaC11BA) . (.Macrovision.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe SS - | Demand 11/10/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Demand 11/10/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe SR - | Auto 11/10/2011 1550896 | C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (InCDsrv) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe SR - | Auto 11/10/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SS - | Demand 11/10/2011 792112 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe SS - | Demand 11/10/2011 271920 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe SR - | Auto 11/10/2011 146800 | (PCToolsFirewallPlus) . (.PC Tools.) - C:\Program Files\PC Tools Firewall Plus\FWService.exe SR - | Auto 11/10/2011 206400 | (SentinelProtectionServer) . (.SafeNet, Inc.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe SR - | Auto 11/10/2011 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe ~ Scan Services in 00mn 07s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 00mn 14s End of the scan (1423 lines in 09mn 19s)(0)

Merci Pear Je m'entraine et je fais beaucoup de recherches pour devenir Helper et aider aussi les autres. Je viens d'apprendre encore autre chose. Merci à tous. Rapport de ZHPFix 1.12.3336 par Nicolas Coolman, Update du 07/07/2011 Fichier d'export Registre : C:\ZHPExportRegistry-23-08-2011-12-52-58.txt Run by dranoel at 23/08/2011 12:52:58 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Elément(s) de donnée du Registre ========== SUPPRIME Explorer Association Data Application: File extension redirect SUPPRIME Explorer Association Data Intl: File extension redirect SUPPRIME Explorer Association Data XMLLookup: File extension redirect ========== Récapitulatif ========== 3 : Elément(s) de donnée du Registre ========== Chemin du fichier rapport ========== C:\Program Files\ZHPFix\ZHPFixReport.txt End of the scan in 00mn 00s

Bonjour à tous J'ai un PC infecté. J'ai fait un diagnostic. j'ai une infection BT. J'ai eu un écran bleu aussi tout à l'heure. Aidez moi à enlever cette infection. Merci Rapport de ZHPDiag v1.27.2347 par Nicolas Coolman, Update du 24/06/2011 Run by dranoel at 22/08/2011 09:56:44 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 6.0 v (Defaut) ---\\ System Information Windows XP Professional Service Pack 3 (Build 2600) Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2038 MB (71% free) System Restore: Activé (Enable) System drive C: has 5 GB (13%) free of 37 GB ---\\ Logged in mode Computer Name: TOPO-ADA User Name: dranoel All Users Names: SUPPORT_388945a0, HelpAssistant, DGCC, ASPNET, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\dranoel\Application Data %LocalAppData%=C:\Documents and Settings\dranoel\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\dranoel\Menu Démarrer ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 37 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 37 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: Modified ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.23/06/2011 18:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 11:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 4/21 ~ Mes musiques (My Musics) : 3/18 ~ Mes Favoris (My Favorites) : 2/7 ~ Mes Documents (My Documents) : 59/2046 ~ Mon Bureau (My Desktop) : 0/127 ~ Menu demarrer (Programs) : 5/37 ~ Dossier utilisateur (AppData) : 11/1223 ---\\ Processus lancés [MD5.CFCE43B70CA0CC4DCC8ADB62B792B173] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [MD5.9BDBDA21D3BA8E374FD06A405BE10215] - (.Macrovision - Macrovision RTS Service.) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE [54784] [MD5.CC0ACA87C80A1CFD548A0E729C6A7D0F] - (.Macrovision Corporation - Pas de description.) -- C:\Program Files\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe [630272] [MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [MD5.ACCDF944417FCE3B9BDDFC197C704A27] - (.SafeNet, Inc - Pas de description.) -- C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400] [MD5.B89243276E454FD07EB0E0FBC43ACF3B] - (...) -- C:\Program Files\Leica Geosystems\Shared\Bin\NTx86\ERDAS.exe [888832] [MD5.5A7A792D32CC1126F9D80B8D4653C723] - (...) -- C:\Program Files\USBAntiVirus\USBAntiVirus.exe [488448] [MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152] [MD5.2BAD84B393AF47006D80BA2F03B18029] - (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [213936] [MD5.5184D4364FB9CDD81469475EB60CD2D1] - (...) -- C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\mpm.exe [102400] [MD5.4C4CA68CB5A9797A20D00CDCFC7C0266] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [178712] [MD5.34D7282BFAF1A0A7E2B95EAE301426FB] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [150040] [MD5.85AAC6A5EBC8537B26B3653C9883F76C] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [MD5.74FB5DF79003A2FC4397719200F9ED50] - (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33587200] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.0B48230165E5E02BF7ED9DDD71FE7B28] - (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.EXE [2918576] [MD5.CFE5228556C93D03D6753E7953CCD4A9] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [217194] [MD5.8BBC035425B2C406F74C9F643926FA37] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor (CUE).) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [241664] [MD5.2FE253973433442C2CB234FB2BC4BF29] - (.WinZip Computing, Inc. - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE [106560] [MD5.52975DA6CA9AA2323CAFFEB494B4D167] - (.Hewlett-Packard Co. - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe [520192] [MD5.9C492FEC0D62844ADFA1FD910F0AF3B8] - (.Microsoft Corporation - Microsoft Tablet PC Component.) -- C:\WINDOWS\system32\WISPTIS.EXE [293376] [MD5.16B28217497C9F1A70CA0A0D53FA04AC] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [893440] [MD5.F368CC5ABDBCBBCBD1035CB2C0248E41] - (.Pas de propriétaire - SBUpdate Module.) -- C:\Program Files\Fichiers communs\Speedbit\SbUpdate\SBUpdate.exe [92320] [MD5.9205217294F9F1A182D371D666B66B58] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZebHelpProcess\ZHPDiag.exe [661504] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\dranoel\Application Data\Mozilla\Firefox\Profiles\r30wxbsw.default\prefs.js M3 - MFPP: Plugins - [dranoel] -- C:\Documents and Settings\dranoel\Application Data\Mozilla\Firefox\Profiles\r30wxbsw.default\searchplugins\speedbit.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll M0 - MFSP: prefs.js [dranoel - r30wxbsw.default] http://home.speedbit.com/?aff=205 ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} . (.SpeedBit Ltd. - Download Accelerator Plus (DAP) MSIE Loader.) -- C:\PROGRA~1\DAP\DAPIEL~1.DLL ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [uSBAntiVirus.exe] . (...) -- C:\Program Files\USBAntiVirus\USBAntiVirus.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iSUSPM] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe O4 - HKLM\..\Run: [HPWS myPrintMileage Agent] . (...) -- C:\Program Files\Hewlett-Packard\HP Deskjet 1280\Toolbox\mpm.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [HDAudDeck] . (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk . (.WinZip Computing, Inc..) -- C:\Program Files\WinZip\WZQKPICK.EXE ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Distiller 6.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Distiller_PFM.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Acrobat 6.0 Professional.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Acrobat_PFM_1.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ImageReady CS.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Photoshop CS\ImageReady.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop CS\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\HD ADeck.lnk . (.VIA Technologies, Inc..) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Reader.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Reader\msreader.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\FREETOPO.LNK . (.FreeTopo.) -- C:\Program Files\freetopo\Freetopo.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Clean Traces . (...) -- C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP . (...) -- C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP . (...) -- C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{6F043506-99CE-4B4F-9748-1EF79B3A8648}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS1\Services\Tcpip\..\{9E790AB1-AC78-4F9B-9885-4C532E6EE883}: NameServer = 10.10.1.100 O17 - HKLM\System\CS2\Services\Tcpip\..\{6F043506-99CE-4B4F-9748-1EF79B3A8648}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS3\Services\Tcpip\..\{6F043506-99CE-4B4F-9748-1EF79B3A8648}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Lome.dgcc-togo.com ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} . (.Hewlett-Packard Company - HPCETIUI Protocol Handler Module.) -- C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ArcGIS License Manager (ArcGIS License Manager) . (.Macrovision Corporation - Pas de description.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) . (.Macrovision - Macrovision RTS Service.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe O23 - Service: ERDAS (ERDAS) . (.Macrovision Corporation - Pas de description.) - C:\Program Files\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) . (.SafeNet, Inc - Pas de description.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SBWUpdateTask_Logon_789002fa-001966E457C0.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SBWUpdateTask_Time_789002fa-001966E457C0.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F368CC5ABDBCBBCBD1035CB2C0248E41] [APT] [sBWUpdateTask_Logon_789002fa-001966E457C0] (...) -- C:\Program Files\Fichiers communs\Speedbit\SbUpdate\SBUpdate.exe [MD5.F368CC5ABDBCBBCBD1035CB2C0248E41] [APT] [sBWUpdateTask_Time_789002fa-001966E457C0] (...) -- C:\Program Files\Fichiers communs\Speedbit\SbUpdate\SBUpdate.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (dwvkbd) . (.DameWare - DameWare Virtual Keyboard Driver.) - C:\WINDOWS\System32\DRIVERS\dwvkbd.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\WINDOWS\System32\DRIVERS\MpFilter.sys O41 - Driver: (MpKsl0d2b9455) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{02468352-8909-4261-B0FA-E27810F51C64}\MpKsl0d2b9455.sys (.not file.) O41 - Driver: (MpKsla86caf1d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CAF7C10-24B9-4A82-B807-21C094BADCE7}\MpKsla86caf1d.sys (.not file.) O41 - Driver: (MpKsld701d1dc) . (.Microsoft Corporation - KSLDriver.) - C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D57A60DE-C4C0-46CA-8A5E-A8DBF1362797}\MpKsld701d1dc.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (eeCtrl) . (. - .) - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys (.not file.) O41 - Driver: (SPBBCDrv) . (. - .) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys (.not file.) ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Acrobat 6.0.1 Professional - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-0000-7760-000000000001} O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {1618734A-3957-4ADD-8199-F973763109A8} O42 - Logiciel: Adobe Atmosphere Player for Acrobat and Adobe Reader - (.Pas de propriétaire.) [HKLM] -- Adobe Atmosphere Player O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {83877DB1-8B77-45BC-AB43-2BAC22E093E0} O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {94D398EB-D2FD-4FD1-B8C4-592635E8A191} O42 - Logiciel: Adobe CSI CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0F723FC1-7606-4867-866C-CE80AD292DAF} O42 - Logiciel: Adobe Color EU Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} O42 - Logiciel: Adobe Color JA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0D6013AB-A0C7-41DC-973C-E93129C9A29F} O42 - Logiciel: Adobe Color NA Recommended Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {00ADFB20-AE75-46F4-AD2C-F48B15AC3100} O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {C52E3EC1-048C-45E1-8D53-10B0C6509683} O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F8EF2B3F-C345-4F20-8FE4-791A20333CD5} O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {054EFA56-2AC1-48F4-A883-0AB89874B972} O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} O42 - Logiciel: Adobe Illustrator CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_2a31ae7a5c43ff52d8577782dd34e04 O42 - Logiciel: Adobe Illustrator CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {87532CAB-7932-4F84-8937-823337622807} O42 - Logiciel: Adobe Linguistics CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {931AB7EA-3656-4BB7-864D-022B09E3DD67} O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM] -- {BB4E33EC-8181-4685-96F7-8554293DEC6A} O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F93C84A6-0DC6-42AF-89FA-776F7C377353} O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC} O42 - Logiciel: Adobe Reader X (10.1.0) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Adobe Search for Help - (.Adobe Systems Incorporated.) [HKLM] -- {F0E64E2E-3A60-40D8-A55D-92F6831875DA} O42 - Logiciel: Adobe Service Manager Extension - (.Adobe Systems Incorporated.) [HKLM] -- {4943EFF5-229F-435D-BEA9-BE3CAEA783A7} O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D} O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {820D3F45-F6EE-4AAF-81EF-CE21FF21D230} O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {05308C4E-7285-4066-BAE3-6B50DA6ED755} O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3A4E8896-C2E7-4084-A4A4-B8FD1894E739} O42 - Logiciel: AdobeColorCommonSetCMYK - (.Adobe Systems Incorporated.) [HKLM] -- {68243FF8-83CA-466B-B2B8-9F99DA5479C4} O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4} O42 - Logiciel: ArcGIS ArcInfo Workstation - (.Environmental Systems Research Institute, Inc..) [HKLM] -- {2B0AEAE7-6EF2-4642-8F95-DDBC9B72721D} O42 - Logiciel: ArcGIS Desktop - (.Environmental Systems Research Institute, Inc..) [HKLM] -- ArcGIS Desktop O42 - Logiciel: ArcGIS License Manager - (.Pas de propriétaire.) [HKLM] -- ArcGIS License Manager O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: AutoCAD 2004 - (.Autodesk.) [HKLM] -- {5783F2D7-0201-040C-0002-0060B0CE6BBA} O42 - Logiciel: Autodesk Express Viewer - (.Autodesk, Inc..) [HKLM] -- Autodesk Express Viewer O42 - Logiciel: AxCrypt 1.7.2610.0 - (.Axantum Software AB.) [HKLM] -- {0891107F-44EF-4E89-B7DE-9FC19FBF250F} O42 - Logiciel: CASIO FA-124 - (.CASIO COMPUTER CO., LTD..) [HKLM] -- {FB47E710-6249-4EFA-BE36-E922B0612AF4} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Client Activator 7.1 - English - (.Pas de propriétaire.) [HKLM] -- Rainbow Client Activator 7.1 English O42 - Logiciel: Complex TOPO - (.Pas de propriétaire.) [HKCU] -- Complex TOPOTOPO O42 - Logiciel: Connect - (.Adobe Systems Incorporated.) [HKLM] -- {B29AD377-CC12-490A-A480-1452337C618D} O42 - Logiciel: Convers - (.Pas de propriétaire.) [HKCU] -- Convers O42 - Logiciel: Covadis Topo 2004 - (.Pas de propriétaire.) [HKLM] -- Covadis Topo 2004 O42 - Logiciel: DataLink DL01 v2.0 - (.Pas de propriétaire.) [HKLM] -- {24204140-0A0B-11D4-A0FA-0080C845E265} O42 - Logiciel: Download Accelerator Plus (DAP) - (.Speedbit Ltd..) [HKLM] -- Download Accelerator Plus (DAP) O42 - Logiciel: Désinstalleur HP LaserJet 1200 - (.Pas de propriétaire.) [HKLM] -- HP LaserJet 1200 Uninstaller O42 - Logiciel: ECW Compressor 2.2 - (.Pas de propriétaire.) [HKLM] -- ECW Compressor 2.2 O42 - Logiciel: ERDAS IMAGINE 9.1 - (.Leica Geosystems Geospatial Imaging, LLC.) [HKLM] -- {AC884A85-6A98-4E03-A708-431E1F1682FA} O42 - Logiciel: EasyRecovery Professional - (.Ontrack Data International, Inc..) [HKLM] -- InstallShield_{A8BB9906-E618-406A-B161-7383AFF46C39} O42 - Logiciel: FREETOPO - (.Pas de propriétaire.) [HKLM] -- ST4UNST #1 O42 - Logiciel: Garmin Trip and Waypoint Manager v5 - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {414A373B-59DF-4102-94CA-9FE9A74CBDDA} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: HP Deskjet 1280 - (.Hewlett-Packard.) [HKLM] -- {EE074561-3C0A-4B6A-B4A5-09CD69E1DDF0} O42 - Logiciel: HP Image Zone 4.0 - (.HP.) [HKLM] -- HP Photo & Imaging O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP OCR Software 9.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {EB21A812-671B-4D08-B974-2A347F0D8F70} O42 - Logiciel: HP Scanjet 3770 - (.HP.) [HKLM] -- {7CFD1028-F6C9-4b3c-BD20-51D56E7C7C8D} O42 - Logiciel: HP Scanjet G2710 9.0 - (.HP.) [HKLM] -- {F4158BB4-98FA-4ad5-A0FE-3913A0714A44} O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {8C6027FD-53DC-446D-BB75-CACD7028A134} O42 - Logiciel: IDRISI 15 The Andes Edition - (.Clark Labs / Clark University.) [HKLM] -- IDRISI 15 The Andes Edition O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Java 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Malwarebytes' RogueRemover - (.Malwarebytes.) [HKLM] -- Malwarebytes' RogueRemover FREE_is1 O42 - Logiciel: MapInfo Professional 7.8 - (.MapInfo Corporation.) [HKLM] -- {CD9B92AD-F5F8-4C4D-9341-4D9B1BD5A8C0} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Reader - (.Pas de propriétaire.) [HKLM] -- {B6F7DBE7-2FE2-458F-A738-B10832746036} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Mozilla Firefox 6.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0 (x86 fr) O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {9B4E6CB9-E54D-47F7-A414-E2D5740E1036} O42 - Logiciel: PDF Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {35D94F92-1D3A-43C5-8605-EA268B1A7BD9} O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (12/06/2005 2.4.0) - (.MobileTop.) [HKLM] -- 6F20211A07D2A216859CBC3248BDE3B338E543E0 O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (12/06/2005 2.4.0) - (.MobileTop.) [HKLM] -- 09DA5A1E4E89D27A472F4075BFB98DE53AFE5769 O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM] -- {CC75AB5C-2110-4A7F-AF52-708680D22FE8} O42 - Logiciel: Python 2.5 numpy-1.0.3 - (.Pas de propriétaire.) [HKLM] -- Python 2.5 numpy-1.0.3 O42 - Logiciel: Python 2.5.1 - (.Pas de propriétaire.) [HKLM] -- Python 2.5.1 O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525} O42 - Logiciel: Readiris Pro 9 - (.Pas de propriétaire.) [HKLM] -- {3CA9D105-113C-11D8-AB3E-000102B0F79A} O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem O42 - Logiciel: SafeCast Shared Components - (.Macrovision.) [HKLM] -- CdaC13Ba O42 - Logiciel: Samsung PC Studio 5 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {2B518DF9-4963-4AC7-9250-0EA6154D0AC6} O42 - Logiciel: Samsung USB Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {CDE7F960-BE39-4F9A-A1FF-3799C72CB705} O42 - Logiciel: Sentinel Protection Installer 7.2.2 - (.SafeNet, Inc..) [HKLM] -- {6DC0632A-A838-4B34-AC19-0FA18E1C533C} O42 - Logiciel: Sentinel System Driver - (.Pas de propriétaire.) [HKLM] -- Rainbow Sentinel Driver O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004} O42 - Logiciel: Stellarium 0.11.0 - (.Pas de propriétaire.) [HKLM] -- Stellarium_is1 O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {842B4B72-9E8F-4962-B3C1-1C422A5C4434} O42 - Logiciel: USB Drive AntiVirus 2.3 - (.USB AntiVirus.) [HKLM] -- USB Drive AntiVirus_is1 O42 - Logiciel: VIA Audio Driver Setup Program - (.Pas de propriétaire.) [HKLM] -- VIA Audio Driver Setup Program O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} O42 - Logiciel: VLC media player 1.0.0 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Vertical Mapper 2.6 - (.Pas de propriétaire.) [HKLM] -- {97042B20-E491-11D3-96D4-00105A111647} O42 - Logiciel: WinZip - (.WinZip Computing, Inc..) [HKLM] -- WinZip O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: ZebHelpProcess 2.49 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1 O42 - Logiciel: doPDF 6.0 printer - (.Softland.) [HKLM] -- doPDF 6 printer_is1 O42 - Logiciel: kuler - (.Adobe Systems Incorporated.) [HKLM] -- {098727E1-775A-4450-B573-3F441F1CA243} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\\ HKCU & HKLM Software Keys [HKCU\Software\3rd Eye Solutions] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Applications WinDev] [HKCU\Software\Autodesk] [HKCU\Software\Axantum] [HKCU\Software\CASIO] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ConversApi] [HKCU\Software\ESRI] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\FLEXlm License Manager] [HKCU\Software\Flock] [HKCU\Software\Garmin] [HKCU\Software\Google] [HKCU\Software\Géomédia] [HKCU\Software\Hewlett-Packard] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\Iris] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\METRISPENTAX] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MapInfo] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\Northwood] [HKCU\Software\ODBC] [HKCU\Software\ORL] [HKCU\Software\PC SOFT] [HKCU\Software\PcVision] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Rainbow Technologies] [HKCU\Software\SAMSUNG] [HKCU\Software\SOFTDEV +] [HKCU\Software\Softland] [HKCU\Software\Software FX, Inc.] [HKCU\Software\SpeedBit] [HKCU\Software\Symantec] [HKCU\Software\SystemSafe] [HKCU\Software\Usbfix] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WinZip Computing] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Audible] [HKLM\Software\Autodesk] [HKLM\Software\Axantum] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CLSYSTEM] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\ConversApi] [HKLM\Software\Convers] [HKLM\Software\Creative Tech] [HKLM\Software\DameWare Development] [HKLM\Software\ER Mapper] [HKLM\Software\ESRI] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\Erdas] [HKLM\Software\FLEXlm License Manager] [HKLM\Software\Garmin] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Géomédia] [HKLM\Software\Hewlett-Packard] [HKLM\Software\I.R.I.S.] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LEAD Technologies, Inc.] [HKLM\Software\Leica Geosystems] [HKLM\Software\Licenses] [HKLM\Software\Lidan] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MapInfo] [HKLM\Software\Metris] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Northwood] [HKLM\Software\Ntpad] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\Ontrack] [HKLM\Software\Policies] [HKLM\Software\Preclick] [HKLM\Software\Program Groups] [HKLM\Software\Python] [HKLM\Software\RTLSetup] [HKLM\Software\Rainbow Technologies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safe Software Inc.] [HKLM\Software\Safenet Sentinel] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Samsung] [HKLM\Software\Schlumberger] [HKLM\Software\Seagate Software] [HKLM\Software\Secure] [HKLM\Software\Softland] [HKLM\Software\Software FX, Inc.] [HKLM\Software\SpeedBit] [HKLM\Software\Symantec] [HKLM\Software\SystemSafe] [HKLM\Software\VIA Technologies, Inc.] [HKLM\Software\VIA Technologies, Inc] [HKLM\Software\Vantage Software Technologies] [HKLM\Software\Via4in1Driver] [HKLM\Software\VideoLAN] [HKLM\Software\WexTech Systems] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\callas software gmbh] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 20/08/2011 - 11:19:02 - [101040121] ----D- C:\Program Files\Ad-Remover O43 - CFD: 20/08/2011 - 13:18:58 - [1339000299] ----D- C:\Program Files\Adobe O43 - CFD: 11/08/2010 - 13:39:28 - [3997789] ----D- C:\Program Files\AnswerWorks 4.0 O43 - CFD: 13/08/2010 - 09:19:42 - [3233485883] ----D- C:\Program Files\ArcGIS O43 - CFD: 23/06/2011 - 17:11:50 - [180157647] ----D- C:\Program Files\AutoCAD 2004 O43 - CFD: 11/08/2010 - 13:44:20 - [6531164] ----D- C:\Program Files\Autodesk O43 - CFD: 12/08/2011 - 09:36:04 - [2459431] ----D- C:\Program Files\Axantum O43 - CFD: 11/02/2011 - 06:53:06 - [31420814] ----D- C:\Program Files\CADASTRO10 O43 - CFD: 01/09/2010 - 11:47:08 - [12574198] ----D- C:\Program Files\CASIO O43 - CFD: 09/12/2010 - 07:24:16 - [2913496] ----D- C:\Program Files\CCleaner O43 - CFD: 08/08/2011 - 18:02:28 - [23216552] ----D- C:\Program Files\Complex TOPO O43 - CFD: 11/08/2010 - 12:12:12 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 10/08/2011 - 11:51:08 - [18567218] ----D- C:\Program Files\DAP O43 - CFD: 29/12/2010 - 14:37:30 - [2916264] ----D- C:\Program Files\DIFX O43 - CFD: 11/08/2010 - 15:43:50 - [4976683] ----D- C:\Program Files\ER Mapper O43 - CFD: 13/08/2010 - 07:27:24 - [21171647] ----D- C:\Program Files\ESRI O43 - CFD: 13/08/2011 - 09:18:06 - [1053974932] ----D- C:\Program Files\Fichiers communs O43 - CFD: 01/03/2011 - 14:59:14 - [3248434] ----D- C:\Program Files\freetopo O43 - CFD: 30/06/2011 - 15:39:22 - [103804539] ----D- C:\Program Files\Google O43 - CFD: 11/08/2010 - 16:04:36 - [184447733] ----D- C:\Program Files\Géomédia O43 - CFD: 16/08/2010 - 15:50:38 - [38072785] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 12/08/2010 - 14:57:10 - [283376921] ----D- C:\Program Files\HP O43 - CFD: 19/08/2011 - 09:46:42 - [29745048] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 01/10/2010 - 16:00:48 - [64868] ----D- C:\Program Files\Intel O43 - CFD: 10/08/2011 - 07:12:44 - [4407912] ----D- C:\Program Files\Internet Explorer O43 - CFD: 13/08/2011 - 09:16:24 - [81169306] ----D- C:\Program Files\Java O43 - CFD: 14/01/2011 - 11:39:18 - [1246156649] ----D- C:\Program Files\Leica Geosystems O43 - CFD: 20/08/2011 - 13:48:54 - [6953648] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 11/08/2010 - 15:34:18 - [157028215] ----D- C:\Program Files\MapInfo O43 - CFD: 30/06/2011 - 04:12:38 - [2179165] ----D- C:\Program Files\Messenger O43 - CFD: 02/11/2010 - 09:55:02 - [1793087] ----D- C:\Program Files\Metris O43 - CFD: 11/08/2010 - 12:19:52 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 06/07/2011 - 15:28:12 - [416480492] ----D- C:\Program Files\Microsoft Office O43 - CFD: 19/08/2011 - 09:46:44 - [2694297] ----D- C:\Program Files\Microsoft Reader O43 - CFD: 03/08/2011 - 06:38:50 - [18407068] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 18/08/2010 - 13:43:04 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 18/08/2010 - 13:44:22 - [4368271] ----D- C:\Program Files\Microsoft Works O43 - CFD: 17/08/2010 - 07:31:50 - [315392] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 29/06/2011 - 20:31:36 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 18/08/2011 - 06:56:42 - [35667345] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 17/08/2010 - 08:43:42 - [29794014] ----D- C:\Program Files\MSECache O43 - CFD: 11/08/2010 - 12:10:46 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 11/08/2010 - 12:11:36 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 30/06/2011 - 11:39:48 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 20/09/2010 - 12:03:56 - [188429165] ----D- C:\Program Files\Nero O43 - CFD: 11/08/2010 - 12:15:24 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 11/08/2010 - 12:11:52 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 22/04/2011 - 09:55:06 - [54431688] ----D- C:\Program Files\Ontrack O43 - CFD: 29/06/2011 - 21:42:18 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 03/01/2011 - 10:18:52 - [51342610] ----D- C:\Program Files\Readiris Pro 9 O43 - CFD: 01/10/2010 - 16:09:06 - [1494644] ----D- C:\Program Files\Realtek O43 - CFD: 19/07/2011 - 09:28:34 - [1771847] ----D- C:\Program Files\RogueRemover FREE O43 - CFD: 13/08/2010 - 07:28:28 - [327659] ----D- C:\Program Files\SafeNet Sentinel O43 - CFD: 08/08/2011 - 14:34:10 - [158186322] ----D- C:\Program Files\Samsung O43 - CFD: 11/08/2010 - 15:34:18 - [1959852] ----D- C:\Program Files\Seagate Software O43 - CFD: 11/08/2010 - 12:16:08 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 26/10/2010 - 08:51:36 - [1293545] ----D- C:\Program Files\Softland O43 - CFD: 05/08/2011 - 11:20:04 - [70947442] ----D- C:\Program Files\Stellarium O43 - CFD: 27/01/2011 - 14:41:00 - [0] ----D- C:\Program Files\Symantec O43 - CFD: 11/08/2010 - 12:28:40 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 29/06/2011 - 11:32:00 - [2370089] ----D- C:\Program Files\USBAntiVirus O43 - CFD: 01/10/2010 - 16:08:00 - [35338024] ----D- C:\Program Files\VIA O43 - CFD: 30/08/2010 - 13:35:54 - [11236] ----D- C:\Program Files\VIA Technologies, Inc O43 - CFD: 11/08/2010 - 13:16:52 - [75096999] ----D- C:\Program Files\VideoLAN O43 - CFD: 20/09/2010 - 12:00:20 - [4106093] ----D- C:\Program Files\Windows Media Player O43 - CFD: 11/08/2010 - 12:11:22 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 11/08/2010 - 12:16:14 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 11/08/2010 - 13:22:46 - [3111820] ----D- C:\Program Files\WinRAR O43 - CFD: 16/08/2011 - 15:22:42 - [4829509] ----D- C:\Program Files\WinZip O43 - CFD: 11/08/2010 - 12:19:52 - [0] ----D- C:\Program Files\xerox O43 - CFD: 22/08/2011 - 09:56:48 - [104501705] ----D- C:\Program Files\ZebHelpProcess O43 - CFD: 08/07/2011 - 07:43:34 - [5381404] ----D- C:\Program Files\ZHPDiag O43 - CFD: 20/08/2011 - 11:39:10 - [2343315] ----D- C:\Program Files\ZHPFix O43 - CFD: 20/08/2011 - 13:19:44 - [441502101] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 25/02/2011 - 11:59:10 - [68096] ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD: 20/09/2010 - 12:07:56 - [94880078] ----D- C:\Program Files\Fichiers Communs\Ahead O43 - CFD: 13/08/2010 - 08:08:08 - [5133227] ----D- C:\Program Files\Fichiers Communs\AnswerWorks 4.0 O43 - CFD: 11/08/2010 - 13:39:30 - [38296042] ----D- C:\Program Files\Fichiers Communs\Autodesk Shared O43 - CFD: 20/07/2011 - 15:15:30 - [7675824] ----D- C:\Program Files\Fichiers Communs\Borland Shared O43 - CFD: 17/08/2010 - 07:33:36 - [197904] ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 13/08/2010 - 08:01:00 - [47463566] ----D- C:\Program Files\Fichiers Communs\ESRI O43 - CFD: 12/08/2010 - 09:52:38 - [12310548] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 12/08/2010 - 14:49:22 - [7674822] ----D- C:\Program Files\Fichiers Communs\HP O43 - CFD: 25/02/2011 - 11:51:38 - [10120405] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 13/08/2011 - 09:18:06 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 09/12/2010 - 07:33:00 - [931501] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 19/08/2011 - 09:46:42 - [319447715] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 11/08/2010 - 12:15:18 - [568832] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 11/08/2010 - 11:38:36 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 14/09/2010 - 09:27:32 - [36533015] ----D- C:\Program Files\Fichiers Communs\PC SOFT O43 - CFD: 13/08/2010 - 07:28:28 - [1806719] ----D- C:\Program Files\Fichiers Communs\SafeNet Sentinel O43 - CFD: 03/01/2011 - 10:18:58 - [13738] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 11/08/2010 - 11:38:32 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 10/08/2011 - 11:48:18 - [2248320] ----D- C:\Program Files\Fichiers Communs\SpeedBit O43 - CFD: 27/01/2011 - 14:41:02 - [1145000] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 17/08/2010 - 07:32:24 - [20911299] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 20/08/2011 - 13:26:02 - [8368551] ----D- C:\Documents and Settings\dranoel\Application Data\Adobe O43 - CFD: 02/08/2011 - 07:29:16 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\AdobeUM O43 - CFD: 21/09/2010 - 07:37:40 - [97336] ----D- C:\Documents and Settings\dranoel\Application Data\Ahead O43 - CFD: 11/08/2010 - 13:45:38 - [2932957] ----D- C:\Documents and Settings\dranoel\Application Data\Autodesk O43 - CFD: 08/06/2011 - 13:15:54 - [199] ----D- C:\Documents and Settings\dranoel\Application Data\dvdcss O43 - CFD: 12/11/2010 - 16:14:02 - [1698941] ----D- C:\Documents and Settings\dranoel\Application Data\ESRI O43 - CFD: 24/09/2010 - 08:49:32 - [9496] ----D- C:\Documents and Settings\dranoel\Application Data\GARMIN O43 - CFD: 30/06/2011 - 12:35:20 - [80309] ----D- C:\Documents and Settings\dranoel\Application Data\Google O43 - CFD: 26/08/2010 - 15:56:12 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\Help O43 - CFD: 08/02/2011 - 08:25:46 - [62592] ----D- C:\Documents and Settings\dranoel\Application Data\HP O43 - CFD: 11/08/2010 - 13:06:24 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\Identities O43 - CFD: 27/05/2011 - 16:47:58 - [921864] ----D- C:\Documents and Settings\dranoel\Application Data\Image Zone Express O43 - CFD: 29/12/2010 - 14:46:56 - [18538] ----D- C:\Documents and Settings\dranoel\Application Data\Macromedia O43 - CFD: 20/08/2011 - 13:49:20 - [1055] ----D- C:\Documents and Settings\dranoel\Application Data\Malwarebytes O43 - CFD: 11/08/2010 - 16:00:22 - [1346680] ----D- C:\Documents and Settings\dranoel\Application Data\MapInfo O43 - CFD: 20/08/2011 - 13:26:02 - [136820379] -S--D- C:\Documents and Settings\dranoel\Application Data\Microsoft O43 - CFD: 04/07/2011 - 13:09:02 - [15960195] ----D- C:\Documents and Settings\dranoel\Application Data\Mozilla O43 - CFD: 10/11/2010 - 08:24:56 - [3061] ----D- C:\Documents and Settings\dranoel\Application Data\Printer Info Cache O43 - CFD: 08/08/2011 - 14:42:10 - [2286312] ----D- C:\Documents and Settings\dranoel\Application Data\Samsung O43 - CFD: 05/08/2011 - 11:20:40 - [163418] ----D- C:\Documents and Settings\dranoel\Application Data\Stellarium O43 - CFD: 13/08/2011 - 09:07:58 - [890803] ----D- C:\Documents and Settings\dranoel\Application Data\Sun O43 - CFD: 14/06/2011 - 16:26:22 - [475059] ----D- C:\Documents and Settings\dranoel\Application Data\vlc O43 - CFD: 25/02/2011 - 12:04:28 - [16238962] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Adobe O43 - CFD: 21/09/2010 - 07:36:20 - [1973629] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Ahead O43 - CFD: 22/08/2011 - 09:04:58 - [16681] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\ApplicationHistory O43 - CFD: 11/08/2010 - 13:39:32 - [15099667] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Autodesk O43 - CFD: 02/08/2011 - 10:37:24 - [268885664] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Google O43 - CFD: 26/08/2010 - 15:56:12 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Help O43 - CFD: 20/09/2010 - 12:32:40 - [226896] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Identities O43 - CFD: 12/08/2010 - 17:27:48 - [4284] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\IsolatedStorage O43 - CFD: 20/08/2011 - 13:26:02 - [2223094] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Microsoft O43 - CFD: 04/07/2011 - 13:08:44 - [143249196] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Mozilla O43 - CFD: 11/08/2010 - 13:06:02 - [202201] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Symantec O43 - CFD: 20/08/2011 - 13:26:02 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Temp O43 - CFD: 31/08/2010 - 09:48:56 - [183] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\WDSetup ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.BC2580A9790D23CFCA105F9029AA353D] - 22/08/2011 - 09:46:01 ---A- . (...) -- C:\TB.txt [1865] O44 - LFC:[MD5.D0EE1200FEFFFFFF000000000CF21200] - 22/08/2011 - 09:44:21 ---A- . (...) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.D0EE1200FEFFFFFF57494E444F577E31] - 22/08/2011 - 09:23:24 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1363938] O44 - LFC:[MD5.95F3587222E8ECD77BDABB3F5BA1F221] - 22/08/2011 - 09:02:26 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/08/2011 - 09:01:31 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.D0EE1200FEFFFFFF000000000CF21200] - 22/08/2011 - 09:00:55 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.D0EE1200FEFFFFFF000000000CF21200] - 22/08/2011 - 09:00:54 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.ACCCB65D8EBB108D4A2AE43186B97743] - 22/08/2011 - 09:00:42 ---A- . (...) -- C:\WINDOWS\System32\LMGRD.LOG [95] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 22/08/2011 - 09:00:32 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.D0EE1200FEFFFFFF000000000CF21200] - 20/08/2011 - 15:54:03 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32618] O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 20/08/2011 - 13:48:48 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [41272] O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 20/08/2011 - 13:48:44 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712] O44 - LFC:[MD5.37718A508B155D3D51D556041C70A6B3] - 20/08/2011 - 11:40:26 ---A- . (...) -- C:\ZHPExportRegistry-20-08-2011-11-40-26.txt [15270] O44 - LFC:[MD5.78865D05735A7D62C6737980E259D432] - 20/08/2011 - 11:39:10 ---A- . (...) -- C:\ZHPExportRegistry-20-08-2011-11-39-09.txt [3760] O44 - LFC:[MD5.66782F7819185FA0B3203923C3957EDD] - 20/08/2011 - 11:31:04 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.EA5BB19197E259A1D561A6FC8A3BB581] - 20/08/2011 - 11:11:11 ---A- . (...) -- C:\UsbFix.txt [5759] O44 - LFC:[MD5.192C041CC87833513B8FC42026BC77D5] - 20/08/2011 - 11:03:47 ---A- . (...) -- C:\WINDOWS\setupact.log [161] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/08/2011 - 11:02:59 ---A- . (...) -- C:\WINDOWS\System32\tmp.txt [0] O44 - LFC:[MD5.B4508918A6CDCC42438C81E11FECBE03] - 20/08/2011 - 11:01:27 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [196148] O44 - LFC:[MD5.BA26B44BB4E43522C6A840DE6629291D] - 20/08/2011 - 09:28:42 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [2275864] O44 - LFC:[MD5.DB96F6C603E20B7103F3AD4BF45781E0] - 17/08/2011 - 10:41:11 ---A- . (...) -- C:\WINDOWS\setupapi.log [431829] O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 13/08/2011 - 09:16:38 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [157472] O44 - LFC:[MD5.D34FEB8716C8AE067A18618EC0EA7992] - 13/08/2011 - 09:16:37 ---A- . (.Sun Microsystems, Inc. - Java Control Panel.) -- C:\WINDOWS\System32\javacpl.cpl [73728] O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 13/08/2011 - 09:16:37 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 13/08/2011 - 09:16:37 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.0A899DA43C0C82A96E695F3BA6A5FC0D] - 13/08/2011 - 09:16:36 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [472808] O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 12/08/2011 - 13:24:00 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69] O44 - LFC:[MD5.47344CA16097E6ADC726F415582BA92B] - 10/08/2011 - 11:48:10 ---A- . (...) -- C:\WINDOWS\System32\EasyHook64.dll [109216] O44 - LFC:[MD5.478063C6D3E9D25ACD3C59782B82E307] - 10/08/2011 - 11:48:08 ---A- . (...) -- C:\WINDOWS\System32\EasyHook32.dll [90784] O44 - LFC:[MD5.45960B40C1ECB75ED5549A80049879E1] - 10/08/2011 - 11:47:59 ---A- . (.Jin Hui E-mail: jinhui@jcomsoft.com We - Animation GIF Control.) -- C:\WINDOWS\System32\AniGIF.ocx [172032] O44 - LFC:[MD5.64EB927B8018126F0115DC5A2A09EAB0] - 10/08/2011 - 07:17:19 ---A- . (...) -- C:\WINDOWS\comsetup.log [244012] O44 - LFC:[MD5.1778A0B01D43652D55DEF4FE100A2D85] - 10/08/2011 - 07:17:19 ---A- . (...) -- C:\WINDOWS\iis6.log [784461] O44 - LFC:[MD5.80B898E803EFBF7C5708A4839CECA8D4] - 10/08/2011 - 07:17:19 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [147592] O44 - LFC:[MD5.E6AC4F11BDF6F844C3520EAFFF4DDC62] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [735733] O44 - LFC:[MD5.208499AFEB75F2128FFA08DA5F81B645] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15749] O44 - LFC:[MD5.9E2285BBFAE882D6FFD462047062AE28] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [50575] O44 - LFC:[MD5.2EDA580B9871F58F94539D92B81D3888] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.9821F4225F43E8F4E36231B9147C312E] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\msgsocm.log [36771] O44 - LFC:[MD5.174400077C2C98F03392540D6757874B] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\netfxocm.log [128877] O44 - LFC:[MD5.B5F4836D39A56BF74E2DF993297704D3] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\ocgen.log [374374] O44 - LFC:[MD5.9FF62DC712F5E604E363699FBAC7DD37] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\ocmsn.log [40609] O44 - LFC:[MD5.3BB2E5B96F276AD3C3FB9AC4002F0FA1] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\tabletoc.log [36970] O44 - LFC:[MD5.C5E736F13D77F2601B8FEEED782AD5D8] - 10/08/2011 - 07:17:18 ---A- . (...) -- C:\WINDOWS\tsoc.log [335668] O44 - LFC:[MD5.A2BEC33CFE63EEAF48AC2A68169D5E76] - 10/08/2011 - 07:17:17 ---A- . (...) -- C:\WINDOWS\msmqinst.log [224184] O44 - LFC:[MD5.08E1FF990F2DC264579CBD5204637BD9] - 10/08/2011 - 07:17:15 ---A- . (...) -- C:\WINDOWS\updspapi.log [65871] O44 - LFC:[MD5.BD67479CD3E1CCB29D189F5E681392EF] - 10/08/2011 - 07:16:57 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11088] O44 - LFC:[MD5.B1890E0877FE0116475B30AE73E512FA] - 10/08/2011 - 07:16:57 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374] O44 - LFC:[MD5.4E61FD65388A1C7EBEDD667E90BE1579] - 10/08/2011 - 07:16:49 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10955] O44 - LFC:[MD5.DAAEAAD003F1141CB10E3A3F2BA03B42] - 10/08/2011 - 07:13:16 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [15213] O44 - LFC:[MD5.0B3D8D2970FC91AFBE6410147BDCC3BE] - 10/08/2011 - 07:11:21 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6941] O44 - LFC:[MD5.C2874374204B869EC5D567722E45EE2F] - 10/08/2011 - 07:10:59 ---A- . (...) -- C:\WINDOWS\KB2562937.log [6255] O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 08/08/2011 - 14:38:37 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640] O44 - LFC:[MD5.5303B61A83B0106ABD0A9EEC878ACA5E] - 08/08/2011 - 14:38:37 ---A- . (...) -- C:\WINDOWS\wmsetup.log [31613] O44 - LFC:[MD5.C9831D7ED365B9F60719CD11D434AE77] - 08/08/2011 - 14:36:35 ---A- . (...) -- C:\WINDOWS\DPINST.LOG [21398] O44 - LFC:[MD5.402FDE5DD355326C1EAF7F36E6B6BCA0] - 05/08/2011 - 13:55:27 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [959660] O44 - LFC:[MD5.FF82C475A502BAC1BAD4FC625D2C9FE2] - 05/08/2011 - 13:55:27 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [53608] O44 - LFC:[MD5.78C23C40A6EDC5F8C676323F95935F18] - 05/08/2011 - 13:55:27 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [64492] O44 - LFC:[MD5.8FA4C3946A7587463B21BD8D7CCED017] - 05/08/2011 - 13:55:27 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [383254] O44 - LFC:[MD5.625546D9D01F10D4137CDF90B310BB95] - 05/08/2011 - 13:55:27 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [447772] O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 02/08/2011 - 14:09:50 ---A- . (...) -- C:\WINDOWS\epplauncher.mif [1912] O44 - LFC:[MD5.E0B430876F3B60CC10BB98936A23E7FA] - 28/07/2011 - 07:20:19 ---A- . (...) -- C:\WINDOWS\atmoUn.exe [37027] O44 - LFC:[MD5.306521935042FC0A6988D528643619B3] - 19/04/2007 - 21:17:00 ---A- . (...) -- C:\WINDOWS\System32\drivers\StarOpen.sys [5632] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [Enabled] .(.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\plugin\geplugin.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"SENTINEL"="snti386.dll" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\System32\snti386.dll O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"snti386.dll"="Sentinel for i386 Systems" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\System32\snti386.dll O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (...) -- (.not file.) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableStatusMessages"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.F76CB7259AA575CC53F3996BC6B68C18] - 11/08/2010 - 13:43:52 ---A- . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS [12464] O58 - SDL:[MD5.5039A4F67F781E03B79A4FD0CAE27FC8] - 01/09/2010 - 11:46:12 ---A- . (.Hitachi Semiconductor and Devices Sales Co. - CESG502 USB Driver.) -- C:\WINDOWS\system32\drivers\CESG502.SYS [40672] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 11:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 11:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.383182215A2C238E76B86E3B5EDE40EB] - 07/02/2007 - 16:00:00 ---A- . (.DameWare Development, LLC - DameWare Development Mirror Miniport Driver.) -- C:\WINDOWS\system32\drivers\DamewareMini.sys [3712] O58 - SDL:[MD5.5A402C57F621114C99F813C6AE7BC37A] - 15/02/2007 - 16:00:00 ---A- . (.DameWare - DameWare Virtual Keyboard Driver.) -- C:\WINDOWS\system32\drivers\dwvkbd.sys [26624] O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 17/08/2001 - 20:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5.sys [27165] O58 - SDL:[MD5.FD396CA96D4F129BB463ED7DCEF453CA] - 08/03/2007 - 22:18:00 ---A- . (.GARMIN Corp. - Generic WDM Support Driver.) -- C:\WINDOWS\system32\drivers\grmngen.sys [18432] O58 - SDL:[MD5.D956358054E99E6FFAC69CD87E893A89] - 08/03/2007 - 22:18:00 ---A- . (.GARMIN Corp. - grmnusb.sys.) -- C:\WINDOWS\system32\drivers\grmnusb.sys [8320] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/04/2008 - 08:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.D1359E54D9755D28E56B17A352AB8AAE] - 11/09/2008 - 02:52:48 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [6047904] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 14/02/2008 - 06:12:00 R--A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\monfilt.sys [1389056] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 11:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 11:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 11:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 11:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.6FD9C99F0B8617122AE27392AB1B3059] - 04/05/2011 - 18:31:04 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [295528] O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 13/04/2008 - 09:34:34 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys [166912] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 08:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.B3C1B187FEFC941F63CE0DF93D02EB9F] - 14/03/2006 - 07:22:00 ---A- . (.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\WINDOWS\system32\drivers\sentinel.sys [90176] O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 22/12/2005 - 12:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80272] O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 22/12/2005 - 12:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [11877] O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 22/12/2005 - 12:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [11877] O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 22/12/2005 - 12:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [10864] O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 22/12/2005 - 12:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [137884] O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 22/12/2005 - 12:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [11188] O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 22/12/2005 - 12:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [11188] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 19/04/2007 - 21:17:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 11:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 11:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.0E3E3FAE3A0A58B8D936A8E841A17D16] - 27/12/2002 - 04:41:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS [26880] O58 - SDL:[MD5.1C43D4C8818DCBD8814E7C260744BCC4] - 11/01/2009 - 03:18:04 R--A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\viahduaa.sys [1050112] O58 - SDL:[MD5.E1DF1DDEA59DC3BE7CAD65F106E8C69E] - 24/03/2003 - 12:19:00 ---A- . (.VIA Technologies, Inc. - VIA AC'97 Enhanced Audio WDM Driver.) -- C:\WINDOWS\system32\drivers\viaudio.sys [88960] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/04/2008 - 08:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 11:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 13/04/2008 - 08:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 13/04/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 13/04/2008 - 08:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 13/04/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 13/04/2008 - 08:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: ZHPFix 1.12 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover O63 - Logiciel: Toolbar SD - (.IDN Team.) ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 11/08/2010 - C:\WINDOWS\system32\drivers\CDAC11BA.exe - C-DillaCdaC11BA(C-DillaCdaC11BA) .(.Macrovision - Macrovision RTS Service.) - LEGACY_C-DILLACDAC11BA O64 - Services: CurCS - 11/08/2010 - C:\WINDOWS\system32\drivers\CDAC15BA.sys - CdaC15BA(CdaC15BA) .(.Macrovision Europe Ltd - Macrovision SECURITY Driver.) - LEGACY_CDAC15BA O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 28/08/2001 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 07/07/2006 - C:\Program Files\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe - ERDAS(ERDAS) .(.Macrovision Corporation - Pas de description.) - LEGACY_ERDAS O64 - Services: CurCS - 30/06/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - 30/06/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdatem)(gupdatem) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATEM O64 - Services: CurCS - 30/06/2011 - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater(gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - 13/08/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\dranoel\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{02468352-8909-4261-B0FA-E27810F51C64}\MpKsl0d2b9455.sys (.not file.) - MpKsl0d2b9455 (MpKsl0d2b9455) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CAF7C10-24B9-4A82-B807-21C094BADCE7}\MpKsla86caf1d.sys (.not file.) - MpKsla86caf1d (MpKsla86caf1d) .(...) - L O64 - Services: CurCS - 08/05/2007 - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe - NMIndexingService(NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - 14/03/2006 - C:\WINDOWS\system32\Drivers\SENTINEL.sys - Sentinel(Sentinel) .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL O64 - Services: CurCS - 14/03/2006 - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe - Sentinel Protection Server(SentinelProtectionServer) .(.SafeNet, Inc - Pas de description.) - LEGACY_SENTINELPROTECTI O64 - Services: CurCS - 27/12/2002 - C:\WINDOWS\System32\DRIVERS\viaagp1.sys - VIA AGP Filter(viaagp1) .(.VIA Technologies, Inc. - VIA NT AGP Filter.) - LEGACY_VIAAGP1 ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {7F4EFF06-7032-458e-AE16-1C1D8255C28A} - (SpeedBit Search) - http://home.speedbit.com ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 25/02/2011 68096 | (Adobe LM Service) . (...) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe SS - | Auto 11/01/2008 1372160 | (ArcGIS License Manager) . (.Macrovision Corporation.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe SR - | Auto 11/08/2010 54784 | (C-DillaCdaC11BA) . (.Macrovision.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SR - | Auto 07/07/2006 630272 | (ERDAS) . (.Macrovision Corporation.) - C:\Program Files\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe SS - | Demand 09/12/2010 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 30/06/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 30/06/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 30/06/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 13/08/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SS - | Demand 13/04/2007 792112 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe SS - | Demand 08/05/2007 271920 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe SR - | Auto 14/03/2006 206400 | (SentinelProtectionServer) . (.SafeNet, Inc.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by dranoel at 22/08/2011 09:57:02 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys 1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x8A35EAB8] 3 CLASSPNP[0xF7637FD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\00000068[0x8A3D39A8] 5 ACPI[0xF75AD620] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IdeDeviceP0T0L0-4[0x8A360D98] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by dranoel at 22/08/2011 09:57:04 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (1066 lines in 00mn 19s)(0)

Bonjour Bernard53 Merci pour tout # DelFix v8.1 - Rapport créé le 22/07/2011 à 07:15 # Mis à jour le 20/06/11 à 19h par Xplode # Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3 # Nom d'utilisateur : Léo - SUPERADA (Administrateur) # Exécuté depuis : D:\Mes documents\SECURITE_PC\delfix.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ Supprimé : C:\FyK Supprimé : C:\Qoobox Supprimé : C:\RSIT Supprimé : C:\ToolBar SD Supprimé : C:\USBFix Supprimé : C:\Program Files\Ad-Remover Supprimé : C:\Program Files\trend micro\Hijackthis Supprimé : C:\Program Files\ZHPDiag Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hijackthis Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\FyK.txt Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\rapport.txt Supprimé : C:\WINDOWS\grep.exe Supprimé : C:\WINDOWS\MBR.exe Supprimé : C:\WINDOWS\NIRCMD.exe Supprimé : C:\WINDOWS\PEV.exe Supprimé : C:\WINDOWS\sed.exe Supprimé : C:\WINDOWS\SWREG.exe Supprimé : C:\WINDOWS\SWSC.exe Supprimé : C:\WINDOWS\SWXCACLS.exe Supprimé : C:\WINDOWS\zip.exe Supprimé : C:\WINDOWS\System32\tmp.reg Supprimé : C:\WINDOWS\System32\tmp.txt Supprimé : C:\Documents and Settings\Léo\Bureau\AD-R.lnk Supprimé : C:\Documents and Settings\Léo\Bureau\ZHPDiag Outil de diagnostic.pdf Supprimé : C:\Documents and Settings\Léo\Bureau\ZHPDiag.txt ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\SOFTWARE\Ad-Remover Clé Supprimée : HKCU\SOFTWARE\USBFix Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZHP Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis Clé Supprimée : HKLM\Software\Classes\.cfxxe Clé Supprimée : HKLM\Software\Classes\cfxxefile Clé Supprimée : HKLM\Software\TrendMicro\Hijackthis Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe ACL -> [F] & Clé Supprimée : HKLM\SOFTWARE\Swearware Valeur Supprimée : HKCU\Software\WinRAR SFX|C%%Fyk ~~~~~~ Autre ~~~~~~ -> ESET Online Scanner ... Désinstallé avec succès -> Prefetch vidé ########## EOF - "C:\DelFixSuppr.txt" - [2665 octets] ##########

Bonjour Bernard53 Mon démarrage est nettement mieux

OK! j'ai fait le chkdsk. Windows n'a trouvé aucun problème Merci Bernard53. je quitte le bureau on se voit demain.

Bernard53 Excuse moi de ne pas avoir répondu à la question. Oui j'ai utilisé "Code Stuff Starter" comme tu me l'as dis. Le démarrage s'est amélioré un peu Merci

Bernard53 A titre de vérification, je viens de lancer ZHP à partir de menu démarrer mais je n'ai rien à l'écran. Je l'ai lancé à partir de la cible il me donne un message d'erreur "Problème de connexion internet (Socket Error #10054 Connection reset by peer.) "et puis plus rien. Dans le gestionnaire de tâche il est en exécution. Merci pour l'aide que tu me portes Merci à vous tous qui nous aidez sur les forums.

Bernard53 A titre de vérification, je viens de lancer ZHP à partir de menu démarrer mais je n'ai rien à l'écran. Je l'ai lancé à partir de la cible il me donne un message et puis plus rien. dans le gestionnaire de tâche il est en exécution je t'envoie 2 captures écran.

Salut Bernard53 J'ai fait tout ce que tu m'as dit et merci voici le rapport Rapport de ZHPFix 1.12.3335 par Nicolas Coolman, Update du 04/07/2011 Fichier d'export Registre : Run by Léo at 20/07/2011 13:04:56 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: HKLM\Software\ImInstaller SUPPRIME Key: HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF ========== Valeur(s) du Registre ========== Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Dossier(s) ========== SUPPRIME Flash Cookies: 1 SUPPRIME Temporaires Windows: : 392 ========== Fichier(s) ========== SUPPRIME Flash Cookies: 0 SUPPRIME Temporaires Windows: : 1480 ========== Récapitulatif ========== 2 : Clé(s) du Registre 1 : Valeur(s) du Registre 2 : Dossier(s) 2 : Fichier(s) ========== Chemin du fichier rapport ========== C:\Program Files\ZHPDiag\ZHPFixReport.txt End of the scan in 00mn 05s

Bonjour à tous Je ne sais pas si je dois poster ce message sur ce forum. Si je me suis trompé d'emplacement, excusez moi et redirigez moi. Merci 1- Je n'ai pas pu télécharger ZHPDIAG sur mon PC. Je l'ai fait à partir d'un autre ordi. Une fois installée, le programme ne se lance pas .Il me dit raccourci manquant. Dans mon menu démarrer je trouve ZHP2 au lieu de ZHPDiag. Je suis obligé de le lancer manuellement. 2- Au démarrage je sens une certaine lenteur. 3- Certains logiciels comme Google earth par exemple ne se lance plus. Il est actif dans le gestionnaire de tâche mais rien n'apparait à l'écran. J'ai pensé à une infection alors j'ai fais un scan avec Malwaresbytes. Aucune infection n'est trouvée. Je viens de faire un diagnostic avec ZHPDiag et je vous laisse le rapport pour que vous le regardez avec vos yeux d'expert. Merci de l'étudier. Rapport de ZHPDiag v1.27.24 par Nicolas Coolman, Update du 05/07/2011 Run by Léo at 19/07/2011 12:00:26 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) MFIE: Mozilla Firefox v GCIE: Google Chrome v11.0.696.60 ---\\ System Information Windows XP Professional Service Pack 3 (Build 2600) Processor: x86 Family 6 Model 15 Stepping 6, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1022 MB (31% free) System Restore: Activé (Enable) System drive C: has 12 GB (21%) free of 53 GB ---\\ Logged in mode Computer Name: SUPERADA User Name: Léo All Users Names: XMENS, SUPPORT_388945a0, Léo, HelpAssistant, ASPNET, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Documents and Settings\Léo\Application Data\ ~ %Desktop%=C:\Documents and Settings\Léo\Bureau\ ~ %Favorites%=C:\Documents and Settings\Léo\Favoris\ ~ %LocalAppData%=C:\Documents and Settings\Léo\Local Settings\Application Data\ ~ %StartMenu%=C:\Documents and Settings\Léo\Menu Démarrer\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 53 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 54 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.19/07/2011 - 04:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.42F5E14E33D79C236680468B1E4999F4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.19/07/2011 - 16:06:12.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.19/07/2011 - 04:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.19/07/2011 - 20:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.19/07/2011 - 21:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 27/1598 ~ Mes musiques (My Musics) : 5/69 ~ Mes Videos (My Video) : 0/17 ~ Mes Favoris (My Favorites) : 2/10 ~ Mes Documents (My Documents) : 380/24332 ~ Mon Bureau (My Desktop) : 1/20 ~ Menu demarrer (Programs) : 5/46 ---\\ Processus lancés [MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [MD5.56DED3ADE453272E6A0AD582D945D1A4] - (.Intel Corporation - Intel® PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753] [MD5.6C5155CC0E805C7BE6028BFF7AC14524] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745] [MD5.769DB4F484957CC98153B3C1B5D1162F] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [109056] [MD5.717EBC644D096C77B39B6B6A174D1B49] - (.Macrovision Corporation - Pas de description.) -- C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe [1372160] [MD5.E1EC228D87915050BDF59F6331AD7247] - (.Avocent Inc. - Service Program for Acer.) -- C:\Acer\Empowering Technology\admServ.exe [1314816] [MD5.381110584AEE6D3DDAA76A63ADD64D42] - (...) -- C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE [1757184] [MD5.73686FE0B2E0469F89FD2075BE724704] - (.Apple Computer, Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [229376] [MD5.9BDBDA21D3BA8E374FD06A405BE10215] - (.Macrovision - Macrovision RTS Service.) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE [54784] [MD5.5D1347AA5AE6E2F77D7F4F8372D95AC9] - (.Microsoft Corporation - Media Center Receiver Service.) -- C:\WINDOWS\eHome\ehRecvr.exe [237568] [MD5.980EEEA91776357518892C5544768E2B] - (.Microsoft Corporation - Service de planification Media Center.) -- C:\WINDOWS\eHome\ehSched.exe [103424] [MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.86E8BCAA91FC2ACFACD99CF2BF9F1F47] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [49152] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [MD5.6D88C26BF33D2B8404F01CECBDD47D3A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 86.02.) -- C:\WINDOWS\system32\nvsvc32.exe [143426] [MD5.1B2857EF12D79A9F9ADBA14B0637CBF8] - (.Intel Corporation - Intel® PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164] [MD5.ACCDF944417FCE3B9BDDFC197C704A27] - (.SafeNet, Inc - Pas de description.) -- C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400] [MD5.45A0772A49914786AD64471205938CE9] - (.Microsoft Corporation - Service SNMP.) -- C:\WINDOWS\System32\snmp.exe [33280] [MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [MD5.E4D20625DBD37ADEE96383B1B010EDA0] - (.Microsoft Corporation - Message Queuing Service.) -- C:\WINDOWS\system32\mqsvc.exe [4608] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [MD5.9D33A0FFF7798747F9C98A75912C0042] - (.Microsoft Corporation - Windows NT MSMQ Trigger Service.) -- C:\WINDOWS\system32\mqtgsvc.exe [117248] [MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [MD5.FEE2BA1AD38F457F418E82EA30724053] - (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\WINDOWS\system32\msfeedssync.exe [13312] [MD5.9C69E6A25F5500501B14AF43311F8D8B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [64512] [MD5.DAEFB050AC8FEE4F1097FCF7CB97220E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\WINDOWS\eHome\ehmsas.exe [46592] [MD5.2F86B8A2CA6DB95FA981890F34E54EE7] - (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe [397312] [MD5.33F7659872C1C2CE295FBD1754B63957] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16248320] [MD5.E5E34AB0B5B4214480F6E5D9B45F049F] - (.HiTRUST - eDSloader.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [69632] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.C9072E57FB44288EA91FE7979582A8FB] - (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe [593920] [MD5.1D8FCB6541E74894224296DCDAD6BEDF] - (.Avocent Inc. - Tray Program for Acer.) -- C:\Acer\Empowering Technology\admtray.exe [2462208] [MD5.59307A84CACE50B66089DBD5F74EA17A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946] [MD5.0B947E1828A83D19E7E32997F982AA2A] - (.Acer Incorporated - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [352256] [MD5.926A397334FE426A6C7657096FE681DB] - (.Hewlett-Packard Development Company, L.P. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152] [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064] [MD5.4543367E50BD35E7D1269D42841B156E] - (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [288472] [MD5.CFE5228556C93D03D6753E7953CCD4A9] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [217194] [MD5.7EDAF6D5B928A4D81EB20D6F97C1225B] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\DOCUME~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe [507904] [MD5.EE7B9D446C9C49228008CB39204C5CAA] - (.FUJIFILM Corporation - Exif Launcher 2.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe [303104] [MD5.88029974B1C9995CFA3BD9560BBA2EEF] - (.Hewlett-Packard Development Company, L.P. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [239320] [MD5.AE45DDF08B6949057CDB2D2EAAD3DEC4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656896] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Léo\Local Settings\Application Data\Mozilla\Firefox\Profiles\4tsqm6fc.default\prefs.js M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe Acrobat Plug-In Version 6.00 for Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.0.5] - (.the VideoLAN Team - Version 1.0.5, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Léo\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Yahoo! France G2 - GCE: Preference [user Data\Default] [fjhheinojdpanfehodhfnliapkofeppf] ToutSurGoogleEarth v.2.3.0.8 (Activé) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-2965774411-1647369187-2304096231-1005\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-2965774411-1647369187-2304096231-1005\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 6.0 for Act.) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - ToolBand Module.) -- C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [ehTray] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [LaunchApp] Clé orpheline O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe O4 - HKLM\..\Run: [eDataSecurity Loader] . (.HiTRUST - eDSloader.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] bthprops.cpl O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 \s mqrt.dll O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [ADMTray.exe] . (.Avocent Inc. - Tray Program for Acer.) -- C:\Acer\Empowering Technology\admtray.exe O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe O4 - HKLM\..\Run: [iMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [ePower_DMC] . (.Acer Incorporated - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Development Company, L.P. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-21-2965774411-1647369187-2304096231-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\ExifLauncher2.lnk . (.FUJIFILM Corporation.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\IncrediMail.lnk . (.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\Bin\IncMail.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Distiller 6.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Distiller_PFM.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Acrobat 6.0 Professional.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Acrobat_PFM_1.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PhoneSuite.lnk . (...) -- C:\Program Files\LG Mobile\PhoneSuite\PhoneSuite.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: &Ajout Direct dans Windows Live Writer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - (Installation Support) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256888686171 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS2\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS3\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS3\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: DhcpNameServer = 10.10.1.150 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: ArcGIS License Manager (ArcGIS License Manager) . (.Macrovision Corporation - Pas de description.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe O23 - Service: AdminWorks Agent X6 (AWService) . (.Avocent Inc. - Service Program for Acer.) - C:\Acer\Empowering Technology\admServ.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) . (.Macrovision - Macrovision RTS Service.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel Corporation - Intel® PROSet/Wireless Event Log.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 86.02.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\SYSTEM32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel Corporation - Intel® PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) . (.Intel Corporation - Wireless Management Service.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) . (.SafeNet, Inc - Pas de description.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{0C00C19F-D2EC-4FE7-BF0F-B3460F5BC139}.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2965774411-1647369187-2304096231-1005Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\mbam.job [MD5.6745EF9F67D02E1BDDE0D3A1E4C9E7C8] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2965774411-1647369187-2304096231-1005Core] (...) -- C:\Documents and Settings\Léo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (.not file.) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\WINDOWS\System32\DRIVERS\MpFilter.sys O41 - Driver: (MpKsl059fd6f3) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl059fd6f3.sys (.not file.) O41 - Driver: (MpKsl14c7559d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl14c7559d.sys (.not file.) O41 - Driver: (MpKsl1545e10f) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl1545e10f.sys (.not file.) O41 - Driver: (MpKsl31e6e356) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsl31e6e356.sys (.not file.) O41 - Driver: (MpKsl4264fd3c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66EB5A84-FB4A-4DF8-8849-D2D09FD73757}\MpKsl4264fd3c.sys (.not file.) O41 - Driver: (MpKsl5ee0c2c1) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CC8B1738-7BE2-4955-B7D7-3042B74182B5}\MpKsl5ee0c2c1.sys (.not file.) O41 - Driver: (MpKsl78a03ae0) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{24C39D1F-3634-419A-822B-A42832432D6D}\MpKsl78a03ae0.sys (.not file.) O41 - Driver: (MpKsl865e3a82) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl865e3a82.sys (.not file.) O41 - Driver: (MpKslc380be54) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKslc380be54.sys (.not file.) O41 - Driver: (MpKslc5beb97f) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D653EF46-9CE0-445E-AB6B-24EF4588DB08}\MpKslc5beb97f.sys O41 - Driver: (MpKsld2d7d400) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5AC1D08C-71FF-426E-B7B0-4518D6E10500}\MpKsld2d7d400.sys (.not file.) O41 - Driver: (MpKsld3c648d7) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsld3c648d7.sys (.not file.) O41 - Driver: (MpKsle761210b) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F0134EE-93F4-4D17-9B3F-60CB6DD7EE45}\MpKsle761210b.sys (.not file.) O41 - Driver: (MpKslfdcc348c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{79A2899B-1775-4AB8-ABE0-1EC13EAFDB28}\MpKslfdcc348c.sys (.not file.) O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (OsaFsLoc) . (.OSA Technologies - Filesystem Lock driver.) - C:\WINDOWS\system32\drivers\OsaFsLoc.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\System32\DRIVERS\wmiacpi.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Acer Empowering Technology framework - (.Acer Inc..) [HKLM] -- InstallShield_{15B70821-7893-4607-805A-BB80F3EA8279} O42 - Logiciel: Acer Screensaver - (.acer.) [HKLM] -- {D458BBDC-0363-42E0-8FF9-4736E3CB3CA2} O42 - Logiciel: Acer eDataSecurity Management 1.00.26 - (.Acer.) [HKLM] -- {E431C518-2EE2-471E-9234-BE995C36D513} O42 - Logiciel: Acer eLock Management - (.Acer Inc..) [HKLM] -- InstallShield_{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42} O42 - Logiciel: Acer eNet Management - (.Pas de propriétaire.) [HKLM] -- {C06554A1-2C1E-4D20-B613-EE62C79927CC} O42 - Logiciel: Acer ePerformance Management - (.Acer Inc..) [HKLM] -- InstallShield_{DEE08946-40F0-4890-853E-60A6C3306041} O42 - Logiciel: Acer ePower Management - (.Pas de propriétaire.) [HKLM] -- {58E5844B-7CE2-413D-83D1-99294BF6C74F} O42 - Logiciel: Acer eSettings Management - (.Acer Inc..) [HKLM] -- InstallShield_{E38BC648-883B-4EE5-966C-94C4B7AB3E0B} O42 - Logiciel: Adobe Acrobat 6.0.1 Professional - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-0000-7760-000000000001} O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95} O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} O42 - Logiciel: Adobe Atmosphere Player for Acrobat and Adobe Reader - (.Pas de propriétaire.) [HKLM] -- Adobe Atmosphere Player O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C} O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} O42 - Logiciel: Adobe Color EU Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {73B5D990-04EA-4751-B10F-5534770B91F2} O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} O42 - Logiciel: Adobe Color NA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {FF29A7E2-FF40-4D07-B7E4-2093DE59E10A} O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D} O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B} O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7ACFB90E-8FD0-4397-AD3A-5195412623A3} O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_e21d2df5563f0bf421cf2cc5ec26c42 O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6E08CE13-C2AB-4749-9335-5900B958929E} O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078} O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C} O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC} O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {CE67DBBB-2ED0-4F35-B482-0CFE4CFC1570} O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312} O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8} O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6} O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1} O42 - Logiciel: ArcGIS ArcInfo Workstation - (.Environmental Systems Research Institute, Inc..) [HKLM] -- {2B0AEAE7-6EF2-4642-8F95-DDBC9B72721D} O42 - Logiciel: ArcGIS Crystal Report Wizard - (.<no manufacturer>.) [HKLM] -- {15FB6880-728F-4DF6-BEBB-046302A8E25A} O42 - Logiciel: ArcGIS Desktop - (.Environmental Systems Research Institute, Inc..) [HKLM] -- ArcGIS Desktop O42 - Logiciel: ArcGIS License Manager - (.Pas de propriétaire.) [HKLM] -- ArcGIS License Manager O42 - Logiciel: ArcSoft Print Creations - (.ArcSoft.) [HKLM] -- {CAE8A0F1-B498-4C23-95FA-55047E730C8F} O42 - Logiciel: ArcSoft Print Creations - Album Page - (.ArcSoft.) [HKLM] -- {E6B4117F-AC59-4B13-9274-EB136E8897EE} O42 - Logiciel: ArcSoft Print Creations - Funhouse - (.ArcSoft.) [HKLM] -- {9591C049-5CAE-4E89-A8D9-191F1899628B} O42 - Logiciel: ArcSoft Print Creations - Greeting Card - (.ArcSoft.) [HKLM] -- {F04F9557-81A9-4293-BC49-2C216FA325A7} O42 - Logiciel: ArcSoft Print Creations - Photo Book - (.ArcSoft.) [HKLM] -- {56589DFE-0C29-4DFE-8E42-887B771ECD23} O42 - Logiciel: ArcSoft Print Creations - Photo Calendar - (.ArcSoft.) [HKLM] -- {CA9ED5E4-1548-485B-A293-417840060158} O42 - Logiciel: ArcSoft Print Creations - Scrapbook - (.ArcSoft.) [HKLM] -- {B0D83FCD-9D42-43ED-8315-250326AADA02} O42 - Logiciel: ArcSoft Print Creations - Slimline Card - (.ArcSoft.) [HKLM] -- {007B37D9-0C45-4202-834B-DD5FAAE99D63} O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: AutoCAD 2004 - (.Autodesk.) [HKLM] -- {5783F2D7-0201-040C-0002-0060B0CE6BBA} O42 - Logiciel: AutoCAD 2008 - Français - (.Autodesk.) [HKLM] -- AutoCAD 2008 - Français O42 - Logiciel: AutoCAD Express Tools Volumes 1-9 - (.Autodesk.) [HKLM] -- {5783F2D7-0211-0409-0000-0060B0CE6BBA} O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM] -- {9A346205-EA92-4406-B1AB-50379DA3F057} O42 - Logiciel: Autodesk Express Viewer - (.Autodesk, Inc..) [HKLM] -- Autodesk Express Viewer O42 - Logiciel: Bank 4.8 - (.Pas de propriétaire.) [HKLM] -- Bank O42 - Logiciel: Bouml 4.21 - (.Bruno Pagès.) [HKLM] -- Bouml_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: Canvas 6 - (.Pas de propriétaire.) [HKLM] -- Canvas 6 O42 - Logiciel: ChronoMap - (.Pas de propriétaire.) [HKLM] -- {22E29C20-4ACB-11D5-8A86-0080C8D48B69} O42 - Logiciel: ChronoVia - (.Pas de propriétaire.) [HKLM] -- {15193176-4ADA-11D5-8A86-0080C8D48B69} O42 - Logiciel: ConTEXT - (.Eden Kirin.) [HKLM] -- ConTEXTEditor_is1 O42 - Logiciel: Covadis Topo 2004 - (.Pas de propriétaire.) [HKLM] -- Covadis Topo 2004 O42 - Logiciel: DWG TrueView 2010 - (.Autodesk.) [HKLM] -- DWG TrueView 2010 O42 - Logiciel: Data Access Objects (DAO) 3.5 - (.Pas de propriétaire.) [HKLM] -- DAO 3.5 O42 - Logiciel: DataLink DL01 v2.0 - (.Pas de propriétaire.) [HKLM] -- {24204140-0A0B-11D4-A0FA-0080C845E265} O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: ECW Compressor 2.2 - (.Pas de propriétaire.) [HKLM] -- ECW Compressor 2.2 O42 - Logiciel: FAOCLIM 2 - (.Pas de propriétaire.) [HKLM] -- FAOCLIM 2 O42 - Logiciel: FastStone Capture 5.3 (French) - (.FastStone Soft.) [HKLM] -- FastStone Capture O42 - Logiciel: Filzip 3.06 - (.Philipp Engel.) [HKLM] -- Filzip 3.0.6.93_is1 O42 - Logiciel: FinePixViewer Resource - (.FUJIFILM Corporation.) [HKLM] -- {B44529FF-501E-47CD-A06D-223C161BE058} O42 - Logiciel: FinePixViewer Ver.5.5 - (.FUJIFILM Corporation.) [HKLM] -- {24ED4D80-8294-11D5-96CD-0040266301AD} O42 - Logiciel: FinePixViewer YTUPL - (.FUJIFILM Corporation.) [HKLM] -- {65EB09A3-993B-401E-8936-C9708CBFAB26} O42 - Logiciel: Free Window Registry Repair - (.Pas de propriétaire.) [HKLM] -- Free Window Registry Repair O42 - Logiciel: GIMP 2.6.8 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1} O42 - Logiciel: Garmin Trip and Waypoint Manager v5 - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {414A373B-59DF-4102-94CA-9FE9A74CBDDA} O42 - Logiciel: GemMaster Mystic - (.Pas de propriétaire.) [HKLM] -- 99A88D57-2C93-491B-87B8-E41A870FB6BE O42 - Logiciel: GeoContext for FAOCLIM 2 - (.Pas de propriétaire.) [HKLM] -- GeoContext for FAOCLIM 2 O42 - Logiciel: Glary Utilities 2.31.0.1098 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F O42 - Logiciel: HP Customer Participation Program 7.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Imaging Device Functions 7.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {6994491D-D491-48F1-AE1F-E179C1FFFC2F} O42 - Logiciel: HP Photosmart, Officejet and Deskjet 7.0.A - (.HP.) [HKLM] -- {BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C} O42 - Logiciel: HP Software Update - (.Hewlett-Packard.) [HKLM] -- {BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} O42 - Logiciel: HP Solution Center 7.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows Media Player 10 (KB903157) - (.Microsoft Corporation.) [HKLM] -- KB903157 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D} O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail O42 - Logiciel: Informix - (.Pas de propriétaire.) [HKLM] -- Informix O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31} O42 - Logiciel: Java DB 10.4.2.1 - (.Sun Microsystems, Inc.) [HKLM] -- {926C96FB-9D0A-4504-8000-C6D3A4A3118E} O42 - Logiciel: Java 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216019FF} O42 - Logiciel: Java SE Development Kit 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0160170} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: Khi3 - Universal Scientific Calculator - (.Joël Ollivier.) [HKLM] -- {86830DEC-C5E5-43AC-B5ED-2680D5C04BCF} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Logiciel Intel® PROSet/Wireless - (.Intel Corporation.) [HKLM] -- ProInst O42 - Logiciel: MARALITe ver 3.2 - (.Medical Research Council.) [HKLM] -- MARALITe_is1 O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 6.0 Parser (KB925673) - (.Microsoft Corporation.) [HKLM] -- {FE9126DB-5F84-495A-BB46-3C724F1C2D08} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Malwarebytes' RogueRemover - (.Malwarebytes.) [HKLM] -- Malwarebytes' RogueRemover FREE_is1 O42 - Logiciel: MapImagery - (.Pas de propriétaire.) [HKLM] -- MapImagery O42 - Logiciel: MapInfo Line Style Editor 2.0 - (.Pas de propriétaire.) [HKLM] -- MapInfo Line Style Editor O42 - Logiciel: MapInfo MDAC-DAO-ODBC 7.0 - (.Pas de propriétaire.) [HKLM] -- {B8E1C308-6043-46E5-AE7D-422EBD35DAA3} O42 - Logiciel: MapInfo ProViewer 5.0 - (.Pas de propriétaire.) [HKLM] -- MapInfoProViewer50 O42 - Logiciel: MapInfo Professional 7.8 - (.MapInfo Corporation.) [HKLM] -- {CD9B92AD-F5F8-4C4D-9341-4D9B1BD5A8C0} O42 - Logiciel: MapInfo Professional® - Jeu de données - (.Pas de propriétaire.) [HKLM] -- MapInfo Professional® - Jeu de données O42 - Logiciel: Micro Application - MediaDICO 12 - (.Pas de propriétaire.) [HKLM] -- MediaDICO12 O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB953295) - (.Microsoft Corporation.) [HKLM] -- KB953295 O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB979904) - (.Microsoft Corporation.) [HKLM] -- KB979904 O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack - (.Microsoft Corporation.) [HKLM] -- {E3C080B0-23F5-49AF-89F8-8E8DBC89E659} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office FrontPage 2003 - (.Microsoft Corporation.) [HKLM] -- {9017040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} O42 - Logiciel: Microsoft Office OneNote 2003 - (.Microsoft Corporation.) [HKLM] -- {90A1040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Project Professional 2003 - (.Microsoft Corporation.) [HKLM] -- {903B040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Visio Professional 2003 - (.Microsoft Corporation.) [HKLM] -- {9051040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.0 French Language Pack O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18) O42 - Logiciel: NTI Backup NOW! 4.5 - (.NewTech Infosystems.) [HKLM] -- {B06B842F-2450-494F-BBDE-217CDC151A37} O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} O42 - Logiciel: New_LocClim - (.FAO of the UN and GPCC at DWD.) [HKLM] -- New_LocClim O42 - Logiciel: NirSoft BlueScreenView - (.Pas de propriétaire.) [HKLM] -- NirSoft BlueScreenView O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN O42 - Logiciel: OCR Software by I.R.I.S 7.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A} O42 - Logiciel: Otto - (.Pas de propriétaire.) [HKLM] -- 0D20D36D-A11C-444c-9AF7-70CBFED42ECF O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} O42 - Logiciel: PL-2303 USB-to-Serial - (.Pas de propriétaire.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (12/06/2005 2.4.0) - (.MobileTop.) [HKLM] -- 6F20211A07D2A216859CBC3248BDE3B338E543E0 O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (12/06/2005 2.4.0) - (.MobileTop.) [HKLM] -- 09DA5A1E4E89D27A472F4075BFB98DE53AFE5769 O42 - Logiciel: PhoneSuite - (.Pas de propriétaire.) [HKLM] -- PhoneSuite O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861} O42 - Logiciel: Python 2.5 numpy-1.0.3 - (.Pas de propriétaire.) [HKLM] -- Python 2.5 numpy-1.0.3 O42 - Logiciel: Python 2.5 pywin32-210 - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.5 O42 - Logiciel: Python 2.5.1 - (.Pas de propriétaire.) [HKLM] -- Python 2.5.1 O42 - Logiciel: Python 2.6.1 - (.Python Software Foundation.) [HKLM] -- {9cc89170-000b-457d-91f1-53691f85b223} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {08CA9554-B5FE-4313-938F-D4A417B81175} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Revo Uninstaller 1.83 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem O42 - Logiciel: SafeCast Shared Components - (.Macrovision.) [HKLM] -- CdaC13Ba O42 - Logiciel: Samsung PC Studio 5 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {2B518DF9-4963-4AC7-9250-0EA6154D0AC6} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Sentinel Protection Installer 7.2.2 - (.SafeNet, Inc..) [HKLM] -- {6DC0632A-A838-4B34-AC19-0FA18E1C533C} O42 - Logiciel: Solstice - (.Pas de propriétaire.) [HKLM] -- {FD3D23B6-3428-492F-BE99-645E6824E8B8} O42 - Logiciel: Sonic Encoders - (.Sonic Solutions.) [HKLM] -- {9941F0AA-B903-4AF4-A055-83A9815CC011} O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004} O42 - Logiciel: Support DBMS MapInfo - (.Pas de propriétaire.) [HKLM] -- {FE988A05-B29E-4FB7-AD46-2A0BBC6AA02A} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Vertical Mapper 2.6 - (.Pas de propriétaire.) [HKLM] -- {97042B20-E491-11D3-96D4-00105A111647} O42 - Logiciel: WampServer 2.0 - (.Romain Bourdon (Roms).) [HKLM] -- WampServer 2_is1 O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1} O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA} O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840} O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] -- {6901DD22-527A-41EF-9059-E81FEDE9E494} O42 - Logiciel: Windows Workflow Foundation FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {B84C141C-9A13-44BE-9A69-301D7B11D836} O42 - Logiciel: Windows XP Media Center Edition 2005 KB2502898 - (.Microsoft Corporation.) [HKLM] -- KB2502898 O42 - Logiciel: Windows XP Media Center Edition 2005 KB925766 - (.Microsoft Corporation.) [HKLM] -- KB925766 O42 - Logiciel: Windows XP Media Center Edition 2005 KB973768 - (.Microsoft Corporation.) [HKLM] -- KB973768 O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC O42 - Logiciel: Yahoo! Install Manager - (.Pas de propriétaire.) [HKLM] -- YInstHelper O42 - Logiciel: Yahoo! Software Update - (.Pas de propriétaire.) [HKLM] -- Yahoo! Software Update O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion O42 - Logiciel: doPDF 6.0 printer - (.Softland.) [HKLM] -- doPDF 6 printer_is1 O42 - Logiciel: mCore - (.Intel Corporation.) [HKLM] -- {E81667C6-2856-46D6-ABEA-6A2F42166779} O42 - Logiciel: mMHouse - (.Intel Corporation.) [HKLM] -- {F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} O42 - Logiciel: mPfMgr - (.Intel Corporation.) [HKLM] -- {8B928BA1-EDEC-4227-A2DA-DD83026C36F5} O42 - Logiciel: mProSafe - (.Intel.) [HKLM] -- {23FB368F-1399-4EAC-817C-4B83ECBE3D83} O42 - Logiciel: mWlsSafe - (.Intel.) [HKLM] -- {FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} O42 - Logiciel: mXML - (.Intel Corporation.) [HKLM] -- {9CC89556-3578-48DD-8408-04E66EBEF401} ---\\ HKCU & HKLM Software Keys [HKCU\Software\?? ?? ???? ????? ??? ?? ????] [HKCU\Software\Acer] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ArcSoft] [HKCU\Software\Autodesk] [HKCU\Software\CamStudioOpenSource for Nick] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Compal] [HKCU\Software\CyberLink] [HKCU\Software\Deneba] [HKCU\Software\ESET] [HKCU\Software\ESRI] [HKCU\Software\Eden] [HKCU\Software\FAO of the UN and GPCC at DWD] [HKCU\Software\FUJIFILM] [HKCU\Software\Filzip] [HKCU\Software\GID] [HKCU\Software\Gabest] [HKCU\Software\Garmin] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\IncrediMail] [HKCU\Software\Informix] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Joshua F. Madison] [HKCU\Software\Lake] [HKCU\Software\Laventure] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\METRISPENTAX] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MapInfo] [HKCU\Software\MaraLite] [HKCU\Software\MediaTek] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\Northcode Inc] [HKCU\Software\Northwood] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\PC SOFT] [HKCU\Software\Panda Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Python 2.5] [HKCU\Software\Realtek] [HKCU\Software\SAMSUNG] [HKCU\Software\Safe Software Inc.] [HKCU\Software\Seagate Software] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\SystemSafe] [HKCU\Software\TanaSoft] [HKCU\Software\Usbfix] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSRevoGroup] [HKCU\Software\WinRAR SFX] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\ksdev] [HKCU\Software\nSplitter] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\ArcSoft] [HKLM\Software\Autodesk] [HKLM\Software\BrowserChoice] [HKLM\Software\Business Objects] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Compal] [HKLM\Software\ConversApi] [HKLM\Software\Convers] [HKLM\Software\CyberLink] [HKLM\Software\EPSON] [HKLM\Software\ESRI] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\Eset] [HKLM\Software\FLEXlm License Manager] [HKLM\Software\GID] [HKLM\Software\Gabest] [HKLM\Software\Garmin] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Géomédia] [HKLM\Software\HP] [HKLM\Software\HajeSoft] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\INTEL] [HKLM\Software\ImInstaller] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\InterVideo] [HKLM\Software\JavaRa] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KODAK] [HKLM\Software\Lake] [HKLM\Software\LightScribe] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\MCCI] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MapInfo] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewTech Infosystems] [HKLM\Software\Northwood] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\Panda Software] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Python] [HKLM\Software\Rainbow Technologies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safe Software Inc.] [HKLM\Software\Safenet Sentinel] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung] [HKLM\Software\Schlumberger] [HKLM\Software\Seagate Software] [HKLM\Software\Softland] [HKLM\Software\Sonic] [HKLM\Software\Sun Microsystems] [HKLM\Software\Swearware] [HKLM\Software\Synaptics] [HKLM\Software\SystemSafe] [HKLM\Software\Tanasoft] [HKLM\Software\The Silicon Realms Toolworks] [HKLM\Software\TrendMicro] [HKLM\Software\Vantage Software Technologies] [HKLM\Software\VideoLAN] [HKLM\Software\WexTech Systems] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Yahoo] [HKLM\Software\acer] [HKLM\Software\callas software gmbh] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] [HKLM\Software\nSplitter] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 19/08/2006 - 04:30:58 - [1414067034] ----D- C:\Program Files\Fichiers communs O43 - CFD: 19/08/2006 - 04:38:32 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 19/08/2006 - 04:38:32 - [21471559] ----D- C:\Program Files\MSN O43 - CFD: 19/08/2006 - 04:38:48 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 19/08/2006 - 04:38:50 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 19/08/2006 - 04:39:16 - [10949041] ----D- C:\Program Files\Movie Maker O43 - CFD: 19/08/2006 - 04:39:26 - [41055406] ----D- C:\Program Files\Windows Plus O43 - CFD: 19/08/2006 - 04:39:36 - [11993114] ----D- C:\Program Files\Windows Media Player O43 - CFD: 19/08/2006 - 04:40:04 - [1712] ----D- C:\Program Files\Online Services O43 - CFD: 19/08/2006 - 04:40:20 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 19/08/2006 - 04:41:54 - [5818328] ----D- C:\Program Files\Internet Explorer O43 - CFD: 19/08/2006 - 04:41:58 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 19/08/2006 - 04:41:58 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 19/08/2006 - 04:42:34 - [933] ----D- C:\Program Files\Services en ligne O43 - CFD: 19/08/2006 - 04:42:40 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 19/08/2006 - 04:45:10 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 19/08/2006 - 04:45:10 - [0] ----D- C:\Program Files\xerox O43 - CFD: 19/08/2006 - 04:51:42 - [9186547] ----D- C:\Program Files\Intel O43 - CFD: 19/08/2006 - 04:56:42 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 19/08/2006 - 04:58:30 - [13378677] ----D- C:\Program Files\FrenchOtto O43 - CFD: 19/08/2006 - 04:58:34 - [5071796] ----D- C:\Program Files\GemMasterFrench O43 - CFD: 19/08/2006 - 05:20:26 - [63817314] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 19/08/2006 - 05:20:28 - [48169367] ----D- C:\Program Files\Realtek O43 - CFD: 19/08/2006 - 05:21:08 - [581632] ----D- C:\Program Files\CONEXANT O43 - CFD: 19/08/2006 - 05:23:06 - [26967786] ----D- C:\Program Files\Synaptics O43 - CFD: 19/08/2006 - 05:24:08 - [1078062] ----D- C:\Program Files\Acer Inc O43 - CFD: 19/08/2006 - 05:24:56 - [1988019115] ----D- C:\Program Files\Adobe O43 - CFD: 19/08/2006 - 05:26:12 - [251667816] ----D- C:\Program Files\CyberLink O43 - CFD: 19/08/2006 - 05:31:32 - [161038521] ----D- C:\Program Files\NewTech Infosystems O43 - CFD: 06/10/2009 - 21:28:38 - [1855720] ----D- C:\Program Files\Launch Manager O43 - CFD: 06/10/2009 - 21:33:18 - [6576161] ----D- C:\Program Files\Yahoo! O43 - CFD: 07/10/2009 - 18:11:58 - [465246161] ----D- C:\Program Files\MapInfo O43 - CFD: 07/10/2009 - 18:21:18 - [54374263] ----D- C:\Program Files\ChronoVia O43 - CFD: 07/10/2009 - 18:22:04 - [56095968] ----D- C:\Program Files\ChronoMap O43 - CFD: 07/10/2009 - 18:23:38 - [348889] ----D- C:\Program Files\MapImagery O43 - CFD: 07/10/2009 - 18:23:40 - [7155435] ----D- C:\Program Files\GID O43 - CFD: 07/10/2009 - 18:25:00 - [4965656] ----D- C:\Program Files\ER Mapper O43 - CFD: 07/10/2009 - 20:36:48 - [45027738] ----D- C:\Program Files\Autodesk O43 - CFD: 07/10/2009 - 22:35:02 - [58090117] ----D- C:\Program Files\Canvas 6 O43 - CFD: 09/10/2009 - 06:45:12 - [3704864] ----D- C:\Program Files\CCleaner O43 - CFD: 09/10/2009 - 17:53:38 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 09/10/2009 - 17:58:24 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 10/10/2009 - 20:27:08 - [5110865] ----D- C:\Program Files\Bank O43 - CFD: 12/10/2009 - 22:12:14 - [286125467] ----D- C:\Program Files\Java O43 - CFD: 15/10/2009 - 11:01:10 - [3581070] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 15/10/2009 - 12:52:08 - [37084929] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 15/10/2009 - 13:00:34 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 15/10/2009 - 13:59:38 - [109864531] ----D- C:\Program Files\Google O43 - CFD: 15/10/2009 - 17:59:42 - [31565738] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 16/10/2009 - 21:50:22 - [238466313] ----D- C:\Program Files\Micro Application O43 - CFD: 16/10/2009 - 23:02:32 - [20118307] ----D- C:\Program Files\khi3 O43 - CFD: 19/10/2009 - 18:44:22 - [2745852] ----D- C:\Program Files\ConTEXT O43 - CFD: 19/10/2009 - 18:55:16 - [10175512] ----D- C:\Program Files\DAEMON Tools Pro O43 - CFD: 19/10/2009 - 20:12:10 - [323584] ----D- C:\Program Files\Bonjour O43 - CFD: 23/10/2009 - 17:34:54 - [136567951] ----D- C:\Program Files\Windows Live O43 - CFD: 23/10/2009 - 17:35:32 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 23/10/2009 - 17:36:04 - [1544075] ----D- C:\Program Files\Microsoft O43 - CFD: 23/10/2009 - 17:38:18 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 23/10/2009 - 17:40:32 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD: 02/11/2009 - 16:50:04 - [3239289767] ----D- C:\Program Files\ArcGIS O43 - CFD: 02/11/2009 - 17:32:58 - [240850775] ----D- C:\Program Files\Business Objects O43 - CFD: 03/11/2009 - 17:56:16 - [2618612] ----D- C:\Program Files\VS Revo Group O43 - CFD: 04/11/2009 - 10:14:36 - [50002] ----D- C:\Program Files\EPSON O43 - CFD: 10/11/2009 - 19:13:20 - [3711350] ----D- C:\Program Files\Filzip O43 - CFD: 12/11/2009 - 17:05:28 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 19/11/2009 - 21:07:00 - [575205664] ----D- C:\Program Files\AutoCAD 2008 O43 - CFD: 20/11/2009 - 17:48:28 - [386385049] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 22/11/2009 - 17:27:20 - [1959852] ----D- C:\Program Files\Seagate Software O43 - CFD: 22/11/2009 - 17:30:20 - [4952238] ----D- C:\Program Files\ER Mapper1 O43 - CFD: 02/12/2009 - 21:35:00 - [15383281] ----D- C:\Program Files\CDBurnerXP O43 - CFD: 03/12/2009 - 18:27:00 - [1595875] ----D- C:\Program Files\Trend Micro O43 - CFD: 16/12/2009 - 10:23:08 - [26500555] ----D- C:\Program Files\Sun O43 - CFD: 18/12/2009 - 19:50:10 - [3347608] ----D- C:\Program Files\Defraggler O43 - CFD: 20/12/2009 - 23:59:44 - [637813937] ----D- C:\Program Files\Microsoft Office O43 - CFD: 20/12/2009 - 23:59:44 - [315392] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 21/12/2009 - 00:00:22 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 21/12/2009 - 00:00:32 - [4368271] ----D- C:\Program Files\Microsoft Works O43 - CFD: 07/01/2010 - 21:23:50 - [29794014] ----D- C:\Program Files\MSECache O43 - CFD: 12/01/2010 - 12:35:52 - [268061] ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD: 14/01/2010 - 20:11:32 - [21175187] ----D- C:\Program Files\ESRI O43 - CFD: 14/01/2010 - 20:14:14 - [327659] ----D- C:\Program Files\SafeNet Sentinel O43 - CFD: 14/01/2010 - 20:46:28 - [1160840] ----D- C:\Program Files\Leica Geosystems O43 - CFD: 16/01/2010 - 22:56:34 - [119652303] ----D- C:\Program Files\eclipse O43 - CFD: 23/01/2010 - 11:09:10 - [3959044] ----D- C:\Program Files\FAOCLIM2 O43 - CFD: 25/01/2010 - 14:27:30 - [87595703] ----D- C:\Program Files\New_LocClim V1.10 O43 - CFD: 15/02/2010 - 12:37:46 - [8972952] ----D- C:\Program Files\Notepad++ O43 - CFD: 17/02/2010 - 13:29:12 - [130920069] ----D- C:\Program Files\GIMP-2.0 O43 - CFD: 09/03/2010 - 20:00:32 - [26483382] ----D- C:\Program Files\Solstice O43 - CFD: 16/03/2010 - 18:05:24 - [128613] ----D- C:\Program Files\NirSoft O43 - CFD: 05/04/2010 - 12:32:08 - [337644300] ----D- C:\Program Files\Microsoft Bootvis O43 - CFD: 05/04/2010 - 14:25:44 - [22641577] ----D- C:\Program Files\Glary Utilities O43 - CFD: 21/05/2010 - 11:52:14 - [78824123] ----D- C:\Program Files\VideoLAN O43 - CFD: 03/06/2010 - 11:47:00 - [42453231] ----D- C:\Program Files\Bouml O43 - CFD: 29/06/2010 - 08:54:08 - [1372057] ----D- C:\Program Files\FastStone Capture O43 - CFD: 02/07/2010 - 16:22:54 - [16374555] ----D- C:\Program Files\Kodak O43 - CFD: 02/07/2010 - 16:27:52 - [163185051] ----D- C:\Program Files\ArcSoft O43 - CFD: 02/07/2010 - 16:29:50 - [80854282] ----D- C:\Program Files\QuickTime O43 - CFD: 19/07/2010 - 13:39:24 - [23444560] ----D- C:\Program Files\IncrediMail O43 - CFD: 02/11/2010 - 10:52:04 - [180103167] ----D- C:\Program Files\AutoCAD 2004 O43 - CFD: 02/11/2010 - 10:54:18 - [3997789] ----D- C:\Program Files\AnswerWorks 4.0 O43 - CFD: 02/11/2010 - 11:52:08 - [184439123] ----D- C:\Program Files\Géomédia O43 - CFD: 08/11/2010 - 18:32:44 - [161142240] ----D- C:\Program Files\Samsung O43 - CFD: 08/11/2010 - 18:34:10 - [2916264] ----D- C:\Program Files\DIFX O43 - CFD: 04/12/2010 - 14:29:34 - [6983477] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 18/12/2010 - 13:43:02 - [4109787] ----D- C:\Program Files\ZHPDiag O43 - CFD: 30/12/2010 - 21:42:06 - [109535841] ----D- C:\Program Files\ESET O43 - CFD: 27/01/2011 - 12:12:26 - [18110254] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 06/02/2011 - 16:21:30 - [232992825] ----D- C:\Program Files\HP O43 - CFD: 06/02/2011 - 16:23:58 - [1731312] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 12/03/2011 - 15:25:08 - [1793087] ----D- C:\Program Files\Metris O43 - CFD: 29/03/2011 - 12:15:38 - [1293237] ----D- C:\Program Files\Softland O43 - CFD: 20/04/2011 - 08:04:30 - [278384412] ----D- C:\Program Files\DWG TrueView 2010 O43 - CFD: 18/05/2011 - 09:00:36 - [114802227] ----D- C:\Program Files\FinePixViewer O43 - CFD: 21/05/2011 - 18:24:28 - [12884363] ----D- C:\Program Files\LG Mobile O43 - CFD: 26/06/2011 - 07:43:00 - [112293845] ----D- C:\Program Files\Ad-Remover O43 - CFD: 14/07/2011 - 12:45:52 - [2518241] ----D- C:\Program Files\Free Window Registry Repair O43 - CFD: 19/07/2011 - 09:36:10 - [1772405] ----D- C:\Program Files\RogueRemover FREE O43 - CFD: 19/08/2006 - 04:30:58 - [355738203] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 19/08/2006 - 04:30:58 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 19/08/2006 - 04:31:02 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 19/08/2006 - 04:41:54 - [21139254] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 19/08/2006 - 04:42:10 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 19/08/2006 - 04:42:12 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 19/08/2006 - 05:20:18 - [18992922] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 19/08/2006 - 05:25:02 - [531677712] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 19/08/2006 - 05:31:38 - [13290844] ----D- C:\Program Files\Fichiers Communs\NewTech Infosystems O43 - CFD: 19/08/2006 - 05:32:20 - [6003080] ----D- C:\Program Files\Fichiers Communs\muvee Technologies O43 - CFD: 19/08/2006 - 05:32:38 - [6166972] ----D- C:\Program Files\Fichiers Communs\LightScribe O43 - CFD: 19/08/2006 - 06:19:00 - [450406] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 07/10/2009 - 20:35:40 - [96199712] ----D- C:\Program Files\Fichiers Communs\Autodesk Shared O43 - CFD: 07/10/2009 - 20:36:06 - [197904] ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 07/10/2009 - 20:36:48 - [930725] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 07/10/2009 - 21:27:04 - [72704] ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD: 12/10/2009 - 22:12:08 - [144899160] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 23/10/2009 - 17:27:32 - [91944076] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 02/11/2009 - 16:53:02 - [47463566] ----D- C:\Program Files\Fichiers Communs\ESRI O43 - CFD: 12/11/2009 - 20:32:18 - [0] ----D- C:\Program Files\Fichiers Communs\SWF Studio O43 - CFD: 14/01/2010 - 20:14:14 - [1806719] ----D- C:\Program Files\Fichiers Communs\SafeNet Sentinel O43 - CFD: 14/01/2010 - 20:48:12 - [5133227] ----D- C:\Program Files\Fichiers Communs\AnswerWorks 4.0 O43 - CFD: 02/07/2010 - 16:27:52 - [65048972] ----D- C:\Program Files\Fichiers Communs\ArcSoft O43 - CFD: 06/02/2011 - 16:23:24 - [457237] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 06/02/2011 - 16:26:42 - [2374144] ----D- C:\Program Files\Fichiers Communs\HP O43 - CFD: 19/08/2006 - 04:56:48 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Identities O43 - CFD: 19/08/2006 - 05:40:16 - [357229] ----D- C:\Documents and Settings\Léo\Application Data\Acer O43 - CFD: 19/08/2006 - 04:30:24 - [12696486] -S--D- C:\Documents and Settings\Léo\Application Data\Microsoft O43 - CFD: 21/05/2010 - 11:54:28 - [477376] ----D- C:\Documents and Settings\Léo\Application Data\vlc O43 - CFD: 04/06/2010 - 22:21:04 - [199] ----D- C:\Documents and Settings\Léo\Application Data\dvdcss O43 - CFD: 17/03/2010 - 16:12:22 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Media Player Classic O43 - CFD: 06/10/2009 - 21:33:10 - [1671] ----D- C:\Documents and Settings\Léo\Application Data\Macromedia O43 - CFD: 06/10/2009 - 21:54:02 - [10758] ----D- C:\Documents and Settings\Léo\Application Data\CyberLink O43 - CFD: 07/10/2009 - 18:13:18 - [2579592] ----D- C:\Documents and Settings\Léo\Application Data\MapInfo O43 - CFD: 07/10/2009 - 18:48:12 - [10874626] ----D- C:\Documents and Settings\Léo\Application Data\Thinstall O43 - CFD: 29/06/2010 - 08:55:32 - [2296] ----D- C:\Documents and Settings\Léo\Application Data\FastStone O43 - CFD: 02/07/2010 - 16:28:46 - [4161619] ----D- C:\Documents and Settings\Léo\Application Data\ArcSoft O43 - CFD: 07/10/2009 - 19:00:48 - [12542477] ----D- C:\Documents and Settings\Léo\Application Data\Adobe O43 - CFD: 07/10/2009 - 19:31:16 - [0] ----D- C:\Documents and Settings\Léo\Application Data\AdobeUM O43 - CFD: 02/07/2010 - 16:45:16 - [280] ----D- C:\Documents and Settings\Léo\Application Data\KodakCredentialStore O43 - CFD: 18/07/2010 - 11:58:58 - [169] ----D- C:\Documents and Settings\Léo\Application Data\gtk-2.0 O43 - CFD: 07/10/2009 - 20:35:40 - [20427528] ----D- C:\Documents and Settings\Léo\Application Data\Autodesk O43 - CFD: 02/07/2010 - 17:03:32 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Apple Computer O43 - CFD: 20/09/2010 - 10:02:54 - [9496] ----D- C:\Documents and Settings\Léo\Application Data\GARMIN O43 - CFD: 08/11/2010 - 18:38:42 - [1332228] ----D- C:\Documents and Settings\Léo\Application Data\Samsung O43 - CFD: 07/10/2009 - 18:53:34 - [11969613] ----D- C:\Documents and Settings\Léo\Application Data\Mozilla O43 - CFD: 07/10/2009 - 22:37:36 - [282] ----D- C:\Documents and Settings\Léo\Application Data\Help O43 - CFD: 06/02/2011 - 18:04:26 - [34522] ----D- C:\Documents and Settings\Léo\Application Data\HP O43 - CFD: 09/10/2009 - 18:24:46 - [21043285] ----D- C:\Documents and Settings\Léo\Application Data\Malwarebytes O43 - CFD: 18/05/2011 - 09:00:04 - [0] ----D- C:\Documents and Settings\Léo\Application Data\InstallShield O43 - CFD: 18/05/2011 - 09:01:38 - [117278] ----D- C:\Documents and Settings\Léo\Application Data\FUJIFILM O43 - CFD: 12/10/2009 - 22:08:36 - [116893991] ----D- C:\Documents and Settings\Léo\Application Data\Sun O43 - CFD: 15/10/2009 - 14:02:02 - [106107] ----D- C:\Documents and Settings\Léo\Application Data\Google O43 - CFD: 19/10/2009 - 19:02:48 - [44248] ----D- C:\Documents and Settings\Léo\Application Data\DAEMON Tools Pro O43 - CFD: 02/11/2009 - 17:25:22 - [7198062] ----D- C:\Documents and Settings\Léo\Application Data\ESRI O43 - CFD: 02/11/2009 - 21:01:34 - [43733] ----D- C:\Documents and Settings\Léo\Application Data\Intel O43 - CFD: 12/11/2009 - 20:32:16 - [0] -SH-D- C:\Documents and Settings\Léo\Application Data\.# O43 - CFD: 20/11/2009 - 17:52:38 - [4873315] ----D- C:\Documents and Settings\Léo\Application Data\OpenOffice.org O43 - CFD: 02/12/2009 - 21:35:46 - [5360] ----D- C:\Documents and Settings\Léo\Application Data\Canneverbe_Limited O43 - CFD: 04/12/2009 - 14:38:50 - [0] ----D- C:\Documents and Settings\Léo\Application Data\WinRAR O43 - CFD: 24/01/2010 - 10:55:32 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Safe Software O43 - CFD: 27/02/2010 - 08:29:46 - [106169] ----D- C:\Documents and Settings\Léo\Application Data\Notepad++ O43 - CFD: 05/04/2010 - 15:36:16 - [361796] ----D- C:\Documents and Settings\Léo\Application Data\GlarySoft O43 - CFD: 19/05/2010 - 17:46:28 - [18012] ----D- C:\Documents and Settings\Léo\Application Data\Yahoo! O43 - CFD: 19/08/2006 - 04:54:38 - [23992] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ApplicationHistory O43 - CFD: 19/08/2006 - 04:44:34 - [119882644] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft O43 - CFD: 07/10/2009 - 19:00:50 - [15403161] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Adobe O43 - CFD: 07/10/2009 - 20:36:10 - [34013180] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Autodesk O43 - CFD: 07/10/2009 - 22:37:36 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Help O43 - CFD: 09/10/2009 - 16:37:46 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\PCHealth O43 - CFD: 12/10/2009 - 22:09:20 - [47275520] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\{35A3A4F2-B792-11D6-A78A-00B0D0142160} O43 - CFD: 15/10/2009 - 13:37:00 - [55136] --H-D- C:\Documents and Settings\Léo\Local Settings\Application Data\acer eNM O43 - CFD: 15/10/2009 - 13:59:38 - [681401550] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Google O43 - CFD: 15/10/2009 - 17:59:54 - [42838456] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Mozilla O43 - CFD: 04/11/2009 - 08:51:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft Help O43 - CFD: 28/11/2009 - 15:35:08 - [1567594] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Xenocode O43 - CFD: 18/03/2010 - 14:14:04 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Temp O43 - CFD: 19/05/2010 - 17:46:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Yahoo O43 - CFD: 02/07/2010 - 16:28:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ArcSoft O43 - CFD: 02/07/2010 - 16:29:42 - [9396] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Apple Computer O43 - CFD: 02/07/2010 - 16:40:20 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\KodakGallery O43 - CFD: 19/07/2010 - 13:39:40 - [13595597] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\IM O43 - CFD: 19/08/2006 - 04:54:38 - [23992] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ApplicationHistory O43 - CFD: 19/08/2006 - 04:44:34 - [119882644] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft O43 - CFD: 07/10/2009 - 19:00:50 - [15403161] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Adobe O43 - CFD: 07/10/2009 - 20:36:10 - [34013180] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Autodesk O43 - CFD: 07/10/2009 - 22:37:36 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Help O43 - CFD: 09/10/2009 - 16:37:46 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\PCHealth O43 - CFD: 12/10/2009 - 22:09:20 - [47275520] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\{35A3A4F2-B792-11D6-A78A-00B0D0142160} O43 - CFD: 15/10/2009 - 13:37:00 - [55136] --H-D- C:\Documents and Settings\Léo\Local Settings\Application Data\acer eNM O43 - CFD: 15/10/2009 - 13:59:38 - [681401550] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Google O43 - CFD: 15/10/2009 - 17:59:54 - [42838456] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Mozilla O43 - CFD: 04/11/2009 - 08:51:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft Help O43 - CFD: 28/11/2009 - 15:35:08 - [1567594] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Xenocode O43 - CFD: 18/03/2010 - 14:14:04 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Temp O43 - CFD: 19/05/2010 - 17:46:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Yahoo O43 - CFD: 02/07/2010 - 16:28:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ArcSoft O43 - CFD: 02/07/2010 - 16:29:42 - [9396] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Apple Computer O43 - CFD: 02/07/2010 - 16:40:20 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\KodakGallery O43 - CFD: 19/07/2010 - 13:39:40 - [13595597] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\IM ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.7CEE1200FEFFFFFF57494E444F577E31] - 19/07/2011 - 11:58:22 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1111979] O44 - LFC:[MD5.A2CB40CDD8BA0B3617F167538DDAE8CA] - 19/07/2011 - 11:57:58 ---A- . (...) -- C:\WINDOWS\Filzip.ini [41] O44 - LFC:[MD5.357788DED650FB0B89360E7706875865] - 19/07/2011 - 11:52:26 ---A- . (...) -- C:\WINDOWS\System32\eRLog.ini [451] O44 - LFC:[MD5.6AB0FD4BEE15FA1C35F74DFAFC09A68A] - 19/07/2011 - 11:51:14 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [51048] O44 - LFC:[MD5.E080DEED72BCD16BEF4F87B600F149C7] - 19/07/2011 - 11:49:54 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [1805744] O44 - LFC:[MD5.7CEE1200FEFFFFFF0000000098F11200] - 19/07/2011 - 11:47:22 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/07/2011 - 11:46:14 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 19/07/2011 - 11:45:48 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.7CEE1200FEFFFFFF53434845444C4755] - 19/07/2011 - 11:44:36 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32604] O44 - LFC:[MD5.7CEE1200FEFFFFFF0000000098F11200] - 19/07/2011 - 11:44:36 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.873EA3362AA6AC9B704F6C27D2CC7445] - 19/07/2011 - 11:44:34 ---A- . (...) -- C:\WINDOWS\bthservsdp.dat [12] O44 - LFC:[MD5.7BF8E905406310216EB99708131E5337] - 19/07/2011 - 10:51:26 ---A- . (...) -- C:\TB.txt [2670] O44 - LFC:[MD5.7814A63FD239A5B4C05EF7C9F816DC74] - 19/07/2011 - 10:45:14 ---A- . (...) -- C:\TCleaner.txt [1025] O44 - LFC:[MD5.B01D8D7A13B4E8CD10F7769692F81C5D] - 18/07/2011 - 07:06:52 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.26661C877FCA4EEC47F61052AF67AC0C] - 14/07/2011 - 12:35:02 ---A- . (...) -- C:\rapport.txt [6695] O44 - LFC:[MD5.626237E28D84E6DDB251771D95E38E9D] - 14/07/2011 - 12:31:46 ---A- . (...) -- C:\WINDOWS\System32\tmp.reg [4330] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/07/2011 - 12:31:46 ---A- . (...) -- C:\WINDOWS\System32\tmp.txt [0] O44 - LFC:[MD5.5DE2A420AD61448C59EF9962415CB79E] - 14/07/2011 - 12:30:42 ---A- . (...) -- C:\UsbFix.txt [1201] O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712] O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [41272] O44 - LFC:[MD5.7BCB7E61D2BEFAC34A0F0F9C5E15D89A] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1121138] O44 - LFC:[MD5.FDABEF82D2034A8AB3220450AEBDB74E] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [76308] O44 - LFC:[MD5.91D8DEDE040FE63D898D5215B9C3F6F5] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [90624] O44 - LFC:[MD5.22D04EA91CAF1EAFEA2AB8A29E3138DE] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [456864] O44 - LFC:[MD5.54C1659C19FDF87A404BC7C8E715F073] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [527446] O44 - LFC:[MD5.A296C42922D794E3FD2175F197F62D49] - 01/07/2011 - 08:24:44 ---A- . (...) -- C:\WINDOWS\win.ini [677] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/06/2011 - 16:46:04 ---A- . (...) -- C:\cmserver.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/06/2011 - 16:46:04 ---A- . (...) -- C:\conmgr.log [0] O44 - LFC:[MD5.9CB3416D6853D3098EA3584AB1A79BD1] - 26/06/2011 - 09:12:58 ---A- . (...) -- C:\WINDOWS\ModemLog_SAMSUNG CDMA Modem #2.txt [10362] O44 - LFC:[MD5.7BD0E96A92AF51E5BE11E432062F44A5] - 26/06/2011 - 09:10:20 ---A- . (...) -- C:\UsbFix_Upload_Me_SUPERADA.zip [4547] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"SENTINEL"="snti386.dll" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\System32\snti386.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \drivers.desc\"snti386.dll"="Sentinel for i386 Systems" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\System32\snti386.dll ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Acer ePower Management [Key] . (.Acer Value Labs, Taiwan - Acer ePower Management.) -- C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe O53 - SMSR:HKLM\...\startupreg\ArcSoft Connection Service [Key] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Pro Agent [Key] . (.DT Soft Ltd. - DAEMON Tools Pro Tray Application.) -- C:\Program Files\DAEMON Tools Pro\DTProAgent.exe O53 - SMSR:HKLM\...\startupreg\IncrediMail [Key] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe O53 - SMSR:HKLM\...\startupreg\MediaDico [Key] . (.L'Aventure Multimedia - Pas de description.) -- C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe O53 - SMSR:HKLM\...\startupreg\ntiMUI [Key] . (...) -- C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles O55 - MWPS:[HKLM\...\Policies\System] - "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.C1D5CBD8AA0D674DA1BA1BB189696396] - 19/07/2011 - 16:52:30 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys [721280] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 19/07/2011 - 20:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 19/07/2011 - 20:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys [40960] O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 19/07/2011 - 20:00:00 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys [179584] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 19/07/2011 - 20:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 19/07/2011 - 20:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 19/07/2011 - 20:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 19/07/2011 - 20:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 19/07/2011 - 20:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 19/07/2011 - 20:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 19/07/2011 - 20:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.9D1177C2A8DE936B33D85FF75E8CBF1A] - 19/07/2011 - 16:58:24 ---A- . (.OSA Technologies, An Avocent Company - OSA I/O Port Driver.) -- C:\WINDOWS\system32\drivers\osaio.sys [7296] O58 - SDL:[MD5.B3C1B187FEFC941F63CE0DF93D02EB9F] - 19/07/2011 - 07:22:00 ---A- . (.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\WINDOWS\system32\drivers\sentinel.sys [90176] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 19/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 19/07/2011 - 20:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys [43008] O58 - SDL:[MD5.D956358054E99E6FFAC69CD87E893A89] - 19/07/2011 - 22:18:00 ---A- . (.GARMIN Corp. - grmnusb.sys.) -- C:\WINDOWS\system32\drivers\grmnusb.sys [8320] O58 - SDL:[MD5.F76CB7259AA575CC53F3996BC6B68C18] - 19/07/2011 - 10:55:22 ---A- . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS [12464] O58 - SDL:[MD5.617ACCADA2E0A0F43EC6030BBAC49513] - 19/07/2011 - 20:02:08 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [20576] O58 - SDL:[MD5.7CEE1200FEFFFFFF000000002CF11200] - 21/05/2011 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [685816] O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 19/07/2011 - 12:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80272] O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 19/07/2011 - 12:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [11188] O58 - SDL:[MD5.A902A7E76C245210EEE9EF5185158E9C] - 19/07/2011 - 10:20:52 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys [218496] O58 - SDL:[MD5.FD396CA96D4F129BB463ED7DCEF453CA] - 19/07/2011 - 22:18:00 ---A- . (.GARMIN Corp. - Generic WDM Support Driver.) -- C:\WINDOWS\system32\drivers\grmngen.sys [18432] O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 19/07/2011 - 12:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [11188] O58 - SDL:[MD5.C9F4E7DA78A02623ABF78A4A34CE79B1] - 19/07/2011 - 16:53:24 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys [998656] O58 - SDL:[MD5.E246A32C445056996074A397DA56E815] - 19/07/2011 - 15:57:08 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [12544] O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [137884] O58 - SDL:[MD5.0F0194C4B635C10C3F785E4FEE52D641] - 19/07/2011 - 12:47:06 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys [1166972] O58 - SDL:[MD5.436D2A8B24E9B407155A177548B02AF2] - 19/07/2011 - 04:33:50 R--A- . (.JOA - JOA Mobile USB Device.) -- C:\WINDOWS\system32\drivers\JA_bus.sys [22144] O58 - SDL:[MD5.2F64E5F1E4C9AE78346695238F82EFEC] - 19/07/2011 - 04:33:50 R--A- . (.JOA - JOA Mobile USB Modem.) -- C:\WINDOWS\system32\drivers\JA_mdm.sys [40064] O58 - SDL:[MD5.372D0557ACFED311D7A78E7CCD5DDAB0] - 19/07/2011 - 04:33:50 R--A- . (.JOA - JOA USB Filter Drivers.) -- C:\WINDOWS\system32\drivers\JA_flt.sys [3456] O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [11877] O58 - SDL:[MD5.C768C8A463D32C219CE291645A0621A4] - 19/07/2011 - 14:17:00 ---A- . (.Broadcom Corporation - Broadcom Corporation NDIS 5.1 ethernet driver.) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys [45312] O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [11877] O58 - SDL:[MD5.0A58FADE5E12D3A611427292073362CB] - 19/07/2011 - 19:17:38 ---A- . (.ENE Technology Inc. - ENE PCI SmartMedia / XD Card Reader Driver.) -- C:\WINDOWS\system32\drivers\ESM7SK.sys [74752] O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [10864] O58 - SDL:[MD5.5AEE9EEDCFBF2B0F9DEC53C27EE722A3] - 19/07/2011 - 19:17:36 ---A- . (.ENE Technology Inc. - ENE PCI Memory Stick Card Reader Driver.) -- C:\WINDOWS\system32\drivers\EMS7SK.sys [61056] O58 - SDL:[MD5.909D03B3B7FB7C830B74F74F4D0EA7CE] - 19/07/2011 - 16:25:24 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys [4304384] O58 - SDL:[MD5.8E56AB21D10C368029CEA57DE47D79C2] - 19/07/2011 - 19:17:38 ---A- . (.ENE Technology Inc. - ENE PCI Secure Digital / MMC Card Reader Driver.) -- C:\WINDOWS\system32\drivers\ESD7SK.sys [40064] O58 - SDL:[MD5.3245BEE5176697FAF0744A2E1288DC77] - 19/07/2011 - 15:57:16 ---A- . (.Windows ® 2000 DDK provider - Windows int15 Driver.) -- C:\WINDOWS\system32\drivers\osanbm.sys [4010] O58 - SDL:[MD5.6A25F27202F3122A44A6B74EE46E7A76] - 19/07/2011 - 12:13:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\NETMNT.sys [9600] O58 - SDL:[MD5.A8EB0AA07632A4C936FF6F8EDA5BDEAD] - 19/07/2011 - 14:16:00 ---A- . (.SMSC - SMSC IrCC NDIS 5.0 IrDA FIR Device Driver.) -- C:\WINDOWS\system32\drivers\smcirda.sys [46080] O58 - SDL:[MD5.66F680409FC3BDDF62741E3E920A8454] - 19/07/2011 - 12:52:30 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [192672] O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 19/07/2011 - 05:31:14 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys [6144] O58 - SDL:[MD5.26C4A4B64D1DD8E6FDFB2F4897BE029C] - 19/07/2011 - 18:20:44 ---A- . (.OSA Technologies - Filesystem Lock driver.) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys [12106] O58 - SDL:[MD5.1F76996253071CBAE0A5AB5D8551EF88] - 19/07/2011 - 15:34:40 ---A- . (.OSA Technologies - NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\NdisFilt.sys [4392] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 19/07/2011 - 21:17:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.7AC43C38CA8FD7ED0B0A4466F753E06E] - 19/07/2011 - 01:04:40 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 19/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.30CA91E657CEDE2F95359D6EF186F650] - 19/07/2011 - 01:04:40 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49664] O58 - SDL:[MD5.EFD31AFA752AA7C7BBB57BCBE2B01C78] - 19/07/2011 - 01:04:40 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496] O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 19/07/2011 - 20:00:00 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys [17280] O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 19/07/2011 - 20:00:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys [5248] O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 19/07/2011 - 20:00:00 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys [30688] O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 19/07/2011 - 20:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys [14848] O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 19/07/2011 - 20:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys [26496] O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 19/07/2011 - 20:00:00 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys [36736] O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 19/07/2011 - 20:00:00 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys [6656] O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 19/07/2011 - 20:00:00 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys [19072] O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 19/07/2011 - 20:00:00 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys [28384] O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 19/07/2011 - 20:00:00 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys [16256] O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 19/07/2011 - 20:00:00 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys [32640] O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 19/07/2011 - 20:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys [40320] O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 19/07/2011 - 20:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys [49024] O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 19/07/2011 - 20:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys [45312] O58 - SDL:[MD5.C79918A5BD269035F3A34D157401B9DF] - 19/07/2011 - 12:17:24 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\WINDOWS\system32\drivers\w39n51.sys [1429632] O58 - SDL:[MD5.59E5D945934EC2E7EAA22AF81813DABF] - 19/07/2011 - 05:58:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 86.02.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3685152] O58 - SDL:[MD5.08D30AF92C270F2E76787C81589DBAD6] - 19/07/2011 - 14:10:00 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS [16896] O58 - SDL:[MD5.1CC074E0D48383D4E9BFFC6A26C2A58A] - 19/07/2011 - 12:09:26 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- C:\WINDOWS\system32\drivers\s24trans.sys [13568] O58 - SDL:[MD5.12DAFD934641DCF61E446313BC261EC2] - 19/07/2011 - 21:29:48 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21275] O58 - SDL:[MD5.D68564FCFBDFC04280CDBBB37CF7EF7F] - 19/07/2011 - 12:41:04 ---A- . (.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) -- C:\WINDOWS\system32\drivers\epm-psd.sys [4096] O58 - SDL:[MD5.50425CBD80468BF53BA90F0D7CC61805] - 19/07/2011 - 12:41:04 ---A- . (.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) -- C:\WINDOWS\system32\drivers\epm-shd.sys [78208] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 19/07/2011 - 18:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 19/07/2011 - 20:33:26 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248] O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 19/07/2011 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys [5248] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: UsbFix By TeamXscript - (.TeamXscript.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: RSIT - (.random/random.) O63 - Logiciel: Toolbar SD - (.IDN Team.) O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.) ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 06/02/2009 - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe - ArcSoft Connect Daemon(ACDaemon) .(.ArcSoft Inc. - ArcSoft Connect Service.) - LEGACY_ACDAEMON O64 - Services: CurCS - 06/10/2009 - C:\WINDOWS\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.4.9.0(AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\aliide.sys - AliIde(AliIde) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\DRIVERS\amdagp.sys - Pilote de filtre du bus AMD AGP(amdagp) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\asc.sys - asc(asc) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\asc3550.sys - asc3550(asc3550) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550 O64 - Services: CurCS - 24/10/2005 - C:\Acer\Empowering Technology\admServ.exe - AdminWorks Agent X6(AWService) .(.Avocent Inc. - Service Program for Acer.) - LEGACY_AWSERVICE O64 - Services: CurCS - 02/11/2010 - C:\WINDOWS\system32\drivers\CDAC11BA.exe - C-DillaCdaC11BA(C-DillaCdaC11BA) .(.Macrovision - Macrovision RTS Service.) - LEGACY_C-DILLACDAC11BA O64 - Services: CurCS - 02/11/2010 - C:\WINDOWS\system32\drivers\CDAC15BA.sys - CdaC15BA(CdaC15BA) .(.Macrovision Europe Ltd - Macrovision SECURITY Driver.) - LEGACY_CDAC15BA O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\cmdide.sys - CmdIde(CmdIde) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\dac2w2k.sys - dac2w2k(dac2w2k) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 23/01/2006 - C:\WINDOWS\system32\drivers\epm-psd.sys - Acer EPM Power Scheme Driver(EpmPsd) .(.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) - LEGACY_EPMPSD O64 - Services: CurCS - 23/01/2006 - C:\WINDOWS\system32\drivers\epm-shd.sys - Acer EPM System Hardware Driver(EpmShd) .(.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) - LEGACY_EPMSHD O64 - Services: CurCS - 28/11/2005 - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - Intel® PROSet/Wireless Event Log(EvtEng) .(.Intel Corporation - Intel® PROSet/Wireless Event Log.) - LEGACY_EVTENG O64 - Services: CurCS - 15/10/2009 - C:\Program Files\Google\Update\GoogleUpdate.exe - Google Update Service (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - 30/10/2009 - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater(gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - 13/01/2005 - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15.sys (int15.sys) .(...) - LEGACY_INT15.SYS O64 - Services: CurCS - 02/02/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 18/05/2006 - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service(LightScribeService) .(.Hewlett-Packard Company - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl059fd6f3.sys (.not file.) - MpKsl059fd6f3 (MpKsl059fd6f3) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl14c7559d.sys (.not file.) - MpKsl14c7559d (MpKsl14c7559d) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl1545e10f.sys (.not file.) - MpKsl1545e10f (MpKsl1545e10f) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsl31e6e356.sys (.not file.) - MpKsl31e6e356 (MpKsl31e6e356) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66EB5A84-FB4A-4DF8-8849-D2D09FD73757}\MpKsl4264fd3c.sys (.not file.) - MpKsl4264fd3c (MpKsl4264fd3c) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CC8B1738-7BE2-4955-B7D7-3042B74182B5}\MpKsl5ee0c2c1.sys (.not file.) - MpKsl5ee0c2c1 (MpKsl5ee0c2c1) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{24C39D1F-3634-419A-822B-A42832432D6D}\MpKsl78a03ae0.sys (.not file.) - MpKsl78a03ae0 (MpKsl78a03ae0) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl865e3a82.sys (.not file.) - MpKsl865e3a82 (MpKsl865e3a82) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKslc380be54.sys (.not file.) - MpKslc380be54 (MpKslc380be54) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5AC1D08C-71FF-426E-B7B0-4518D6E10500}\MpKsld2d7d400.sys (.not file.) - MpKsld2d7d400 (MpKsld2d7d400) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsld3c648d7.sys (.not file.) - MpKsld3c648d7 (MpKsld3c648d7) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F0134EE-93F4-4D17-9B3F-60CB6DD7EE45}\MpKsle761210b.sys (.not file.) - MpKsle761210b (MpKsle761210b) .(...) - L O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{79A2899B-1775-4AB8-ABE0-1EC13EAFDB28}\MpKslfdcc348c.sys (.not file.) - MpKslfdcc348c (MpKslfdcc348c) .(...) - L O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\mraid35x.sys - mraid35x(mraid35x) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X O64 - Services: CurCS - 13/09/2005 - C:\WINDOWS\System32\Drivers\NdisFilt.sys - OSA NdisFilter Protocol(NdisFilt) .(.OSA Technologies - NDIS Filter Driver.) - LEGACY_NDISFILT O64 - Services: CurCS - 02/05/2005 - C:\WINDOWS\System32\DRIVERS\NETMNT.sys - Acer NetMonitor Protocol (NETMNT) .(...) - LEGACY_NETMNT O64 - Services: CurCS - 06/09/2009 - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccessU (NMSAccessU) .(...) - LEGACY_NMSACCESSU O64 - Services: CurCS - 20/07/2006 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 86.02.) - LEGACY_NVSVC O64 - Services: CurCS - 30/06/2005 - C:\WINDOWS\system32\drivers\osaio.sys - osaio(osaio) .(.OSA Technologies, An Avocent Company - OSA I/O Port Driver.) - LEGACY_OSAIO O64 - Services: CurCS - 14/01/2005 - C:\WINDOWS\system32\drivers\osanbm.sys - osanbm(osanbm) .(.Windows ® 2000 DDK provider - Windows int15 Driver.) - LEGACY_OSANBM O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ql1080.sys - ql1080(ql1080) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080 O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ql12160.sys - ql12160(ql12160) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160 O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ql1280.sys - ql1280(ql1280) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280 O64 - Services: CurCS - 28/11/2005 - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - Intel® PROSet/Wireless Registry Service(RegSrvc) .(.Intel Corporation - Intel® PROSet/Wireless Registry Service.) - LEGACY_REGSRVC O64 - Services: CurCS - 28/11/2005 - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - Intel® PROSet/Wireless Service(S24EventMonitor) .(.Intel Corporation - Wireless Management Service.) - LEGACY_S24EVENTMONITOR O64 - Services: CurCS - 28/11/2005 - C:\WINDOWS\System32\DRIVERS\s24trans.sys - Transport RLAN(s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS O64 - Services: CurCS - 14/03/2006 - C:\WINDOWS\system32\Drivers\SENTINEL.sys - Sentinel(Sentinel) .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL O64 - Services: CurCS - 14/03/2006 - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe - Sentinel Protection Server(SentinelProtectionServer) .(.SafeNet, Inc - Pas de description.) - LEGACY_SENTINELPROTECTI O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\DRIVERS\sisagp.sys - Filtre de bus AGP SIS(sisagp) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\sparrow.sys - Sparrow(Sparrow) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW O64 - Services: CurCS - 21/05/2011 - C:\WINDOWS\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\symc810.sys - symc810(symc810) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810 O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\symc8xx.sys - symc8xx(symc8xx) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\sym_hi.sys - sym_hi(sym_hi) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\sym_u3.sys - sym_u3(sym_u3) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3 O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ultra.sys - ultra(ultra) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA O64 - Services: CurCS - 10/12/2008 - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe - wampapache(wampapache) .(.Apache Software Foundation - Apache HTTP Server.) - LEGACY_WAMPAPACHE O64 - Services: CurCS - 17/06/2009 - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe - wampmysqld (wampmysqld) .(...) - LEGACY_WAMPMYSQLD O64 - Services: CurCS - 09/11/2008 - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - Yahoo! Updater(YahooAUService) .(.Yahoo! Inc. - AutoUpater Service Module.) - LEGACY_YAHOOAUSERVICE ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Léo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {2024B6A0-965E-43BC-A512-622C1A1483A5} - (Yahoo! Search) - Yahoo! Search - Recherche Web O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - Bing O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredimail.com O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo! Search) - Yahoo! Search - Recherche Web O69 - SBI: SearchScopes [HKCU] {F55DF861-E933-4615-94B5-BE67D41025EA} - (Bing) - Bing ---\\ Scan Additionnel (O88) Database Version : 8467 - (05/07/2011) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 19/07/2011 109056 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe SS - | Demand 19/07/2011 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe SR - | Auto 19/07/2011 1372160 | (ArcGIS License Manager) . (.Macrovision Corporation.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe SS - | Demand 19/07/2011 85096 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe SR - | Auto 19/07/2011 1314816 | (AWService) . (.Avocent Inc..) - C:\Acer\Empowering Technology\admServ.exe SR - | Auto 19/07/2011 229376 | ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 19/07/2011 54784 | (C-DillaCdaC11BA) . (.Macrovision.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe SS - | Demand 19/07/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SR - | Auto 19/07/2011 114753 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe SS - | Demand 19/07/2011 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 19/07/2011 133104 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 19/07/2011 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 19/07/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 19/07/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 19/07/2011 49152 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe SR - | Auto 19/07/2011 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe SR - | Auto 19/07/2011 143426 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SS - | Auto 19/07/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\SYSTEM32\HPZipm12.exe SR - | Auto 19/07/2011 217164 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe SR - | Auto 19/07/2011 540745 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe SR - | Auto 19/07/2011 206400 | (SentinelProtectionServer) . (.SafeNet, Inc.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe SS - | Demand 19/07/2011 24636 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe SS - | Demand 19/07/2011 6582912 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe SR - | Auto 19/07/2011 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Léo at 19/07/2011 12:05:40 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x873798AC]<< C:\WINDOWS\system32\drivers\sptd.sys 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x87280958] 3 CLASSPNP[0xF76B2FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\000000c2[0x872CC9E8] 5 ACPI[0xF73A6620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x872E3940] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Léo at 19/07/2011 12:05:42 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.7CEE1200FEFFFFFF000000002CF11200] - 21/05/2011 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [685816] End of the scan (1469 lines in 05mn 16s)(0)

Bonjour Bernard53 et bonjour à tous Merci à tous et particulièrement à toi Bernard53 # DelFix v8.1 - Rapport créé le 12/07/2011 à 06:50 # Mis à jour le 20/06/11 à 19h par Xplode # Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3 # Nom d'utilisateur : dranoel - SALLE-TIRAGE (Administrateur) # Exécuté depuis : C:\Documents and Settings\dranoel\Mes documents\Téléchargements\delfix.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ Supprimé : C:\RSIT Supprimé : C:\USBFix Supprimé : C:\Program Files\Ad-Remover Supprimé : C:\Program Files\ZHPDiag Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\Ad-Report-SCAN[1].txt Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\rapport.txt Supprimé : C:\UsbFix.txt Supprimé : C:\UsbFix_Upload_Me_SALLE-TIRAGE.zip Supprimé : C:\ZHPExportRegistry-08-07-2011-07-41-02.txt Supprimé : C:\WINDOWS\System32\tmp.reg Supprimé : C:\WINDOWS\System32\tmp.txt Supprimé : C:\Documents and Settings\dranoel\Bureau\AD-R.lnk Supprimé : C:\Documents and Settings\dranoel\Bureau\ZHPDiag2.exe Supprimé : C:\Documents and Settings\dranoel\Bureau\ZHPFix.exe Supprimé : C:\Documents and Settings\dranoel\Bureau\ZHPFixReport.txt Supprimé : C:\Documents and Settings\dranoel\Mes documents\Téléchargements\RSIT.exe Supprimé : C:\Documents and Settings\dranoel\Mes documents\Téléchargements\SmitfraudFix.exe Supprimé : C:\Documents and Settings\dranoel\Mes documents\Téléchargements\Zeb-Restore.zip Supprimé : C:\Documents and Settings\dranoel\Mes documents\Téléchargements\ZHPFix.exe ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\SOFTWARE\Ad-Remover Clé Supprimée : HKCU\SOFTWARE\USBFix Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZHP Clé Supprimée : HKLM\Software\TrendMicro\Hijackthis Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autre ~~~~~~ -> Prefetch vidé ########## EOF - "C:\DelFixSuppr.txt" - [2237 octets] ##########

Bernard53, je veux te dire que mon PC est comme une voiture sur autoroute. Pour accéder à mon poste de travail, c'était toute une bataille. je viens de constater que ça va. Merci infiniment

Bonjour à tous Bonjour Bernard53 et merci J'ai fait le nécessaire et voici le rapport Rapport de ZHPFix 1.12.3336 par Nicolas Coolman, Update du 07/07/2011 Fichier d'export Registre : Run by dranoel at 08/07/2011 07:41:02 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: CLSID BHO: {0000CC75-ACF3-4cac-A0A9-DD3868E06852} SUPPRIME Key: Service: 0135551257510229mcinstcleanup SUPPRIME Key: Service: Hyper File Server : DGCC-LOME SUPPRIME Key: Service Legacy: LEGACY_0135551257510229MCINSTCLEANUP SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0000CC75-ACF3-4cac-A0A9-DD3868E06852} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0000CC75-ACF3-4cac-A0A9-DD3868E06852} SUPPRIME Key: HKLM\Software\Classes\CLSID\{0000CC75-ACF3-4cac-A0A9-DD3868E06852} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000CC75-ACF3-4cac-A0A9-DD3868E06852} ========== Valeur(s) du Registre ========== SUPPRIME Toolbar: {0BF43445-2F28-4351-9252-17FE6E806AA0} SUPPRIME Toolbar: {62999427-33FC-4baf-9C9C-BCE6BD127F08} SUPPRIME FirewallRaz (DP) : C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe SUPPRIME FirewallRaz (DP) : \\Serveur\C$\BACKUP PREVENTIF\Serveur HF\Centre de Controle HF\CC100HF.exe SUPPRIME FirewallRaz (DP) : E:\Softs\Nero\Nero 7\Installation\Setupx.exe Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Elément(s) de donnée du Registre ========== SUPPRIME Explorer Association Data Application: File extension redirect SUPPRIME Explorer Association Data Intl: File extension redirect SUPPRIME Explorer Association Data XMLLookup: File extension redirect ========== Dossier(s) ========== SUPPRIME Flash Cookies: 2 SUPPRIME Temporaires Windows: : 26 ========== Fichier(s) ========== SUPPRIME c:\program files\dap\dapbho.dll SUPPRIME c:\program files\dap\dapiebar.dll SUPPRIME Flash Cookies: 3 SUPPRIME Temporaires Windows: : 117 ========== Récapitulatif ========== 8 : Clé(s) du Registre 6 : Valeur(s) du Registre 3 : Elément(s) de donnée du Registre 2 : Dossier(s) 4 : Fichier(s) ========== Chemin du fichier rapport ========== C:\Program Files\ZHPFix\ZHPFixReport.txt End of the scan in 00mn 04s

Voici le rapport du diagnostic Rapport de ZHPDiag v1.27.24 par Nicolas Coolman, Update du 05/07/2011 Run by dranoel at 06/07/2011 11:00:30 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 5.0 v (Defaut) ---\\ System Information Windows XP Professional Service Pack 3 (Build 2600) Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2038 MB (61% free) System Restore: Activé (Enable) System drive C: has 25 GB (16%) free of 149 GB ---\\ Logged in mode Computer Name: SALLE-TIRAGE User Name: dranoel All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Documents and Settings\dranoel\Application Data\ ~ %Desktop%=C:\Documents and Settings\dranoel\Bureau\ ~ %Favorites%=C:\Documents and Settings\dranoel\Favoris\ ~ %LocalAppData%=C:\Documents and Settings\dranoel\Local Settings\Application Data\ ~ %StartMenu%=C:\Documents and Settings\dranoel\Menu Démarrer\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 149 Go) D:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: Modified ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.06/07/2011 - 19:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/07/2011 - 04:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.06/07/2011 - 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.06/07/2011 - 11:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.06/07/2011 - 12:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/4 ~ Mes musiques (My Musics) : 1/2 ~ Mes Videos (My Video) : 0/0 ~ Mes Favoris (My Favorites) : 2/61 ~ Mes Documents (My Documents) : 4/61 ~ Mon Bureau (My Desktop) : 3/2737 ~ Menu demarrer (Programs) : 6/34 ---\\ Processus lancés [MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [MD5.717EBC644D096C77B39B6B6A174D1B49] - (.Macrovision Corporation - Pas de description.) -- C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe [1372160] [MD5.9BDBDA21D3BA8E374FD06A405BE10215] - (.Macrovision - Macrovision RTS Service.) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE [54784] [MD5.C1236550E7CD79D1C47313BC616498D3] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [166424] [MD5.FB1E1DF4F915BE2CC6194E60C8290860] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [137752] [MD5.3ABE228565C5E57CA3FB7B51EFFE9A0C] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [MD5.AA9778EF3D1FA1191D247C192005FDC9] - (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.EXE [127036] [MD5.BD935D4F16C3B49AD58F6071A0AFFCF4] - (.Macrovision Corporation - Macrovision Software Manager Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [86960] [MD5.5A7A792D32CC1126F9D80B8D4653C723] - (...) -- C:\Program Files\USBAntiVirus\USBAntiVirus.exe [488448] [MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152] [MD5.2BAD84B393AF47006D80BA2F03B18029] - (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [213936] [MD5.05597A464226C8323B7344CAF37D4335] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2289664] [MD5.78BFE3201ADA2FE02D1E35D2488E5F55] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [217193] [MD5.2FE253973433442C2CB234FB2BC4BF29] - (.WinZip Computing, Inc. - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE [106560] [MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [MD5.4486AD32BB05628967695FCA1BADD46E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.2426404594FE5DC8D2FFE8684D936B1E] - (.PC SOFT - manta.exe (Moteur HyperFileSQL Client/Serve.) -- C:\Program Files\PC SOFT\Serveur HyperFileSQL\Manta.exe [180736] [MD5.C773D093D5C18765E71C7992AEE051A2] - (.Nero AG - incdsrv.) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1550896] [MD5.8E8C8A4DD41B0C3CE87636E43BC38441] - (.Intel® Corporation - CBA -- Ping Discovery Service.) -- C:\WINDOWS\system32\cba\pds.exe [38544] [MD5.D57D1BE0129C1B45653B0FA920BC4B38] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [73728] [MD5.5657CB7897F36C43B28260BC9F2A6D6F] - (.PC SOFT - MantaManager.exe (Gestion et mise à jour du.) -- C:\Program Files\PC SOFT\Serveur HyperFileSQL\MantaManager.exe [229376] [MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [MD5.9CEABD6C5E75E3B869772EA15439C5C5] - (.Symantec Corporation - NscTop Module.) -- C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE [911456] [MD5.381110584AEE6D3DDAA76A63ADD64D42] - (...) -- C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE [1757184] [MD5.C7AEFF5113DFEA823A2F50133249E2B8] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [576024] [MD5.ACCDF944417FCE3B9BDDFC197C704A27] - (.SafeNet, Inc - Pas de description.) -- C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400] [MD5.F49666414BEBC671A7BBAA6E2EA4DCE4] - (.Intel® Corporation - Alert Originator Manager.) -- C:\WINDOWS\system32\ams_ii\iao.exe [59032] [MD5.F50943444171949433501FCC6DCFD026] - (.Intel® Corporation - CBA -- Message System.) -- C:\WINDOWS\system32\MsgSys.EXE [34456] [MD5.B3A6841C949106781AB2634B9E5446D9] - (.Intel® Corporation - CBA - Message Resource.) -- C:\WINDOWS\system32\cba\xfr.exe [42640] [MD5.2256D5D7ADB516964646135EBB33958B] - (.Vodafone - VMCService.) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336] [MD5.072F0ED116282DC7D34EE5EA5FB533B4] - (.Intel® Corporation - AMS2 Handler Manager Service.) -- C:\WINDOWS\system32\ams_ii\hndlrsvc.exe [38560] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [MD5.0B48230165E5E02BF7ED9DDD71FE7B28] - (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe [2918576] [MD5.C90DE0D235CC1A49A063C34B16864CD0] - (.DameWare Development LLC - DameWare NT Utilities Application.) -- C:\Program Files\DameWare Development\DameWare NT Utilities\DNTU.exe [2162736] [MD5.ADF88D0996A634B5B13EE8FB9595647D] - (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe [153088] [MD5.AE45DDF08B6949057CDB2D2EAAD3DEC4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656896] [MD5.1E5B9201721D9B687546A982323C030E] - (.Macrovision Corporation - Macrovision Software Manager Agent.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe [992176] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\dranoel\Local Settings\Application Data\Mozilla\Firefox\Profiles\5c6rmwor.default\prefs.js M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [dranoel] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} . (.Speedbit Ltd. - DAP IE Browser Helper Module.) -- C:\Program Files\DAP\DAPBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 6.0 for Act.) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} . (.SpeedBit Ltd. - Download Accelerator Plus (DAP) MSIE Loader.) -- C:\PROGRA~1\DAP\DAPIEL~1.DLL ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} . (...) -- (.not file.) O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} . (.Pas de propriétaire - DAP IE Bar.) -- C:\Program Files\DAP\DAPIEBar.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [setRefresh] . (.Hewlett-Packard Company - SetRefresh.) -- C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [DLA] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.exe O4 - HKLM\..\Run: [iSUSPM Startup] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe O4 - HKLM\..\Run: [iSUSScheduler] . (.Macrovision Corporation - Macrovision Software Manager Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe O4 - HKLM\..\Run: [uSBAntiVirus.exe] . (...) -- C:\Program Files\USBAntiVirus\USBAntiVirus.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] . (.Nero AG - NBH.) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] . (.Nero AG - InCD.) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [iSUSPM] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe O4 - HKLM\..\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [MobileConnect] . (.Vodafone - MobileConnect.) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1235213187-3896376266-1783329964-1170\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk . (.WinZip Computing, Inc..) -- C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk . (...) -- C:\Documents and Settings\dranoel\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (.not file.) ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Distiller 6.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Distiller_PFM.ico (.not file.) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Acrobat 6.0 Professional.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Acrobat_PFM_1.ico (.not file.) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ImageReady CS.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Photoshop CS\ImageReady.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop CS\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A90000000001}\SC_Reader.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\HP Designjet 500-800 series Firmware Update.lnk . (...) -- C:\Program Files\Hewlett-Packard\HP Designjet 500-800 series Firmware Update\FirmwareUpdateTool.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Symantec pcAnywhere.lnk . (.Symantec Corporation.) -- C:\Program Files\Symantec\pcAnywhere\winaw32.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Documents And Settings\dranoel\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Clean Traces . (...) -- C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP . (...) -- C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Recherche AOL Toolbar . (...) -- C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\fr-FR\local\search.html O8 - Extra context menu item: Download &all with DAP . (...) -- C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline O9 - Extra button: Console Java (Sun) - {3369AF0D-62E9-4bda-8103-B4C75499B578} . (.AOL - AOL Toolbar.) -- C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\fr-FR\aoltbres.dll O9 - Extra button: Console Java (Sun) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14) O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=74&bd=smb&pf=desktop ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{21C32CDE-906B-4867-A2D1-8AF5AB4BE61B}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS1\Services\Tcpip\..\{21C32CDE-906B-4867-A2D1-8AF5AB4BE61B}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS2\Services\Tcpip\..\{21C32CDE-906B-4867-A2D1-8AF5AB4BE61B}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Lome.dgcc-togo.com ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: PCANotify . (.Symantec Corporation - Winlogon Notification package.) -- C:\Windows\System32\PCANotify.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: McAfee Application Installer Cleanup (0135551257510229) (0135551257510229mcinstcleanup) - Clé orpheline O23 - Service: ArcGIS License Manager (ArcGIS License Manager) . (.Macrovision Corporation - Pas de description.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) . (.Macrovision - Macrovision RTS Service.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe O23 - Service: Hyper File Server : DGCC-LOME (Hyper File Server : DGCC-LOME) - Clé orpheline O23 - Service: Hyper File Server : Salle-Tirage (Hyper File Server : Salle-Tirage) . (.PC SOFT - manta.exe (Moteur HyperFileSQL Client/Serve.) - C:\Program Files\PC SOFT\Serveur HyperFileSQL\Manta.exe O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Intel Alert Handler (Intel Alert Handler) . (.Intel® Corporation - AMS2 Handler Manager Service.) - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe O23 - Service: Intel Alert Originator (Intel Alert Originator) . (.Intel® Corporation - Alert Originator Manager.) - C:\WINDOWS\system32\ams_ii\iao.exe O23 - Service: Intel File Transfer (Intel File Transfer) . (.Intel® Corporation - CBA - Message Resource.) - C:\WINDOWS\system32\cba\xfr.exe O23 - Service: Intel PDS (Intel PDS) . (.Intel® Corporation - CBA -- Ping Discovery Service.) - C:\WINDOWS\system32\cba\pds.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MantaManager (MantaManager) . (.PC SOFT - MantaManager.exe (Gestion et mise à jour du.) - C:\Program Files\PC SOFT\Serveur HyperFileSQL\MantaManager.exe O23 - Service: Service de repérage Symantec System Center (NSCTOP) . (.Symantec Corporation - NscTop Module.) - C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.exe O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) . (.SafeNet, Inc - Pas de description.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) . (.Vodafone - VMCService.) - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Desktop Component 0: My Current Home Page - file:About:Home O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (awlegacy) . (.Symantec Corporation - pcAnywhere Legacy Driver Module.) - C:\WINDOWS\system32\Drivers\awlegacy.sys O41 - Driver: (AW_HOST) . (.Symantec Corporation - pcAnywhere Host Driver for Windows 2000/XP.) - C:\WINDOWS\System32\drivers\aw_host5.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (DLACDBHM) . (.Sonic Solutions - Shared Driver Component.) - C:\WINDOWS\System32\Drivers\DLACDBHM.sys O41 - Driver: (DLARTL_N) . (.Sonic Solutions - Shared Driver Component.) - C:\WINDOWS\System32\Drivers\DLARTL_N.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\System32\drivers\InCDPass.sys O41 - Driver: (incdrm) . (.Nero AG - Nero MRW Filter Driver.) - C:\WINDOWS\System32\drivers\InCDRm.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\WINDOWS\System32\DRIVERS\MpFilter.sys O41 - Driver: (MpKslc30c0df4) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{78B309F2-D2CB-4CFD-8CA0-0D9D3A57D73C}\MpKslc30c0df4.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (P3) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\p3.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.sys O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {F7B0E599-C114-4493-BC4D-D8FC7CBBABBB} O42 - Logiciel: AOL Toolbar 5.0 - (.AOL LLC.) [HKLM] -- AOL Toolbar O42 - Logiciel: Adobe Acrobat 6.0 Professional - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-0000-7760-000000000001} O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC} O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A90000000001} O42 - Logiciel: ArcGIS ArcInfo Workstation - (.Environmental Systems Research Institute, Inc..) [HKLM] -- {2B0AEAE7-6EF2-4642-8F95-DDBC9B72721D} O42 - Logiciel: ArcGIS Desktop - (.Environmental Systems Research Institute, Inc..) [HKLM] -- ArcGIS Desktop O42 - Logiciel: ArcGIS License Manager - (.Pas de propriétaire.) [HKLM] -- ArcGIS License Manager O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: AutoCAD 2004 - (.Autodesk.) [HKLM] -- {5783F2D7-0201-040C-0002-0060B0CE6BBA} O42 - Logiciel: Autodesk Express Viewer - (.Autodesk, Inc..) [HKLM] -- Autodesk Express Viewer O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Client Activator 7.1 - English (2) - (.Pas de propriétaire.) [HKLM] -- Rainbow Client Activator 7.1 English O42 - Logiciel: Client Activator 7.1 - English (All) - (.Pas de propriétaire.) [HKLM] -- Rainbow Client Activator 7.1 English All O42 - Logiciel: Console de gestion de la stratégie de groupe Microsoft - (.Microsoft Corporation.) [HKLM] -- {8681E826-9DC6-4EAC-84B7-971EA795BD36} O42 - Logiciel: DameWare NT Utilities - (.DameWare Development.) [HKLM] -- {EA98753C-CB1C-4216-AC09-7EC3D3F62BAF} O42 - Logiciel: Download Accelerator Plus (DAP) - (.Speedbit Ltd..) [HKLM] -- Download Accelerator Plus (DAP) O42 - Logiciel: ECW Compressor 2.2 - (.Pas de propriétaire.) [HKLM] -- ECW Compressor 2.2 O42 - Logiciel: EasyRecovery Professional - (.Ontrack Data International, Inc..) [HKLM] -- InstallShield_{A8BB9906-E618-406A-B161-7383AFF46C39} O42 - Logiciel: Garmin MapSource - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {9D0FB354-3D85-483A-A899-99FB3084942D} O42 - Logiciel: Garmin Trip and Waypoint Manager v5 - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {414A373B-59DF-4102-94CA-9FE9A74CBDDA} O42 - Logiciel: HP Designjet 500-800 series FUU - (.Hewlett-Packard.) [HKLM] -- {21999F55-6F63-4FAB-9172-423355DC656D} O42 - Logiciel: HP Help and Support - (.HPQ.) [HKLM] -- {A93C4E94-1005-489D-BEAA-B873C1AA6CFC} O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP OCR Software 9.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {EB21A812-671B-4D08-B974-2A347F0D8F70} O42 - Logiciel: HP Scanjet G2710 9.0 - (.HP.) [HKLM] -- {F4158BB4-98FA-4ad5-A0FE-3913A0714A44} O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {8C6027FD-53DC-446D-BB75-CACD7028A134} O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 O42 - Logiciel: Hyper File : Salle-Tirage - (.Pas de propriétaire.) [HKLM] -- HyperFile-Salle-Tirage O42 - Logiciel: Hyper File Manager - (.Pas de propriétaire.) [HKLM] -- HyperFileManager O42 - Logiciel: IDRISI 15 The Andes Edition - (.Clark Labs / Clark University.) [HKLM] -- IDRISI 15 The Andes Edition O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI O42 - Logiciel: Java 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020} O42 - Logiciel: LEICA Geo Office - Outils - (.Leica Geosystems.) [HKLM] -- {10111CD0-05C5-432D-8620-361AC7686877} O42 - Logiciel: LightScribe System Software 1.12.29.2 - (.http://www.lightscribe.com.) [HKLM] -- {CF8C077A-B467-4C43-8DB5-3A9B94FF9681} O42 - Logiciel: LiveReg (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveReg O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MapImagery - (.Pas de propriétaire.) [HKLM] -- MapImagery O42 - Logiciel: MapInfo Professional 8.5 - (.MapInfo Corporation.) [HKLM] -- {A5FC1423-8739-45CB-9C46-27BF79A0BD8A} O42 - Logiciel: MapSource - (.Pas de propriétaire.) [HKLM] -- MapSource O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7} O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {9B4E6CB9-E54D-47F7-A414-E2D5740E1036} O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN O42 - Logiciel: PDF Complete - (.PDF Complete, Inc..) [HKLM] -- PDF Complete O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} O42 - Logiciel: Pack d’outils d’administration de Windows Server 2003 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {0D184898-C3F8-4268-8FE7-B482B4ADF086} O42 - Logiciel: Python 2.4.1 - (.Pas de propriétaire.) [HKLM] -- Python 2.4.1 O42 - Logiciel: Python 2.5 numpy-1.0.3 - (.Pas de propriétaire.) [HKLM] -- Python 2.5 numpy-1.0.3 O42 - Logiciel: Python 2.5.1 - (.Pas de propriétaire.) [HKLM] -- Python 2.5.1 O42 - Logiciel: Readiris Pro 9 - (.Pas de propriétaire.) [HKLM] -- {3CA9D105-113C-11D8-AB3E-000102B0F79A} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Roxio Audio Module - (.Roxio.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382} O42 - Logiciel: Roxio Copy Module - (.Roxio.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629} O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {83FFCFC7-88C6-41c6-8752-958A45325C82} O42 - Logiciel: Roxio Creator Basic v9 - (.Roxio.) [HKLM] -- {C8B0680B-CDAE-4809-9F91-387B6DE00F7C} O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {0D397393-9B50-4c52-84D5-77E344289F87} O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {0394CDC8-FABD-4ed8-B104-03393876DFDF} O42 - Logiciel: Roxio DLA - (.Roxio.) [HKLM] -- {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} O42 - Logiciel: Roxio Data Module - (.Roxio.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205} O42 - Logiciel: Roxio Express Labeler - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Roxio MyDVD Basic v9 - (.Roxio.) [HKLM] -- {938B1CD7-7C60-491E-AA90-1F1888168240} O42 - Logiciel: Roxio MyDVD Plus - (.Roxio.) [HKLM] -- {21657574-BD54-48A2-9450-EB03B2C7FC29} O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E} O42 - Logiciel: SafeCast Shared Components - (.Macrovision.) [HKLM] -- CdaC13Ba O42 - Logiciel: Sentinel Protection Installer 7.2.2 - (.SafeNet, Inc..) [HKLM] -- {6DC0632A-A838-4B34-AC19-0FA18E1C533C} O42 - Logiciel: SmartLF - (.Colortrac.) [HKLM] -- {C5BA7C49-95F2-4222-A37C-100E9FA1BE0A} O42 - Logiciel: SmartLF Gx Utilities - (.Colortrac.) [HKLM] -- {3A50F5FD-7D19-488A-8246-FE6D7BCF44D9} O42 - Logiciel: Sonic Activation Module - (.Sonic Solutions.) [HKLM] -- {35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} O42 - Logiciel: Symantec System Center - (.Symantec Corporation.) [HKLM] -- Symantec System Center O42 - Logiciel: Symantec System Center - (.Symantec Corporation.) [HKLM] -- {A502B8B6-5601-4DE7-B0E4-2A52641DD3C7} O42 - Logiciel: Symantec pcAnywhere - (.Symantec Corporation.) [HKLM] -- {E05E8183-866A-11D3-97DF-0000F8D8F2E9} O42 - Logiciel: USB Drive AntiVirus 2.3 - (.USB AntiVirus.) [HKLM] -- USB Drive AntiVirus_is1 O42 - Logiciel: VLC media player 1.0.0 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Vertical Mapper 2.6 - (.Pas de propriétaire.) [HKLM] -- {97042B20-E491-11D3-96D4-00105A111647} O42 - Logiciel: Vodafone Mobile Connect - (.Vodafone.) [HKLM] -- {8B3776EC-5F0A-4996-A7DF-BB5DA95B240E} O42 - Logiciel: WinZip - (.WinZip Computing, Inc..) [HKLM] -- WinZip O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] -- {121634B0-2F4A-11D3-ADA3-00C04F52DD53} O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: Wintrans 4.52 - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1 O42 - Logiciel: doPDF 6.0 printer - (.Softland.) [HKLM] -- doPDF 6 printer_is1 O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\\ HKCU & HKLM Software Keys [HKCU\Software\AOL] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Applications WinDev] [HKCU\Software\Autodesk] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Colortrac] [HKCU\Software\DameWare Development] [HKCU\Software\ESRI] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\Flock] [HKCU\Software\GID] [HKCU\Software\Hewlett-Packard] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\Iris] [HKCU\Software\JavaSoft] [HKCU\Software\LEICA Geosystems] [HKCU\Software\Leadertech] [HKCU\Software\LightScribe] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MapInfo] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\Northwood] [HKCU\Software\ODBC] [HKCU\Software\PC SOFT] [HKCU\Software\PDFComplete] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Softland] [HKCU\Software\Softsoft Ltd.] [HKCU\Software\Software FX, Inc.] [HKCU\Software\Sonic] [HKCU\Software\SpeedBit] [HKCU\Software\SystemSafe] [HKCU\Software\Trolltech] [HKCU\Software\Usbfix] [HKCU\Software\Vodafone] [HKCU\Software\WinRAR] [HKCU\Software\WinZip Computing] [HKCU\Software\Wise Solutions] [HKCU\Software\ahead] [HKLM\Software\781] [HKLM\Software\ALWIL Software] [HKLM\Software\ActiveXperts] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Aladdin Knowledge Systems] [HKLM\Software\America Online] [HKLM\Software\Audible] [HKLM\Software\Autodesk] [HKLM\Software\C07ft5Y] [HKLM\Software\CLSYSTEM] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\ConversApi] [HKLM\Software\Convers] [HKLM\Software\DameWare Development] [HKLM\Software\Debug] [HKLM\Software\ER Mapper] [HKLM\Software\ESRI] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\FLEXlm License Manager] [HKLM\Software\GID] [HKLM\Software\GarminUTM] [HKLM\Software\Garmin] [HKLM\Software\Gemplus] [HKLM\Software\HPQ] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\I.R.I.S.] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\LEICA Geosystems] [HKLM\Software\Licenses] [HKLM\Software\Lidan] [HKLM\Software\LightScribe] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MapInfo] [HKLM\Software\MicroVision] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Northwood] [HKLM\Software\Ntpad] [HKLM\Software\ODBC] [HKLM\Software\Omniquad] [HKLM\Software\Ontrack] [HKLM\Software\PDFComplete] [HKLM\Software\Policies] [HKLM\Software\Preclick] [HKLM\Software\Program Groups] [HKLM\Software\Prolific Technology INC] [HKLM\Software\Python] [HKLM\Software\Rainbow Technologies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Roxio] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safe Software Inc.] [HKLM\Software\Safenet Sentinel] [HKLM\Software\Schlumberger] [HKLM\Software\Seagate Software] [HKLM\Software\Secure] [HKLM\Software\Softland] [HKLM\Software\Software FX, Inc.] [HKLM\Software\Sonic] [HKLM\Software\SpeedBit] [HKLM\Software\Symantec] [HKLM\Software\SystemSafe] [HKLM\Software\TORO] [HKLM\Software\TrendMicro] [HKLM\Software\Vantage Software Technologies] [HKLM\Software\VideoLAN] [HKLM\Software\Vodafone] [HKLM\Software\WexTech Systems] [HKLM\Software\WinLicense] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Wise Solutions] [HKLM\Software\callas software gmbh] [HKLM\Software\illiminable] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 29/04/2010 - 11:38:12 - [2105926] ----D- C:\Program Files\ActiveXperts O43 - CFD: 21/12/2010 - 08:09:16 - [163106006] ----D- C:\Program Files\Ad-Remover O43 - CFD: 12/01/2010 - 16:18:10 - [682807601] ----D- C:\Program Files\Adobe O43 - CFD: 15/09/2009 - 11:19:38 - [3997789] ----D- C:\Program Files\AnswerWorks 4.0 O43 - CFD: 08/09/2009 - 16:02:56 - [2722884] ----D- C:\Program Files\AOL O43 - CFD: 22/09/2010 - 10:47:32 - [3254935112] ----D- C:\Program Files\ArcGIS O43 - CFD: 15/09/2009 - 11:20:32 - [177057525] ----D- C:\Program Files\AutoCAD 2004 O43 - CFD: 15/09/2009 - 11:19:58 - [6531178] ----D- C:\Program Files\Autodesk O43 - CFD: 14/09/2009 - 16:38:54 - [22174013] ----D- C:\Program Files\CADASTRO O43 - CFD: 07/06/2010 - 12:02:42 - [31417094] ----D- C:\Program Files\CADASTRO10 O43 - CFD: 22/09/2010 - 09:46:28 - [2913496] ----D- C:\Program Files\CCleaner O43 - CFD: 26/10/2009 - 10:26:58 - [1179880] ----D- C:\Program Files\CMAK O43 - CFD: 14/09/2009 - 16:49:50 - [3656552] ----D- C:\Program Files\Colortrac O43 - CFD: 08/09/2009 - 13:48:28 - [525824] ----D- C:\Program Files\Compaq O43 - CFD: 08/09/2009 - 22:34:56 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 29/06/2011 - 08:25:32 - [39585031] ----D- C:\Program Files\DameWare Development O43 - CFD: 04/07/2011 - 07:27:56 - [20676830] ----D- C:\Program Files\DAP O43 - CFD: 22/10/2010 - 15:02:14 - [4965656] ----D- C:\Program Files\ER Mapper O43 - CFD: 29/03/2010 - 12:30:00 - [21180281] ----D- C:\Program Files\ESRI O43 - CFD: 01/07/2011 - 10:46:56 - [902755397] ----D- C:\Program Files\Fichiers communs O43 - CFD: 13/12/2010 - 12:53:42 - [11396748] ----D- C:\Program Files\GID O43 - CFD: 26/10/2009 - 10:51:04 - [5135750] ----D- C:\Program Files\GPMC O43 - CFD: 18/10/2010 - 11:58:24 - [38103752] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 12/01/2010 - 15:15:26 - [167609680] ----D- C:\Program Files\HP O43 - CFD: 08/09/2009 - 13:47:22 - [374073] ----D- C:\Program Files\HPQ O43 - CFD: 22/10/2010 - 15:00:56 - [34627324] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 30/06/2011 - 08:19:36 - [4689575] ----D- C:\Program Files\Internet Explorer O43 - CFD: 08/09/2009 - 13:45:38 - [82641639] ----D- C:\Program Files\Java O43 - CFD: 22/09/2010 - 10:17:52 - [67018013] ----D- C:\Program Files\Leica Geosystems O43 - CFD: 05/07/2011 - 19:47:06 - [7566967] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 13/12/2010 - 12:53:42 - [464329] ----D- C:\Program Files\MapImagery O43 - CFD: 22/10/2010 - 14:57:32 - [231648004] ----D- C:\Program Files\MapInfo O43 - CFD: 28/01/2011 - 12:54:08 - [2151555] ----D- C:\Program Files\Messenger O43 - CFD: 08/09/2009 - 22:34:56 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 15/09/2009 - 11:19:36 - [569557445] ----D- C:\Program Files\Microsoft Office O43 - CFD: 09/02/2011 - 12:14:36 - [18110254] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 08/09/2009 - 16:08:14 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 08/09/2009 - 16:06:00 - [67476831] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 08/09/2009 - 16:08:38 - [3178824] ----D- C:\Program Files\Microsoft Works O43 - CFD: 08/09/2009 - 16:07:46 - [8152064] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 28/01/2011 - 12:53:44 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 04/07/2011 - 15:47:40 - [34244654] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 08/09/2009 - 16:08:24 - [764] ----D- C:\Program Files\MSBuild O43 - CFD: 08/09/2009 - 22:34:56 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 08/09/2009 - 22:34:56 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 29/10/2009 - 12:50:50 - [252859324] ----D- C:\Program Files\Nero O43 - CFD: 28/01/2011 - 12:51:30 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 19/04/2010 - 08:07:06 - [2840341] ----D- C:\Program Files\Omniquad Instant Remote Control O43 - CFD: 08/09/2009 - 16:03:18 - [1779] R---D- C:\Program Files\Online Services O43 - CFD: 17/02/2010 - 13:21:16 - [54398394] ----D- C:\Program Files\Ontrack O43 - CFD: 28/01/2011 - 12:51:28 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 16/11/2009 - 15:01:38 - [1015470783] ----D- C:\Program Files\PC SOFT O43 - CFD: 31/12/2010 - 08:30:04 - [31264313] ----D- C:\Program Files\PDF Complete O43 - CFD: 08/09/2009 - 14:01:12 - [1022] ----D- C:\Program Files\Raccourcis de programmes O43 - CFD: 29/03/2010 - 13:13:24 - [33327] ----D- C:\Program Files\Rainbow Technologies O43 - CFD: 03/09/2010 - 16:23:14 - [51335442] ----D- C:\Program Files\Readiris Pro 9 O43 - CFD: 08/09/2009 - 13:46:16 - [42199231] ----D- C:\Program Files\Realtek O43 - CFD: 08/09/2009 - 16:58:50 - [473717014] ----D- C:\Program Files\Roxio O43 - CFD: 22/09/2010 - 10:01:34 - [327659] ----D- C:\Program Files\SafeNet Sentinel O43 - CFD: 22/10/2010 - 14:57:38 - [1959852] ----D- C:\Program Files\Seagate Software O43 - CFD: 08/09/2009 - 22:34:56 - [929] ----D- C:\Program Files\Services en ligne O43 - CFD: 30/03/2010 - 13:26:58 - [1293395] ----D- C:\Program Files\Softland O43 - CFD: 08/09/2009 - 16:12:32 - [13272304] ----D- C:\Program Files\Sonic O43 - CFD: 01/07/2011 - 10:13:08 - [0] ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD: 28/01/2011 - 11:02:42 - [119150299] ----D- C:\Program Files\Symantec O43 - CFD: 19/08/2010 - 13:01:10 - [0] ----D- C:\Program Files\Symantec AntiVirus O43 - CFD: 29/04/2010 - 11:55:26 - [849] ----D- C:\Program Files\Total Network Monitor O43 - CFD: 05/07/2011 - 19:20:12 - [789143] ----D- C:\Program Files\trend micro O43 - CFD: 08/09/2009 - 22:34:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 29/06/2011 - 11:46:42 - [2370091] ----D- C:\Program Files\USBAntiVirus O43 - CFD: 29/10/2009 - 16:13:24 - [75096999] ----D- C:\Program Files\VideoLAN O43 - CFD: 27/05/2011 - 09:54:20 - [20860889] ----D- C:\Program Files\Vodafone O43 - CFD: 09/02/2011 - 12:08:26 - [121374] ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD: 28/01/2011 - 12:54:06 - [4401005] ----D- C:\Program Files\Windows Media Player O43 - CFD: 28/01/2011 - 12:51:28 - [3938047] ----D- C:\Program Files\Windows NT O43 - CFD: 08/09/2009 - 22:34:56 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 18/11/2009 - 10:24:22 - [3111820] ----D- C:\Program Files\WinRAR O43 - CFD: 07/06/2010 - 14:39:36 - [611684] ----D- C:\Program Files\Wintrans O43 - CFD: 13/09/2010 - 17:38:16 - [4797080] ----D- C:\Program Files\WinZip O43 - CFD: 08/09/2009 - 22:34:56 - [0] ----D- C:\Program Files\xerox O43 - CFD: 06/07/2011 - 11:00:36 - [3928188] ----D- C:\Program Files\ZHPDiag O43 - CFD: 29/04/2010 - 11:38:14 - [1605632] ----D- C:\Program Files\Fichiers Communs\ActiveXperts O43 - CFD: 06/09/2010 - 14:10:36 - [102906510] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 15/09/2009 - 12:52:34 - [68096] ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD: 29/10/2009 - 12:53:54 - [110841003] ----D- C:\Program Files\Fichiers Communs\Ahead O43 - CFD: 22/09/2010 - 10:19:16 - [5133227] ----D- C:\Program Files\Fichiers Communs\AnswerWorks 4.0 O43 - CFD: 15/09/2009 - 11:19:38 - [38296042] ----D- C:\Program Files\Fichiers Communs\Autodesk Shared O43 - CFD: 02/02/2010 - 08:03:10 - [0] ----D- C:\Program Files\Fichiers Communs\CC100Topologic O43 - CFD: 15/09/2009 - 11:19:38 - [204864] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 22/09/2010 - 10:17:08 - [47463566] ----D- C:\Program Files\Fichiers Communs\ESRI O43 - CFD: 12/01/2010 - 15:12:24 - [12305661] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 12/01/2010 - 15:15:30 - [2882048] ----D- C:\Program Files\Fichiers Communs\HP O43 - CFD: 03/09/2010 - 16:22:44 - [17950169] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 08/09/2009 - 13:45:22 - [34657942] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 08/09/2009 - 16:10:44 - [29696965] ----D- C:\Program Files\Fichiers Communs\LightScribe O43 - CFD: 15/09/2009 - 11:19:56 - [275616] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 08/09/2010 - 15:12:30 - [263719257] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 08/09/2009 - 22:34:56 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 08/09/2009 - 22:34:56 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 28/01/2010 - 10:05:58 - [47293436] ----D- C:\Program Files\Fichiers Communs\PC SOFT O43 - CFD: 08/09/2009 - 16:59:14 - [109248534] ----D- C:\Program Files\Fichiers Communs\Roxio Shared O43 - CFD: 22/09/2010 - 10:01:34 - [1806719] ----D- C:\Program Files\Fichiers Communs\SafeNet Sentinel O43 - CFD: 08/09/2009 - 22:34:56 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 08/09/2009 - 16:59:16 - [20165486] ----D- C:\Program Files\Fichiers Communs\Sonic Shared O43 - CFD: 08/09/2009 - 22:34:56 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 01/07/2011 - 10:46:56 - [2248320] ----D- C:\Program Files\Fichiers Communs\SpeedBit O43 - CFD: 08/09/2009 - 16:12:34 - [475136] ----D- C:\Program Files\Fichiers Communs\SureThing Shared O43 - CFD: 28/01/2011 - 11:02:40 - [7907772] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 28/01/2011 - 12:51:24 - [41168061] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 08/09/2009 - 16:13:10 - [355840] ----D- C:\Program Files\Fichiers Communs\TiVo Shared O43 - CFD: 05/07/2011 - 19:00:16 - [2517751] ----D- C:\Documents and Settings\dranoel\Application Data\Adobe O43 - CFD: 11/10/2010 - 08:57:30 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\AdobeUM O43 - CFD: 19/11/2010 - 11:09:52 - [201758] ----D- C:\Documents and Settings\dranoel\Application Data\Ahead O43 - CFD: 17/09/2009 - 14:05:24 - [2724591] ----D- C:\Documents and Settings\dranoel\Application Data\Autodesk O43 - CFD: 17/09/2009 - 10:20:14 - [814] ----D- C:\Documents and Settings\dranoel\Application Data\Colortrac O43 - CFD: 29/06/2011 - 14:07:40 - [22197] ----D- C:\Documents and Settings\dranoel\Application Data\DameWare Development O43 - CFD: 21/05/2011 - 12:13:04 - [199] ----D- C:\Documents and Settings\dranoel\Application Data\dvdcss O43 - CFD: 29/06/2011 - 08:28:54 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\DWMRCMSI O43 - CFD: 01/07/2011 - 12:46:56 - [1275960] ----D- C:\Documents and Settings\dranoel\Application Data\ESRI O43 - CFD: 08/09/2010 - 08:33:18 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\Help O43 - CFD: 08/09/2009 - 22:34:56 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\Identities O43 - CFD: 21/05/2011 - 14:07:04 - [409] ----D- C:\Documents and Settings\dranoel\Application Data\Leadertech O43 - CFD: 29/06/2011 - 12:45:34 - [503] ----D- C:\Documents and Settings\dranoel\Application Data\Macromedia O43 - CFD: 05/07/2011 - 19:47:10 - [739880] ----D- C:\Documents and Settings\dranoel\Application Data\Malwarebytes O43 - CFD: 22/10/2010 - 14:59:14 - [1784382] ----D- C:\Documents and Settings\dranoel\Application Data\MapInfo O43 - CFD: 29/06/2011 - 14:37:02 - [3152417] -S--D- C:\Documents and Settings\dranoel\Application Data\Microsoft O43 - CFD: 04/07/2011 - 15:48:50 - [14324874] ----D- C:\Documents and Settings\dranoel\Application Data\Mozilla O43 - CFD: 21/05/2011 - 14:07:08 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\Sonic O43 - CFD: 08/09/2009 - 13:45:18 - [14442496] ----D- C:\Documents and Settings\dranoel\Application Data\Sun O43 - CFD: 01/07/2011 - 10:13:08 - [0] ----D- C:\Documents and Settings\dranoel\Application Data\SUPERAntiSpyware.com O43 - CFD: 21/05/2011 - 16:29:54 - [798395] ----D- C:\Documents and Settings\dranoel\Application Data\vlc O43 - CFD: 30/05/2011 - 13:16:28 - [796506] ----D- C:\Documents and Settings\dranoel\Application Data\Vodafone O43 - CFD: 08/09/2010 - 08:27:22 - [102134] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Adobe O43 - CFD: 19/11/2010 - 11:09:52 - [1950601] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Ahead O43 - CFD: 28/01/2011 - 12:24:06 - [11164] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\AOL O43 - CFD: 08/09/2009 - 13:41:26 - [4163] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\ApplicationHistory O43 - CFD: 17/09/2009 - 14:05:12 - [15046932] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Autodesk O43 - CFD: 08/09/2010 - 08:33:18 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Help O43 - CFD: 22/10/2010 - 14:59:00 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\MapInfo O43 - CFD: 30/06/2011 - 08:21:12 - [1528419] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Microsoft O43 - CFD: 04/07/2011 - 15:47:46 - [25150895] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Mozilla O43 - CFD: 28/01/2011 - 12:20:48 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\PCHealth O43 - CFD: 17/09/2009 - 09:22:30 - [3662] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Symantec O43 - CFD: 08/09/2010 - 08:27:22 - [102134] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Adobe O43 - CFD: 19/11/2010 - 11:09:52 - [1950601] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Ahead O43 - CFD: 28/01/2011 - 12:24:06 - [11164] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\AOL O43 - CFD: 08/09/2009 - 13:41:26 - [4163] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\ApplicationHistory O43 - CFD: 17/09/2009 - 14:05:12 - [15046932] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Autodesk O43 - CFD: 08/09/2010 - 08:33:18 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Help O43 - CFD: 22/10/2010 - 14:59:00 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\MapInfo O43 - CFD: 30/06/2011 - 08:21:12 - [1528419] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Microsoft O43 - CFD: 04/07/2011 - 15:47:46 - [25150895] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Mozilla O43 - CFD: 28/01/2011 - 12:20:48 - [0] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\PCHealth O43 - CFD: 17/09/2009 - 09:22:30 - [3662] ----D- C:\Documents and Settings\dranoel\Local Settings\Application Data\Symantec ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.1CEF1300FEFFFFFF57494E444F577E31] - 06/07/2011 - 10:05:53 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [916963] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/07/2011 - 09:59:53 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.1CEF1300FEFFFFFF0000000038F21300] - 06/07/2011 - 09:59:48 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157] O44 - LFC:[MD5.1CEF1300FEFFFFFF0000000038F21300] - 06/07/2011 - 09:59:46 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 06/07/2011 - 07:37:27 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.94617A1761C9182E7F16CDCFACC2AB8E] - 06/07/2011 - 07:35:13 ---A- . (...) -- C:\rapport.txt [4287] O44 - LFC:[MD5.0C9835C48E0FD8C6F0841EA8EC7EB7A6] - 06/07/2011 - 07:34:03 ---A- . (...) -- C:\WINDOWS\System32\tmp.reg [4780] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/07/2011 - 07:34:03 ---A- . (...) -- C:\WINDOWS\System32\tmp.txt [0] O44 - LFC:[MD5.643563AAFF425C097A0C9F1177555D42] - 06/07/2011 - 06:58:47 ---A- . (...) -- C:\UsbFix.txt [4696] O44 - LFC:[MD5.309C10B8BC83F4D9E21E7D3B8D9BCCAD] - 06/07/2011 - 06:58:43 ---A- . (...) -- C:\UsbFix_Upload_Me_SALLE-TIRAGE.zip [1192572669] O44 - LFC:[MD5.3E64B6BAEC10DA95422A2863431894E9] - 05/07/2011 - 19:55:16 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [187224] O44 - LFC:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 05/07/2011 - 19:47:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [39984] O44 - LFC:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 05/07/2011 - 19:47:01 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712] O44 - LFC:[MD5.9E786A7A33440CDBFD5872342D53E8F9] - 05/07/2011 - 19:17:04 ---A- . (...) -- C:\WINDOWS\setupapi.log [2176] O44 - LFC:[MD5.1CEF1300FEFFFFFF0000000038F21300] - 05/07/2011 - 19:13:59 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32500] O44 - LFC:[MD5.3F5011A09D48AF099B5757E4C145650E] - 05/07/2011 - 18:59:53 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 05/07/2011 - 17:55:05 ---A- . (...) -- C:\WINDOWS\setupact.log [60] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/07/2011 - 17:55:05 ---A- . (...) -- C:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.1CEF1300FEFFFFFF5354495F54527E31] - 05/07/2011 - 16:45:09 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 04/07/2011 - 15:47:46 ---A- . (...) -- C:\WINDOWS\nsreg.dat [0] O44 - LFC:[MD5.A36AA00529A703505FD1FB38D43D6B48] - 04/07/2011 - 07:28:04 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.478063C6D3E9D25ACD3C59782B82E307] - 01/07/2011 - 10:46:52 ---A- . (...) -- C:\WINDOWS\System32\EasyHook32.dll [90784] O44 - LFC:[MD5.47344CA16097E6ADC726F415582BA92B] - 01/07/2011 - 10:46:52 ---A- . (...) -- C:\WINDOWS\System32\EasyHook64.dll [109216] O44 - LFC:[MD5.45960B40C1ECB75ED5549A80049879E1] - 01/07/2011 - 10:07:00 ---A- . (.Jin Hui E-mail: jinhui@jcomsoft.com We - Animation GIF Control.) -- C:\WINDOWS\System32\AniGIF.ocx [172032] O44 - LFC:[MD5.C85123407AC64D05241C0F88D69ECD3E] - 01/07/2011 - 10:07:00 ---A- . (.Stardock.Net, Inc - WindowBlinds : DirectSkin.) -- C:\WINDOWS\System32\wbocx.ocx [479298] O44 - LFC:[MD5.D68018AEBB6226BCA5103DA8B66A57D6] - 01/07/2011 - 10:07:00 ---A- . (.Stardock.Net, Inc - WindowBlinds Helper DLL.) -- C:\WINDOWS\System32\wbhelp2.dll [50688] O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 30/06/2011 - 15:07:16 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69] O44 - LFC:[MD5.237B3A66774FEEC922B6F90C2F2FDFB7] - 29/06/2011 - 08:30:32 ---A- . (.DameWare Development LLC - Shell interface for DameWare Mini Remote Co.) -- C:\WINDOWS\System32\DWRCSh32.DLL [68120] O44 - LFC:[MD5.A69C71169D9CE52884576D08C14929A7] - 16/06/2011 - 09:39:11 ---A- . (...) -- C:\WINDOWS\System32\prsgrc.tgz [115] O44 - LFC:[MD5.9FE2713973F834D48FB46616B14F2C7A] - 16/06/2011 - 09:39:10 ---A- . (...) -- C:\WINDOWS\System32\prsgrc.dll [101] O44 - LFC:[MD5.0B50A4DD3E11AC8C2C144BC1C4DA9749] - 16/06/2011 - 09:39:10 ---A- . (...) -- C:\WINDOWS\System32\ssprs.tgz [14] O44 - LFC:[MD5.7E04D1A195B5CE6867A78CEC16D63732] - 16/06/2011 - 09:39:10 ---A- . (...) -- C:\WINDOWS\System32\svbp449.dll [335] O44 - LFC:[MD5.70D8147628A149AE2B93A655EC2C8CA2] - 16/06/2011 - 09:39:10 ---A- . (...) -- C:\WINDOWS\System32\svbp449.tgz [349] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - URL Exec Hook - {5ECD31F0-F91A-11d4-B3CA-00D0B70A09D2} - WDShell ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mmc.exe" [Enabled] .(.Microsoft Corporation - Microsoft Management Console.) -- C:\WINDOWS\system32\mmc.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" [Enabled] .(...) -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe (.not file.) O47 - AAKE:Key Export DP - "C:\Program Files\Symantec\pcAnywhere\awhost32.exe" [Disabled] .(.Symantec Corporation - pcAnywhere Host.) -- C:\Program Files\Symantec\pcAnywhere\awhost32.exe O47 - AAKE:Key Export DP - "C:\Program Files\Symantec\pcAnywhere\awrem32.exe" [Disabled] .(.Symantec Corporation - Remote Control Module.) -- C:\Program Files\Symantec\pcAnywhere\awrem32.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\WINDOWS\system32\mmc.exe" [Enabled] .(.Microsoft Corporation - Microsoft Management Console.) -- C:\WINDOWS\system32\mmc.exe O47 - AAKE:Key Export DP - "\\Serveur\C$\BACKUP PREVENTIF\Serveur HF\Centre de Controle HF\CC100HF.exe" [Disabled] Clé orpheline O47 - AAKE:Key Export DP - "C:\Program Files\DAP\DAP.exe" [Enabled] .(.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.0F2D66D5F08EBE2F77BB904288DCF6F0] - 06/07/2011 - 22:20:04 ---A- . (.Intel Corporation - Intel® Integrated Controller Hub Audio Driver.) -- C:\WINDOWS\system32\drivers\ac97intc.sys [96256] O58 - SDL:[MD5.0EA9B1F0C6C90A509C8603775366ADB7] - 06/07/2011 - 00:44:42 ---A- . (.Adaptec, Inc. - Adaptec WinXP Ultra320 Driver.) -- C:\WINDOWS\system32\drivers\adpu320.sys [105472] O58 - SDL:[MD5.ABFE3AB22767EEB5E7D91B1B3BB2901C] - 06/07/2011 - 14:08:44 ---A- . (.Symantec Corporation - pcAnywhere Legacy Driver Module.) -- C:\WINDOWS\system32\drivers\AWLEGACY.sys [10901] O58 - SDL:[MD5.852D995A4B283C341A2BAEFAA8067671] - 06/07/2011 - 16:43:34 ---A- . (.Symantec Corporation - pcAnywhere Host Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\AW_HOST5.sys [24365] O58 - SDL:[MD5.F76CB7259AA575CC53F3996BC6B68C18] - 06/07/2011 - 11:19:53 ---A- . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS [12464] O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 06/07/2011 - 03:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [2432] O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 06/07/2011 - 03:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [2560] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 06/07/2011 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 06/07/2011 - 09:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.7581407A6A3C56860AE31E6E423FE824] - 06/07/2011 - 08:35:24 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS [5660] O58 - SDL:[MD5.693DFD92D41A3D270053CD97834E4960] - 06/07/2011 - 08:34:46 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS [22684] O58 - SDL:[MD5.D626B0037E3585C12520F1E5CD67DFDE] - 06/07/2011 - 03:30:00 ---A- . (.Sonic Solutions - Device Driver.) -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS [89456] O58 - SDL:[MD5.2AEEE1600D0F14BA535F90A1F4411B54] - 06/07/2011 - 05:20:00 ---A- . (.Sonic Solutions - Device Driver Manager.) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS [40544] O58 - SDL:[MD5.1961F8B618E3C20DF54C146B294EFD2A] - 06/07/2011 - 19:12:50 ---A- . (.Intel Corporation - Pilote NDIS 5.) -- C:\WINDOWS\system32\drivers\e100b325.sys [117760] O58 - SDL:[MD5.53F1160666435151B6FCF89D015FE620] - 06/07/2011 - 19:13:04 R--A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys [101120] O58 - SDL:[MD5.FD25177CED6751C14DE170D8282CED90] - 06/07/2011 - 13:00:32 ---A- . (.Symantec Corporation - pcAnywhere AWUNREG Driver.) -- C:\WINDOWS\system32\drivers\GERNUWA.sys [13898] O58 - SDL:[MD5.FD396CA96D4F129BB463ED7DCEF453CA] - 06/07/2011 - 22:18:00 ---A- . (.GARMIN Corp. - Generic WDM Support Driver.) -- C:\WINDOWS\system32\drivers\grmngen.sys [18432] O58 - SDL:[MD5.D956358054E99E6FFAC69CD87E893A89] - 06/07/2011 - 22:18:00 ---A- . (.GARMIN Corp. - grmnusb.sys.) -- C:\WINDOWS\system32\drivers\grmnusb.sys [8320] O58 - SDL:[MD5.D95554949082FD29A04D351B58396718] - 06/07/2011 - 10:01:48 ---A- . (.Aladdin Knowledge Systems Ltd. - Hardlock Device Driver for Windows NT.) -- C:\WINDOWS\system32\drivers\hardlock.sys [693760] O58 - SDL:[MD5.2DD25F060DC9F79B5CDF33D90ED93669] - 06/07/2011 - 10:05:09 ---A- . (.Aladdin Knowledge Systems - HASP Kernel Device Driver for Windows NT.) -- C:\WINDOWS\system32\drivers\Haspnt.sys [47616] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 06/07/2011 - 09:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.2A013E7530BEAB6E569FAA83F517E836] - 06/07/2011 - 15:07:16 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [145920] O58 - SDL:[MD5.06B7EF73BA5F302EECC294CDF7E19702] - 06/07/2011 - 00:29:38 ---A- . (.Intel® Corporation - Miniport Driver for Intel Graphics Driver.) -- C:\WINDOWS\system32\drivers\i81xnt5.sys [161020] O58 - SDL:[MD5.C4018896856A1A1F1F3A0A6EE7206551] - 06/07/2011 - 08:00:36 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [5851488] O58 - SDL:[MD5.7BFC3EDA22190C0FE8C2CA19E5379DA5] - 06/07/2011 - 15:55:36 ---A- . (.Nero AG - InCD File System Driver.) -- C:\WINDOWS\system32\drivers\InCDfs.sys [118576] O58 - SDL:[MD5.FC4DBF18A4EB0D2FE3171471A3D0F9A8] - 06/07/2011 - 15:55:36 ---A- . (.Nero AG - Ahead RW Filter Driver.) -- C:\WINDOWS\system32\drivers\InCDPass.sys [37040] O58 - SDL:[MD5.F8E7C551DEF07FDC12CA5CC7AE5D975B] - 06/07/2011 - 15:55:36 ---A- . (.Nero AG - InCD File System Recognizer.) -- C:\WINDOWS\system32\drivers\InCDrec.sys [16304] O58 - SDL:[MD5.31A5A3809249A326EB0EF58D563A9654] - 06/07/2011 - 15:55:36 ---A- . (.Nero AG - Nero MRW Filter Driver.) -- C:\WINDOWS\system32\drivers\InCDRm.sys [38576] O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 06/07/2011 - 09:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 06/07/2011 - 09:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [39984] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 06/07/2011 - 09:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.3C08693720708E007C2C66BEF6063063] - 06/07/2011 - 10:35:14 R--A- . (.Windows ® Server 2003 DDK provider - Serial Device Driver.) -- C:\WINDOWS\system32\drivers\PciIsaSerial.sys [66048] O58 - SDL:[MD5.6DE789C487908D8C3781E96D05B7AE0F] - 06/07/2011 - 10:34:10 R--A- . (.Pas de propriétaire - Parallel driver for PCI Parallel Port..) -- C:\WINDOWS\system32\drivers\PciPPorts.sys [82432] O58 - SDL:[MD5.FE4150C6E6A59861AA552B5AF55CCCBC] - 06/07/2011 - 10:32:14 R--A- . (.Pas de propriétaire - Serial driver for PCI Serial Port..) -- C:\WINDOWS\system32\drivers\PciSPorts.sys [119808] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 06/07/2011 - 04:49:58 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.FEFFCFDC528764A04C8ED63D5FA6E711] - 06/07/2011 - 03:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [36528] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 06/07/2011 - 09:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 06/07/2011 - 09:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.89619EF503F949FAE09252A8B883EE11] - 06/07/2011 - 22:10:16 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [105856] O58 - SDL:[MD5.E5C925B50154D102734AB446ADE781F4] - 06/07/2011 - 17:23:56 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4622848] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 06/07/2011 - 09:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.B3C1B187FEFC941F63CE0DF93D02EB9F] - 06/07/2011 - 07:22:00 ---A- . (.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\WINDOWS\system32\drivers\sentinel.sys [90176] O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 06/07/2011 - 05:07:34 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys [16256] O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 06/07/2011 - 05:07:36 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys [32640] O58 - SDL:[MD5.B3F8B9EAB2EBE205C0FE053FBA951D8C] - 06/07/2011 - 20:36:04 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS [123200] O58 - SDL:[MD5.F2B7E8416F508368AC6730E2AE1C614F] - 06/07/2011 - 05:32:06 R--A- . (.LSI Logic - LSI Logic Fusion-MPT MiniPort Driver.) -- C:\WINDOWS\system32\drivers\symmpi.sys [28416] O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 06/07/2011 - 05:07:40 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys [28384] O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 06/07/2011 - 05:07:42 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys [30688] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 06/07/2011 - 09:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 06/07/2011 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.7B5B44EFE5EB9DADFB8EE29700885D23] - 06/07/2011 - 00:29:38 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wADV01nt.sys [12415] O58 - SDL:[MD5.EB1F6BAB6C22EDE0BA551B527475F7E9] - 06/07/2011 - 00:29:38 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wADV02NT.sys [12127] O58 - SDL:[MD5.03CE989D846C1AA81145CB22FCB86D06] - 06/07/2011 - 00:29:38 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wADV05NT.sys [11775] O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 06/07/2011 - 00:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wADV07nt.sys [11807] O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 06/07/2011 - 00:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wADV08NT.sys [11295] O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 06/07/2011 - 00:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wADV09NT.sys [11871] O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 06/07/2011 - 00:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wADV11nt.sys [11935] O58 - SDL:[MD5.D83BDD5C059667A2F647A6BE5703A4D2] - 06/07/2011 - 00:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wATV01nt.sys [29311] O58 - SDL:[MD5.ED968D23354DAA0D7C621580C012A1F6] - 06/07/2011 - 00:29:44 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wATV02NT.sys [19551] O58 - SDL:[MD5.D738273F218A224C1DDAC04203F27A84] - 06/07/2011 - 00:29:44 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wATV04nt.sys [33599] O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 06/07/2011 - 00:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wATV06nt.sys [22271] O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 06/07/2011 - 00:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wATV10nt.sys [25471] O58 - SDL:[MD5.0052D118995CBAB152DAABE6106D1442] - 06/07/2011 - 00:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys [23615] O58 - SDL:[MD5.525849B4469DE021D5D61B4DB9BE3A9D] - 06/07/2011 - 00:29:48 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wSiINTxx.sys [12063] O58 - SDL:[MD5.589C2BCDB5BD602BF7B63D210407EF8C] - 06/07/2011 - 00:29:50 ---A- . (.Intel® Corporation - Local Flat Panel Display Minidriver for Intel® Graphics Drive.) -- C:\WINDOWS\system32\drivers\wVchNTxx.sys [19455] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 06/07/2011 - 23:47:06 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 06/07/2011 - 04:31:58 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.DBCD41D42CF6F2C472B03E079057CBD2] - 06/07/2011 - 10:05:09 ---A- . (...) -- C:\WINDOWS\system32\haspdos.sys [383] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 06/07/2011 - 23:47:30 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 06/07/2011 - 04:31:58 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 06/07/2011 - 05:46:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 06/07/2011 - 23:47:44 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 06/07/2011 - 04:31:48 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 06/07/2011 - 04:31:48 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 06/07/2011 - 04:31:52 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 06/07/2011 - 04:31:46 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 06/07/2011 - 05:45:26 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 06/07/2011 - 05:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 06/07/2011 - 05:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 06/07/2011 - 05:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 06/07/2011 - 05:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.A16FB34E56C781DC56BE7492315655B9] - 06/07/2011 - 16:05:02 ---A- . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\WINDOWS\system32\SER9PL.sys [35892] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: UsbFix By TeamXscript - (.TeamXscript.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: RSIT - (.random/random.) ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\Frank\LOCALS~1\Temp\013555~1.exe (.not file.) - McAfee Application Installer Cleanup (0135551257510229) (0135551257510229mcinstcleanup) .(...) - LEGACY_0135551257510229MCINSTCLEANUP O64 - Services: CurCS - 09/05/2002 - C:\WINDOWS\system32\DRIVERS\adpu320.sys - No object(No service) .(.Adaptec, Inc. - Adaptec WinXP Ultra320 Driver.) - LEGACY_ADPU320 O64 - Services: CurCS - 29/05/2003 - C:\Program Files\Symantec\pcAnywhere\awhost32.exe - pcAnywhere Host Service(awhost32) .(.Symantec Corporation - pcAnywhere Host.) - LEGACY_AWHOST32 O64 - Services: CurCS - 21/04/2003 - C:\WINDOWS\system32\Drivers\awlegacy.sys - awlegacy(awlegacy) .(.Symantec Corporation - pcAnywhere Legacy Driver Module.) - LEGACY_AWLEGACY O64 - Services: CurCS - 15/09/2009 - C:\WINDOWS\system32\drivers\CDAC11BA.exe - C-DillaCdaC11BA(C-DillaCdaC11BA) .(.Macrovision - Macrovision RTS Service.) - LEGACY_C-DILLACDAC11BA O64 - Services: CurCS - 15/09/2009 - C:\WINDOWS\system32\drivers\CDAC15BA.sys - CdaC15BA(CdaC15BA) .(.Macrovision Europe Ltd - Macrovision SECURITY Driver.) - LEGACY_CDAC15BA O64 - Services: CurCS - 08/10/2006 - C:\WINDOWS\System32\DLA\DLABOIOM.sys - DLABOIOM(DLABOIOM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLABOIOM O64 - Services: CurCS - 08/10/2006 - C:\WINDOWS\System32\DLA\DLADResN.sys - DLADResN(DLADResN) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLADRESN O64 - Services: CurCS - 08/10/2006 - C:\WINDOWS\System32\DLA\DLAIFS_M.sys - DLAIFS_M(DLAIFS_M) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAIFS_M O64 - Services: CurCS - 08/10/2006 - C:\WINDOWS\System32\DLA\DLAOPIOM.sys - DLAOPIOM(DLAOPIOM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAOPIOM O64 - Services: CurCS - 08/10/2006 - C:\WINDOWS\System32\DLA\DLAPoolM.sys - DLAPoolM(DLAPoolM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAPOOLM O64 - Services: CurCS - 17/03/2006 - C:\WINDOWS\System32\Drivers\DLARTL_N.sys - DLARTL_N(DLARTL_N) .(.Sonic Solutions - Shared Driver Component.) - LEGACY_DLARTL_N O64 - Services: CurCS - 08/10/2006 - C:\WINDOWS\System32\DLA\DLAUDFAM.sys - DLAUDFAM(DLAUDFAM) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAUDFAM O64 - Services: CurCS - 08/10/2006 - C:\WINDOWS\System32\DLA\DLAUDF_M.sys - DLAUDF_M(DLAUDF_M) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_DLAUDF_M O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 17/03/2006 - C:\WINDOWS\System32\Drivers\DRVNDDM.sys - DRVNDDM(DRVNDDM) .(.Sonic Solutions - Device Driver Manager.) - LEGACY_DRVNDDM O64 - Services: CurCS - 22/11/2006 - C:\WINDOWS\system32\drivers\hardlock.sys - Hardlock(Hardlock) .(.Aladdin Knowledge Systems Ltd. - Hardlock Device Driver for Windows NT.) - LEGACY_HARDLOCK O64 - Services: CurCS - 28/01/2010 - C:\WINDOWS\system32\drivers\Haspnt.sys - Haspnt(Haspnt) .(.Aladdin Knowledge Systems - HASP Kernel Device Driver for Windows NT.) - LEGACY_HASPNT O64 - Services: CurCS - 22/10/2004 - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - 15/05/2007 - C:\WINDOWS\System32\drivers\InCDFs.sys - InCD File System(InCDfs) .(.Nero AG - InCD File System Driver.) - LEGACY_INCDFS O64 - Services: CurCS - 15/05/2007 - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe - InCD Helper(InCDsrv) .(.Nero AG - incdsrv.) - LEGACY_INCDSRV O64 - Services: CurCS - 24/01/2008 - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service(LightScribeService) .(.Hewlett-Packard Company - LightScribe Service.) - LEGACY_LIGHTSCRIBESERVICE O64 - Services: CurCS - 04/03/2009 - C:\Program Files\PC SOFT\Serveur HyperFileSQL\MantaManager.exe - MantaManager(MantaManager) .(.PC SOFT - MantaManager.exe (Gestion et mise à jour du.) - LEGACY_MANTAMANAGER O64 - Services: CurCS - 29/05/2011 - C:\WINDOWS\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy(MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - 08/05/2007 - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe - NMIndexingService(NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - 09/05/2005 - C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.exe - Service de repérage Symantec System Center(NSCTOP) .(.Symantec Corporation - NscTop Module.) - LEGACY_NSCTOP O64 - Services: CurCS - 17/02/2010 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.sys - SASDIFSV(SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV O64 - Services: CurCS - 10/05/2010 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.sys - SASKUTIL(SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - 14/03/2006 - C:\WINDOWS\system32\Drivers\SENTINEL.sys - Sentinel(Sentinel) .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL O64 - Services: CurCS - 14/03/2006 - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe - Sentinel Protection Server(SentinelProtectionServer) .(.SafeNet, Inc - Pas de description.) - LEGACY_SENTINELPROTECTI O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\symc810.sys - No object(No service) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810 O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\symc8xx.sys - No object(No service) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX O64 - Services: CurCS - 01/04/2005 - C:\Program Files\Symantec\SYMEVENT.sys - SymEvent(SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT O64 - Services: CurCS - 04/04/2002 - C:\WINDOWS\system32\DRIVERS\symmpi.sys - No object(No service) .(.LSI Logic - LSI Logic Fusion-MPT MiniPort Driver.) - LEGACY_SYMMPI O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_hi.sys - No object(No service) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI O64 - Services: CurCS - 18/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_u3.sys - No object(No service) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3 O64 - Services: CurCS - 04/11/2008 - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe - Vodafone Mobile Connect Service(VMCService) .(.Vodafone - VMCService.) - LEGACY_VMCSERVICE ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - Bing ---\\ Scan Additionnel (O88) Database Version : 8467 - (05/07/2011) Clés trouvées (Keys found) : 4 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0000CC75-ACF3-4cac-A0A9-DD3868E06852}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0000CC75-ACF3-4cac-A0A9-DD3868E06852}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{0000CC75-ACF3-4cac-A0A9-DD3868E06852}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000CC75-ACF3-4cac-A0A9-DD3868E06852}] =>Toolbar.Agent ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 30/12/1899 0 | (0135551257510229mcinstcleanup) . (...) - C:\DOCUME~1\Frank\LOCALS~1\Temp\013555~1.exe SS - | Demand 06/07/2011 68096 | (Adobe LM Service) . (...) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe SR - | Auto 06/07/2011 1372160 | (ArcGIS License Manager) . (.Macrovision Corporation.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe SS - | Demand 06/07/2011 106496 | (awhost32) . (.Symantec Corporation.) - C:\Program Files\Symantec\pcAnywhere\awhost32.exe SR - | Auto 06/07/2011 54784 | (C-DillaCdaC11BA) . (.Macrovision.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe SS - | Demand 06/07/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 30/12/1899 0 | (Hyper File Server : DGCC-LOME) . (...) - \Serveur\d$\Copie de Serveur GRH\Manta.exe SR - | Auto 06/07/2011 180736 | (Hyper File Server : Salle-Tirage) . (.PC SOFT.) - C:\Program Files\PC SOFT\Serveur HyperFileSQL\Manta.exe SS - | Demand 06/07/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe SR - | Auto 06/07/2011 1550896 | C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (InCDsrv) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe SR - | Auto 06/07/2011 38560 | (Intel Alert Handler) . (.Intel® Corporation.) - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe SR - | Auto 06/07/2011 59032 | (Intel Alert Originator) . (.Intel® Corporation.) - C:\WINDOWS\system32\ams_ii\iao.exe SR - | Auto 06/07/2011 42640 | (Intel File Transfer) . (.Intel® Corporation.) - C:\WINDOWS\system32\cba\xfr.exe SR - | Auto 06/07/2011 38544 | (Intel PDS) . (.Intel® Corporation.) - C:\WINDOWS\system32\cba\pds.exe SR - | Auto 06/07/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe SR - | Auto 06/07/2011 229376 | (MantaManager) . (.PC SOFT.) - C:\Program Files\PC SOFT\Serveur HyperFileSQL\MantaManager.exe SS - | Demand 06/07/2011 792112 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe SS - | Demand 06/07/2011 271920 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe SR - | Auto 06/07/2011 911456 | (NSCTOP) . (.Symantec Corporation.) - C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.exe SS - | Demand 06/07/2011 887544 | (RoxMediaDB9) . (.Sonic Solutions.) - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe SR - | Auto 06/07/2011 206400 | (SentinelProtectionServer) . (.SafeNet, Inc.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe SR - | Auto 06/07/2011 14336 | (VMCService) . (.Vodafone.) - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by dranoel at 06/07/2011 11:04:03 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 1 ntkrnlpa!IofCallDriver[0x804EF196] -> \Device\Harddisk0\DR0[0x8A7B3AB8] 3 CLASSPNP[0xBA0F8FD7] -> ntkrnlpa!IofCallDriver[0x804EF196] -> \Device\00000069[0x8A7B9F18] 5 ACPI[0xB9F7E620] -> ntkrnlpa!IofCallDriver[0x804EF196] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8A7B8940] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by dranoel at 06/07/2011 11:04:05 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (1140 lines in 03mn 35s)(0)

BONJOUR Merci Bernard53 J'ai essayé certaines manipulations déjà et je te donne les résultats. 1- j'ai utilisé UBFIX hier et ce matin. je n'ai qu'un seul rapport. De nombreuses infections ont été trouvées et éliminées. 2- Je t'envoie le rapport de MBAM. 3- j'ai refait un nouveau diagnostique. 4- Merci pour tout ############################## | UsbFix 7.048 | [suppression] Utilisateur: dranoel (Administrateur) # SALLE-TIRAGE [ ] Mis à jour le 11/06/2011 par TeamXscript Lancé à 06:52:38 | 06/07/2011 Site Web: http://www.teamxscript.org Submit your sample: http://www.teamxscript.org/Upload.php Contact: TeamXscript.ElDesaparecido@gmail.com CPU: Pentium® Dual-Core CPU E5200 @ 2.50GHz CPU 2: Pentium® Dual-Core CPU E5200 @ 2.50GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Pare-feu Windows: Activé Antivirus: Microsoft Security Essentials 3.0.8107.0 [(!) Disabled | Updated] Antivirus: Microsoft Security Essentials 2.1.6519.0 [(!) Disabled | (!) Outdated] RAM -> 2038 Mo C:\ (%systemdrive%) -> Disque fixe # 149 Go (27 Go libre(s) - 18%) [] # NTFS D:\ -> CD-ROM ################## | Éléments infectieux | Supprimé! C:\Recycler\S-1-5-21-2942218171-512202183-669109307-500 ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{95f61a21-9355-11df-8899-00237d2d2eca} ################## | Listing | [28/01/2011 - 16:05:19 | D ] C:\01 [05/07/2011 - 17:49:59 | N | 1893] C:\Ad-Report-SCAN[1].txt [22/09/2010 - 10:43:37 | D ] C:\arcgis [05/07/2011 - 17:37:31 | RASHD ] C:\Autorun.inf [17/03/2010 - 15:29:13 | D ] C:\BASIC [08/09/2009 - 16:01:13 | N | 212] C:\BOOT.BAK [14/05/2010 - 12:04:01 | N | 292] C:\boot.ini [28/08/2001 - 12:00:00 | N | 4952] C:\Bootfont.bin [30/08/2010 - 12:04:38 | N | 40] C:\Bureau (1).env [30/08/2010 - 12:04:19 | N | 40] C:\Bureau.env [14/05/2010 - 12:03:49 | D ] C:\cmdcons [13/04/2008 - 11:32:14 | N | 263504] C:\cmldr [10/08/2010 - 08:45:55 | D ] C:\Compaq [04/07/2011 - 07:27:55 | D ] C:\Config.Msi [13/07/2010 - 10:49:21 | D ] C:\Documents and Settings [18/02/2010 - 10:18:50 | D ] C:\essai [22/09/2010 - 09:45:20 | D ] C:\flexlm [15/11/2010 - 11:50:12 | D ] C:\Garmin [01/07/2011 - 12:51:03 | D ] C:\GIS-Data [24/05/2011 - 11:33:11 | D ] C:\GPS500 [08/09/2009 - 13:51:32 | D ] C:\hp [08/09/2009 - 22:35:01 | D ] C:\i386 [08/09/2009 - 16:05:57 | D ] C:\IDE [16/06/2011 - 09:39:11 | D ] C:\IDRISI Andes [13/08/2010 - 15:28:02 | N | 54] C:\IDRISI Essai.env [13/07/2010 - 09:41:53 | D ] C:\IDRISI Macon Data [13/07/2010 - 09:41:34 | D ] C:\IDRISI Tutorial [11/03/2010 - 14:09:36 | N | 0] C:\IO.SYS [24/05/2011 - 07:54:58 | N | 402] C:\LeicaOfficeDatabaseProfile.Ini [19/04/2011 - 13:23:01 | D ] C:\MBILIA BEL [31/01/2011 - 10:47:20 | D ] C:\Mes Projets [11/03/2010 - 14:09:36 | N | 0] C:\MSDOS.SYS [08/09/2009 - 16:05:11 | RHD ] C:\MSOCache [20/05/2011 - 09:54:33 | D ] C:\nomenclature.gdb [13/04/2008 - 09:43:04 | N | 47564] C:\NTDETECT.COM [13/04/2008 - 11:31:52 | N | 252240] C:\ntldr [13/08/2010 - 12:57:24 | N | 68] C:\nvo.ini [05/07/2011 - 19:14:52 | ASH | 2137174016] C:\pagefile.sys [30/08/2010 - 12:04:25 | N | 58] C:\planche numérisée.env [06/07/2011 - 06:47:52 | D ] C:\Program Files [29/03/2010 - 13:03:31 | D ] C:\Python24 [22/09/2010 - 10:29:43 | D ] C:\Python25 [05/07/2011 - 17:58:20 | N | 2228] C:\rapport.txt [31/05/2010 - 11:40:05 | D ] C:\Recups [23/06/2010 - 10:49:20 | D ] C:\Recups Claude [10/02/2011 - 12:22:20 | D ] C:\Recups Mario [21/05/2010 - 16:12:55 | D ] C:\Recups Steph [06/07/2011 - 06:52:47 | SHD ] C:\RECYCLER [05/07/2011 - 19:20:12 | D ] C:\rsit [20/06/2011 - 13:16:51 | D ] C:\Scans [17/09/2009 - 10:36:31 | D ] C:\SmartLFCD [17/09/2009 - 16:04:30 | N | 24324] C:\Stitch 2009-09-16.docx [17/09/2009 - 16:04:54 | N | 49] C:\Stitchs.txt [14/12/2009 - 08:00:44 | SHD ] C:\System Volume Information [08/09/2009 - 16:01:27 | D ] C:\system.sav [19/08/2010 - 13:12:09 | D ] C:\Temp [30/08/2010 - 12:05:16 | N | 49] C:\Traceurs.env [14/09/2010 - 08:30:54 | D ] C:\unzipped [06/07/2011 - 06:52:47 | D ] C:\UsbFix [06/07/2011 - 06:52:47 | A | 994] C:\UsbFix.txt [05/07/2011 - 17:37:31 | D ] C:\UsbFix_Upload_Me [12/03/2010 - 11:01:44 | D ] C:\WebUpdater [28/01/2010 - 10:01:06 | D ] C:\WinDev 12 [05/07/2011 - 19:15:59 | D ] C:\WINDOWS [07/09/2010 - 15:32:51 | D ] C:\WinTOPO [04/07/2011 - 15:46:19 | D ] C:\WorhShop [22/09/2010 - 10:43:50 | N | 139] C:\WORK.LOG [22/09/2010 - 10:39:16 | D ] C:\WorkSpace [24/01/2011 - 11:16:24 | D ] C:\XMEN Saison III ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_SALLE-TIRAGE.zip http://www.teamxscript.org/Upload.php Merci de votre contribution. ################## | E.O.F | Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 7028 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 06/07/2011 06:42:56 mbam-log-2011-07-06 (06-42-56).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 509787 Temps écoulé: 43 minute(s), 50 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 5 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\documents and settings\Frank\Bureau\adobe 600\6PRO\adobe.acrobat.6.0.professional.keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\documents and settings\Frank\Bureau\recups pc traceuse\Frank\Bureau\es\6PRO\adobe.acrobat.6.0.professional.keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\documents and settings\LEMA\application data\thinstall\microsoft office professional edition 2003\10000001600002i\msiexec.exe (Rootkit.Dropper) -> Quarantined and deleted successfully. c:\Recups\01\LOSTFILE\Tools\Vista\vistaactivationcracksetup.exe (Worm.VB) -> Quarantined and deleted successfully. c:\Recups\01\LOSTFILE\Tools\Vista2\vistaactivationcracksetup.exe (Worm.VB) -> Quarantined and deleted successfully.

Bonjour, je suis nouveau sur ce forum et merci de m'aider à rétablir mon pc. Après usage d'une clé USB, La plus part de mes fichiers .exe semble inhibée avec disparition de leurs icônes. Leur exécution s'accumule dans la liste des processus (gestion des taches). J'ai tenté un scan avec ZHP qui a été impossible. En mode sans echec j'ai réussi un RSIT dont voici le rapport. Merci de m'aider à le diagnostiquer Logfile of random's system information tool 1.08 (written by random/random) Run by dranoel at 2011-07-05 19:19:42 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 28 GB (18%) free of 153 GB Total RAM: 2038 MB (78% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:20:11, on 05/07/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\cmd.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\dranoel\Mes documents\Téléchargements\RSIT.exe C:\Program Files\trend micro\dranoel.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [uSBAntiVirus.exe] C:\Program Files\USBAntiVirus\USBAntiVirus.exe -Hide O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\dranoel\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\dranoel\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\dranoel\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Recherche AOL Toolbar - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\fr-FR\local\search.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=74&bd=smb&pf=desktop O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Lome.dgcc-togo.com O17 - HKLM\Software\..\Telephony: DomainName = Lome.dgcc-togo.com O17 - HKLM\System\CCS\Services\Tcpip\..\{21C32CDE-906B-4867-A2D1-8AF5AB4BE61B}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Lome.dgcc-togo.com O17 - HKLM\System\CS1\Services\Tcpip\..\{21C32CDE-906B-4867-A2D1-8AF5AB4BE61B}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Lome.dgcc-togo.com O17 - HKLM\System\CS2\Services\Tcpip\..\{21C32CDE-906B-4867-A2D1-8AF5AB4BE61B}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: McAfee Application Installer Cleanup (0135551257510229) (0135551257510229mcinstcleanup) - Unknown owner - C:\DOCUME~1\Frank\LOCALS~1\Temp\013555~1.EXE (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ArcGIS License Manager - Macrovision Corporation - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe O23 - Service: Ascidebsprdm - Macrovision Corporation - (no file) O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Hyper File Server : DGCC-LOME - Unknown owner - \\Serveur\d$\Copie de Serveur GRH\Manta.exe (file missing) O23 - Service: Hyper File Server : Salle-Tirage - PC SOFT - C:\Program Files\PC SOFT\Serveur HyperFileSQL\Manta.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Intel Alert Handler - Intel® Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe O23 - Service: Intel Alert Originator - Intel® Corporation - C:\WINDOWS\system32\ams_ii\iao.exe O23 - Service: Intel File Transfer - Intel® Corporation - C:\WINDOWS\system32\cba\xfr.exe O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MantaManager - PC SOFT - C:\Program Files\PC SOFT\Serveur HyperFileSQL\MantaManager.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Service de repérage Symantec System Center (NSCTOP) - Symantec Corporation - C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 11925 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000CC75-ACF3-4cac-A0A9-DD3868E06852}] DAPHelper Class - C:\Program Files\DAP\DAPBHO.dll [2011-07-01 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15 50376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-10-08 114748] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}] AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2007-10-16 1107296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}] Download Accelerator Plus Integration - C:\PROGRA~1\DAP\DAPIEL~1.DLL [2011-07-01 141568] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0BF43445-2F28-4351-9252-17FE6E806AA0} {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2007-10-16 1107296] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {62999427-33FC-4baf-9C9C-BCE6BD127F08} - DAP Bar - C:\Program Files\DAP\DAPIEBar.dll [2011-07-01 405504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-26 141848] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-26 166424] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-11-26 137752] "SetRefresh"=C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-10-08 127036] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-03-20 213936] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-09-11 86960] "USBAntiVirus.exe"=C:\Program Files\USBAntiVirus\USBAntiVirus.exe [2010-07-25 488448] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-05-15 1628208] "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-05-15 1057328] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936] "PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-04-07 318488] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408] "MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2008-11-04 2087424] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\dranoel\Menu Démarrer\Programmes\Démarrage Notification de cadeaux MSN.lnk - C:\Documents and Settings\dranoel\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2007-10-30 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify] C:\WINDOWS\system32\PCANotify.dll [2003-05-29 8704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5ECD31F0-F91A-11d4-B3CA-00D0B70A09D2}"=WDShell [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableStatusMessages"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=3 "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe"="C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent" "C:\Program Files\Symantec\pcAnywhere\awhost32.exe"="C:\Program Files\Symantec\pcAnywhere\awhost32.exe:*:Disabled:pcAnywhere Host Service" "C:\Program Files\Symantec\pcAnywhere\awrem32.exe"="C:\Program Files\Symantec\pcAnywhere\awrem32.exe:*:Disabled:pcAnywhere Remote Service" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" "\\Serveur\C$\BACKUP PREVENTIF\Serveur HF\Centre de Controle HF\CC100HF.exe"="\\Serveur\C$\BACKUP PREVENTIF\Serveur HF\Centre de Controle HF\CC100HF.exe:*:Disabled:CC100HF.exe" "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)" ======File associations====== .scr - open - "C:\WINDOWS\notepad.exe" "%1" .scr - install - .scr - config - .txt - open - NOTEPAD.EXE %1 ======List of files/folders created in the last 1 months====== 2011-07-05 19:19:42 ----D---- C:\rsit 2011-07-05 19:19:42 ----D---- C:\Program Files\trend micro 2011-07-05 19:05:35 ----D---- C:\Program Files\ZHPDiag 2011-07-05 17:51:37 ----A---- C:\WINDOWS\system32\tmp.txt 2011-07-05 17:47:36 ----A---- C:\Ad-Report-SCAN[1].txt 2011-07-05 17:37:31 ----RASHD---- C:\Autorun.inf 2011-07-05 17:37:31 ----D---- C:\UsbFix_Upload_Me 2011-07-05 17:27:10 ----A---- C:\WINDOWS\ntbtlog.txt 2011-07-05 17:07:57 ----A---- C:\rapport.txt 2011-07-05 16:49:53 ----D---- C:\UsbFix 2011-07-04 15:47:45 ----D---- C:\Documents and Settings\dranoel\Application Data\Mozilla 2011-07-04 15:47:38 ----D---- C:\Program Files\Mozilla Firefox 2011-07-01 10:46:58 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit 2011-07-01 10:46:54 ----D---- C:\Program Files\Fichiers communs\SpeedBit 2011-07-01 10:46:52 ----A---- C:\WINDOWS\system32\EasyHook64.dll 2011-07-01 10:46:52 ----A---- C:\WINDOWS\system32\EasyHook32.dll 2011-07-01 10:13:04 ----D---- C:\Config.Msi 2011-07-01 10:07:00 ----A---- C:\WINDOWS\system32\wbhelp2.dll 2011-07-01 10:06:59 ----D---- C:\Program Files\DAP 2011-06-30 14:25:49 ----A---- C:\WINDOWS\system32\muweb.dll 2011-06-30 14:25:49 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2011-06-30 14:25:49 ----A---- C:\WINDOWS\system32\mucltui.dll 2011-06-29 14:39:39 ----HD---- C:\WINDOWS\msdownld.tmp 2011-06-29 14:39:24 ----D---- C:\WINDOWS\WBEM 2011-06-29 14:37:49 ----HDC---- C:\WINDOWS\ie8 2011-06-29 12:48:32 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2011-06-29 12:45:33 ----D---- C:\Documents and Settings\dranoel\Application Data\Macromedia 2011-06-29 08:30:32 ----A---- C:\WINDOWS\system32\DWRCSh32.DLL 2011-06-29 08:28:53 ----D---- C:\Documents and Settings\dranoel\Application Data\DWMRCMSI 2011-06-29 08:26:46 ----D---- C:\Documents and Settings\dranoel\Application Data\DameWare Development 2011-06-29 08:25:31 ----D---- C:\Program Files\DameWare Development ======List of files/folders modified in the last 1 months====== 2011-07-05 19:19:42 ----D---- C:\Program Files 2011-07-05 19:15:59 ----D---- C:\WINDOWS 2011-07-05 19:13:59 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-07-05 19:06:19 ----D---- C:\WINDOWS\Prefetch 2011-07-05 19:00:15 ----D---- C:\Documents and Settings\dranoel\Application Data\Adobe 2011-07-05 18:59:53 ----D---- C:\WINDOWS\system32 2011-07-05 18:02:35 ----D---- C:\WINDOWS\Temp 2011-07-05 17:36:54 ----SHD---- C:\RECYCLER 2011-07-05 15:16:50 ----D---- C:\WINDOWS\Debug 2011-07-05 15:11:26 ----D---- C:\WINDOWS\system32\CatRoot2 2011-07-05 15:09:57 ----D---- C:\WINDOWS\system32\drivers 2011-07-05 11:02:37 ----SHD---- C:\WINDOWS\CSC 2011-07-04 15:46:19 ----D---- C:\WorhShop 2011-07-04 13:30:05 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2011-07-01 12:51:03 ----D---- C:\GIS-Data 2011-07-01 12:46:54 ----D---- C:\Documents and Settings\dranoel\Application Data\ESRI 2011-07-01 11:21:34 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2011-07-01 10:46:54 ----D---- C:\Program Files\Fichiers communs 2011-07-01 10:41:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2011-07-01 10:13:08 ----SHD---- C:\WINDOWS\Installer 2011-07-01 10:13:07 ----D---- C:\Documents and Settings\dranoel\Application Data\SUPERAntiSpyware.com 2011-07-01 10:13:06 ----D---- C:\Program Files\SUPERAntiSpyware 2011-06-30 15:07:16 ----A---- C:\WINDOWS\NeroDigital.ini 2011-06-30 14:50:05 ----HD---- C:\WINDOWS\inf 2011-06-30 14:23:53 ----RSHD---- C:\WINDOWS\system32\dllcache 2011-06-30 08:19:36 ----D---- C:\WINDOWS\system32\fr-fr 2011-06-30 08:19:35 ----D---- C:\WINDOWS\Help 2011-06-30 08:19:35 ----D---- C:\Program Files\Internet Explorer 2011-06-29 14:39:27 ----D---- C:\WINDOWS\system32\config 2011-06-29 14:39:15 ----D---- C:\WINDOWS\Media 2011-06-29 14:37:00 ----SD---- C:\Documents and Settings\dranoel\Application Data\Microsoft 2011-06-29 14:13:18 ----D---- C:\WINDOWS\system32\NtmsData 2011-06-29 12:48:47 ----D---- C:\WINDOWS\SoftwareDistribution 2011-06-29 11:47:57 ----SD---- C:\WINDOWS\Tasks 2011-06-29 11:46:41 ----D---- C:\Program Files\USBAntiVirus 2011-06-20 13:16:51 ----D---- C:\Scans 2011-06-16 09:39:11 ----D---- C:\IDRISI Andes 2011-06-16 09:39:10 ----A---- C:\WINDOWS\system32\svbp449.dll 2011-06-16 09:39:10 ----A---- C:\WINDOWS\system32\prsgrc.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-08-18 89456] R0 Gernuwa;Gernuwa; C:\WINDOWS\system32\drivers\Gernuwa.sys [2003-04-21 13898] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-07-24 36528] R1 AW_HOST;AW_HOST; C:\WINDOWS\system32\drivers\aw_host5.sys [2003-05-05 24365] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-03-17 5660] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2006-03-17 22684] R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-05-15 37040] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-05-15 38576] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 awlegacy;awlegacy; C:\WINDOWS\System32\Drivers\awlegacy.sys [2003-04-21 10901] S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] S1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 46848] S1 SASDIFSV;SASDIFSV; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [] S1 SASKUTIL;SASKUTIL; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS [] S2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS [] S2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-10-08 26044] S2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-10-08 2496] S2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-10-08 87004] S2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-10-08 15068] S2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-10-08 6364] S2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-10-08 88476] S2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-10-08 94460] S2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-03-17 40544] S2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] S2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys [] S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-03-14 90176] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-12-30 101120] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-30 5851488] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-06 4622848] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 PciPPorts;PCI ECP Parallel Port; C:\WINDOWS\system32\DRIVERS\PciPPorts.sys [2008-05-22 82432] S3 PciSPorts;High-Speed PCI Serial Port; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [2008-05-22 119808] S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS [] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-09 105472] S4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-05-15 118576] S4 Symmpi;Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2002-04-04 28416] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736] S2 0135551257510229mcinstcleanup;McAfee Application Installer Cleanup (0135551257510229); C:\DOCUME~1\Frank\LOCALS~1\Temp\013555~1.EXE C:\PROGRA~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [] S2 ArcGIS License Manager;ArcGIS License Manager; C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe [2008-01-11 1372160] S2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2009-09-15 54784] S2 Hyper File Server : DGCC-LOME;Hyper File Server : DGCC-LOME; \\Serveur\d$\Copie de Serveur GRH\Manta.exe [2009-04-16 180736] S2 Hyper File Server : Salle-Tirage;Hyper File Server : Salle-Tirage; C:\Program Files\PC SOFT\Serveur HyperFileSQL\Manta.exe [2009-04-16 180736] S2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-05-15 1550896] S2 Intel Alert Handler;Intel Alert Handler; C:\WINDOWS\system32\ams_ii\hndlrsvc.exe [2005-02-21 38560] S2 Intel Alert Originator;Intel Alert Originator; C:\WINDOWS\system32\ams_ii\iao.exe [2005-02-21 59032] S2 Intel File Transfer;Intel File Transfer; C:\WINDOWS\system32\cba\xfr.exe [2005-02-21 42640] S2 Intel PDS;Intel PDS; C:\WINDOWS\system32\cba\pds.exe [2005-02-21 38544] S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2008-01-24 73728] S2 MantaManager;MantaManager; C:\Program Files\PC SOFT\Serveur HyperFileSQL\MantaManager.exe [2009-03-04 229376] S2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] S2 NSCTOP;Service de repérage Symantec System Center; C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE [2005-05-09 911456] S2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-04-07 576024] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] S2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2006-03-14 206400] S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-04 14336] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-09-15 68096] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 awhost32;pcAnywhere Host Service; C:\Program Files\Symantec\pcAnywhere\awhost32.exe [2003-05-29 106496] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-06 887544] -----------------EOF-----------------