Infection Monwga32.exe

pakie · le 26 avril 2010

Bonjour,

Je suis apparemment infectée par Monxga32.exe qui ralentit énormément mon ordi ...

Je vous copie les rapports antivir et ZHPDiag ...

Merci de votre aide.

Rapport de ZHPDiag v1.25.1408 par Nicolas Coolman

Run by Amidala at 24/04/2010 11:47:09

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser

MSIE: Internet Explorer v7.0.5730.11

---\\ System Information

Platform : Microsoft Windows XP (5.1.2600) Service Pack 2

Processor: x86 Family 6 Model 10 Stepping 0, AuthenticAMD

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1023 MB (67% free)

System drive C: has 3 GB (14%) free of 20 GB

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 20 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 20 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 17 Go)

F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

---\\ Processus lancés

[MD5.7577019A01C57EA335B1E33DDA25A3DD] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe [98304]

[MD5.C93AB037A8C792D5F8A1A9FC88A7C7C5] - (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [155648]

[MD5.9E109B03018763FDCB075CE74547BE22] - (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [249856]

[MD5.583B7D111304BE63D7D9CB65482D2187] - (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [81920]

[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [148888]

[MD5.8D65ECE2E86B1B5FD38C4A19F5ECBFBB] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe [1331200]

[MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152]

[MD5.AAD52179D4A526AD4A705B87C6E4F72A] - (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504]

[MD5.3241525EC39DD14312A193CADBF70F75] - (.Corel, Inc. - Corel Photo Album 6 Application.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [106496]

[MD5.CF4A0E2C240501C826977ACC5F0E8411] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [282792]

[MD5.5584247B568C2E53934873F4B655FE6A] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360]

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]

[MD5.18B4B12358EFCF68D76812058A26181F] - (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883856]

[MD5.E3CFCFDEA8ECFC9A21819D21B1D4A92C] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [144448]

[MD5.17067069B9A7865028C1F2E6971D0CCC] - (.Lavasoft - Ad-Aware Service.) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664]

[MD5.1BD6C2F707A275CB7C16FD99FE0F31CA] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\system32\svchost.exe [14336]

[MD5.AA3D68F26B2A27F660AFC46039B061A4] - (.Wireless Service - ANIWZCS2 Service Launcher.) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [49152]

[MD5.870D480C911A7EE9A98B3CB190D95D22] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [512000]

[MD5.6B6B5DE3F63C3F9E9DE4F84729395F37] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [593920]

[MD5.732E0B1ABAACE15D80EC19056B0A2AF9] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [108544]

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]

[MD5.890369AED0DDE1A98F09F7DC239CA2BD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984]

[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120]

[MD5.9F3744A5C6F49291A7A685040A013399] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312]

[MD5.999AA77152F16A40A5727FC657EF66C3] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152]

[MD5.DA81EC57ACD4CDC3D4C51CF3D409AF9F] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856]

[MD5.C81B8635DEE0D3EF5F64B3DD643023A5] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912]

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16674 (vista_gdr.080415-1732)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe

O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [iSUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe

O4 - HKLM\..\Run: [iSUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

O4 - HKLM\..\Run: [D-Link AirPlus XtremeG DWL-G520] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [updatePDRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe

O4 - HKLM\..\Run: [Corel Photo Downloader] . (.Corel, Inc. - Corel Photo Album 6 Application.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-18\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

O4 - Global Startup: Activer le Poste de Travail Sans Fil Labtec.lnk . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Labtec\MagicKey.exe

O4 - Global Startup: Craft ROBO Status Supervisor.lnk . (.Graphtec Corporation - Craft ROBO Status Supervisor.) -- C:\Program Files\Craft ROBO Controller\CRSSupervisor.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: NewShortcut1.lnk . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\USB_video_device\Utility\RemoteTool\BDARemote.exe

O4 - Global Startup: monxga32.exe . (.Pas de propriétaire - Pas de description.) -- C:\Documents And Settings\Amidala\Menu Démarrer\Programmes\Démarrage\monxga32.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Barre RoboForm - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe

O8 - Extra context menu item: Enregistrer le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll

O8 - Extra context menu item: Personnaliser le menu - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Remplir le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc3.cab

O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1183836618673

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} (Pixum EasyUploadX Control) - http://www.pixum.fr/apps/EasyUploadX.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CCS\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CCS\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CCS\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS1\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS1\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS1\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS1\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS2\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS2\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS2\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS2\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS3\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS3\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS3\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS3\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS4\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS4\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS4\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS4\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS5\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS5\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS5\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS5\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS6\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS6\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS6\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS6\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS7\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103

O17 - HKLM\System\CS7\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS7\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177

O17 - HKLM\System\CS7\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Lavasoft Ad-Aware Service (aawservice) . (.Lavasoft - Ad-Aware Service.) - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: ANIWZCSd Service (ANIWZCSdService) . (.Wireless Service - ANIWZCS2 Service Launcher.) - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cac80a9bb5050.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Adobe\Director\SwDir.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: avgntdd (avgntdd) . (.Avira GmbH - Avira AntiVir File Filter Driver.) - C:\WINDOWS\sysTEM32\DRIVERS\avgntdd.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: ADS Tech V3.6.1 Instant DVD CapWiz - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: AI RoboForm (All Users) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: ANIO Service - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: ANIWZCS2 Service - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM]

O42 - Logiciel: Adobe Download Manager 2.0 (Supprimer uniquement) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Adobe Reader 7.0.7 - Français - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM]

O42 - Logiciel: AirPlus XtremeG DWL-G520 - (.D-Link.) [HKLM]

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Avant Browser (remove only) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM]

O42 - Logiciel: BankPerfect 6.23 - (.Fabio Chelly.) [HKLM]

O42 - Logiciel: C-Media 3D Audio - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Cars Quatre Roues - Aventures à Radiator Springs - (.AWE Games.) [HKLM]

O42 - Logiciel: Color'Album 1.0 - (.ColorClub.) [HKLM]

O42 - Logiciel: Corel Photo Album 6 - (.Corel, Inc..) [HKLM]

O42 - Logiciel: Craft ROBO Controller - (.Graphtec.) [HKLM]

O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM]

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM]

O42 - Logiciel: DVD Decrypter 3.5.4.0 Fr - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM]

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM]

O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM]

O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM]

O42 - Logiciel: EPSON CardMonitor - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: EPSON PhotoStarter3.1 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Font Xplorer 1.2.2 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Gimp pour Windows - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM]

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM]

O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: IZArc 3.5 beta 3 - (.Ivan Zahariev.) [HKLM]

O42 - Logiciel: Inkscape 0.45.1 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Java 2 Runtime Environment, SE v1.4.2_19 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Java 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: K-Lite Codec Pack 2.72 Full - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Lesaccros2.com - Service Photo - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]

O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2003 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Office Standard Edition 2003 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Mister Clic V1.5.1.5 - (.Mister Clic.) [HKLM]

O42 - Logiciel: Mon Univers Photo Pixiphot - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Nero 7 Demo - (.Nero AG.) [HKLM]

O42 - Logiciel: O&O DiskRecovery - (.O&O Software GmbH.) [HKLM]

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM]

O42 - Logiciel: PHOTOfunSTUDIO -viewer- - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Panneau de contrôle ATI - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: PhotoRescue 2.1 Demo Version (build 679) - (.DataRescue SA/NV.) [HKLM]

O42 - Logiciel: Poste de Travail Sans Fil Labtec - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: ROBO Master - (.Graphtec.) [HKLM]

O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM]

O42 - Logiciel: USB Audio/Video Driver - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Ulead DVD MovieFactory 2 SE - (.Ulead Systems, Inc..) [HKLM]

O42 - Logiciel: Ulead Straight-to-Disc SDK - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Ulead VideoStudio 7 SE DVD - (.Ulead Systems, Inc..) [HKLM]

O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM]

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: dBpowerAMP Music Converter - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: dBpowerAMP WMA V9.1 Codec - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: iDeal Designer - (.Hygena.) [HKLM]

---\\ HKCU & HKLM Software Keys

[HKCU\Software\3ivx]

[HKCU\Software\ADSTech]

[HKCU\Software\ANI]

[HKCU\Software\ATI Technologies Inc.]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\AliveDVDRipper]

[HKCU\Software\AppDataLow]

[HKCU\Software\Aurigma]

[HKCU\Software\Avant Browser]

[HKCU\Software\Avira]

[HKCU\Software\BITSoft]

[HKCU\Software\BankPerfect]

[HKCU\Software\CeWe Color]

[HKCU\Software\Cirrus Logic USB-DVR2]

[HKCU\Software\Classes]

[HKCU\Software\CoreVorbis]

[HKCU\Software\Corel]

[HKCU\Software\CyberLink]

[HKCU\Software\DVD Decrypter]

[HKCU\Software\DVD Shrink]

[HKCU\Software\DivXNetworks]

[HKCU\Software\EPSON]

[HKCU\Software\GNU]

[HKCU\Software\GRAPE SYSTEMS]

[HKCU\Software\GSpot Appliance Corp]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\Graphtec]

[HKCU\Software\H+BEDV]

[HKCU\Software\HKEY_LOCAL_MACHINE]

[HKCU\Software\HaaliMkx]

[HKCU\Software\Haali]

[HKCU\Software\IM Providers]

[HKCU\Software\IZSoftware]

[HKCU\Software\Illustrate]

[HKCU\Software\InstallShield]

[HKCU\Software\Install]

[HKCU\Software\Intel]

[HKCU\Software\InterVideo]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavasoft]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Luke Pascoe Software]

[HKCU\Software\Luminar]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Moon Software]

[HKCU\Software\Moonlight Cordless]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Opendisc]

[HKCU\Software\PAW-Software]

[HKCU\Software\PDFCreator]

[HKCU\Software\PIXUM]

[HKCU\Software\Pegasys Inc.]

[HKCU\Software\Policies]

[HKCU\Software\Protexis]

[HKCU\Software\RECISIO]

[HKCU\Software\SCC]

[HKCU\Software\SecuROM]

[HKCU\Software\Sensaura]

[HKCU\Software\Siber Systems]

[HKCU\Software\Smart Panel]

[HKCU\Software\Snapfish]

[HKCU\Software\TCP Optimizer]

[HKCU\Software\THQ]

[HKCU\Software\Trolltech]

[HKCU\Software\TurnTool]

[HKCU\Software\ULead]

[HKCU\Software\Ulead Systems]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VFPlugin]

[HKCU\Software\WayTech]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\eBay]

[HKCU\Software\muvee Technologies]

[HKCU\Software\xp-AntiSpy]

[HKCU\Software\yahoo]

[HKLM\Software\10tacle Studios]

[HKLM\Software\3ivx]

[HKLM\Software\68652936]

[HKLM\Software\76918031]

[HKLM\Software\ANI]

[HKLM\Software\ATI Technologies Inc.]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe Systems]

[HKLM\Software\Adobe]

[HKLM\Software\Alpha Networks]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Avant Browser]

[HKLM\Software\Avira]

[HKLM\Software\C-Media]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Cirrus Logic USB-DVR2]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Corel]

[HKLM\Software\Cyberlink]

[HKLM\Software\D-Link]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EPSON]

[HKLM\Software\GIMP_Back_Mode]

[HKLM\Software\GNU]

[HKLM\Software\Gabest]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\Graphtec]

[HKLM\Software\HPS]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hofmann]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\Jasc]

[HKLM\Software\JavaSoft]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Lavasoft]

[HKLM\Software\Macromedia]

[HKLM\Software\Moon Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\My Company Name]

[HKLM\Software\Nero]

[HKLM\Software\NewSoft]

[HKLM\Software\O&O]

[HKLM\Software\ODBC]

[HKLM\Software\On2 Technologies]

[HKLM\Software\Panasonic]

[HKLM\Software\Policies]

[HKLM\Software\Preview Systems]

[HKLM\Software\Program Groups]

[HKLM\Software\Protexis]

[HKLM\Software\RECISIO]

[HKLM\Software\S3R521]

[HKLM\Software\SBDT AB]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\Siber Systems]

[HKLM\Software\Smart Panel]

[HKLM\Software\Sonic]

[HKLM\Software\StreamMachine]

[HKLM\Software\Thrustmaster]

[HKLM\Software\USB2800]

[HKLM\Software\Ulead Systems]

[HKLM\Software\Ulead]

[HKLM\Software\VIA Technologies, Inc]

[HKLM\Software\Via4in1Driver]

[HKLM\Software\WayTech]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Yahoo]

[HKLM\Software\ahead]

[HKLM\Software\muvee Technologies]

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\ADSTech Instant DVD

O43 - CFD:Common File Directory ----D- C:\Program Files\ADSTech Instant DVD+DV

O43 - CFD:Common File Directory ----D- C:\Program Files\ANI

O43 - CFD:Common File Directory ----D- C:\Program Files\AntiVir PersonalEdition Classic

O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Avant Browser

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\BankPerfect

O43 - CFD:Common File Directory ----D- C:\Program Files\C-Media 3D Audio

O43 - CFD:Common File Directory ----D- C:\Program Files\Color'Album

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\Corel

O43 - CFD:Common File Directory ----D- C:\Program Files\Craft ROBO Controller

O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink

O43 - CFD:Common File Directory ----D- C:\Program Files\D-Link

O43 - CFD:Common File Directory ----D- C:\Program Files\directx

O43 - CFD:Common File Directory ----D- C:\Program Files\DivX

O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Decrypter

O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink

O43 - CFD:Common File Directory ----D- C:\Program Files\eBay

O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)

O43 - CFD:Common File Directory ----D- C:\Program Files\Font Xplorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Gimp

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\GRAPHTEC

O43 - CFD:Common File Directory ----D- C:\Program Files\Hofmann

O43 - CFD:Common File Directory ----D- C:\Program Files\Hygena

O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate

O43 - CFD:Common File Directory ----D- C:\Program Files\Inkscape

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\IZArc

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD:Common File Directory ----D- C:\Program Files\KaraFun

O43 - CFD:Common File Directory ----D- C:\Program Files\Labtec

O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Lesaccros2-Service Photo

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\Micro Application

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)

O43 - CFD:Common File Directory ----D- C:\Program Files\Mister Clic

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\OfficeUpdate11

O43 - CFD:Common File Directory ----D- C:\Program Files\OO Software

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\Panasonic

O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator

O43 - CFD:Common File Directory ----D- C:\Program Files\pese_courrier

O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoRescue

O43 - CFD:Common File Directory ----D- C:\Program Files\Pixiphot

O43 - CFD:Common File Directory ----D- C:\Program Files\Poste de Travail Sans Fil Labtec

O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- C:\Program Files\ROBO Master

O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy)

O43 - CFD:Common File Directory ----D- C:\Program Files\Siber Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel

O43 - CFD:Common File Directory ----D- C:\Program Files\Sweet Home 3D

O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy)

O43 - CFD:Common File Directory ----D- C:\Program Files\THQ

O43 - CFD:Common File Directory ----D- C:\Program Files\TurnTool

O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\USB_video_device

O43 - CFD:Common File Directory ----D- C:\Program Files\VIA

O43 - CFD:Common File Directory ----D- C:\Program Files\Weight Watchers

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!

O43 - CFD:Common File Directory --H-D- C:\Program Files\Zero G Registry

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Corel

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ulead Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Vbox

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ulead Systems

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.842478E265C446F210C60255D0343A37] - 24/04/2010 - 10:30:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [12598]

O44 - LFC:[MD5.3F98F34D61243D4486F411E126CC6045] - 24/04/2010 - 10:30:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ANIWZCS{7B33CA3A-BCEB-4828-B405-4B5978A10788} [3284]

O44 - LFC:[MD5.C4B8CFAEEFF1E49A9B99D1BB5190AEE1] - 24/04/2010 - 10:30:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ANIWZCSUSERNAME{7B33CA3A-BCEB-4828-B405-4B5978A10788} [8]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/04/2010 - 10:30:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.00000000000000000000000000000000] - 24/04/2010 - 10:30:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.00000000000000000000000000000000] - 24/04/2010 - 10:30:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [157]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 24/04/2010 - 10:29:23 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 22/04/2010 - 21:10:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\jszra.sys [586240]

O44 - LFC:[MD5.AAD8F97AB9FCDD1280B3416B77DA4CD4] - 22/04/2010 - 21:10:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1728962]

O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 21:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\vldhwzbp.sys [586240]

O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 21/04/2010 - 20:40:50 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [28520]

O44 - LFC:[MD5.1289E9A5D9118A25A13C0009519088E3] - 21/04/2010 - 20:40:49 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\System32\drivers\avipbb.sys [124784]

O44 - LFC:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 21/04/2010 - 20:40:48 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [22360]

O44 - LFC:[MD5.5B44C214F9CD9F590BE9125347610380] - 21/04/2010 - 20:40:48 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\System32\drivers\avgntdd.sys [45416]

O44 - LFC:[MD5.A88D29D928AD2B830E87B53E3F9BC182] - 21/04/2010 - 20:40:48 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgntflt.sys [60936]

O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 20:26:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\muejykh.sys [586240]

O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 20/04/2010 - 06:08:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\xozqr.sys [586240]

O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 17/04/2010 - 20:31:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116]

O44 - LFC:[MD5.0822C72460ADB2FB3E7BA2D2D097C600] - 11/04/2010 - 18:54:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\IE4 Error Log.txt [1147]

O44 - LFC:[MD5.44E374AB50198740E1342586CA839EDB] - 11/04/2010 - 18:52:32 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\KGyGaAvL.sys [3506]

O44 - LFC:[MD5.4DE2D6C86FCDFF8F1E31F4A76A6B535C] - 11/04/2010 - 18:52:32 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\95E1D0B6AE.sys [88]

O44 - LFC:[MD5.8BFE9C8F968CAA02B2A693FF2E82A9AF] - 11/04/2010 - 18:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [214258]

O44 - LFC:[MD5.B1E55666A1DF887CE556F4C76C3D5755] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [52764]

O44 - LFC:[MD5.47C7DD6B8A63AE639469B2C1275D94B4] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [63614]

O44 - LFC:[MD5.187EAAC16F435849F6BB4E6C0A4B96B3] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [380350]

O44 - LFC:[MD5.5B77A8213B01234F9D41F34000725A1D] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [445016]

O44 - LFC:[MD5.408757CD1A0FB6E73008121F8072317C] - 28/03/2010 - 19:19:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [951946]

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "J:\Data\Documents\Pilotes\DNS-323(NAS)\dns323_EasySearch_420.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- J:\Data\Documents\Pilotes\DNS-323(NAS)\dns323_EasySearch_420.exe

O47 - AAKE:Key Export SP - "C:\Program Files\CyberLink\PowerDirector\PDR.exe" [Enabled] .(.CyberLink Corp. - PowerDirector.) (.not file.) -- C:\Program Files\CyberLink\PowerDirector\PDR.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\Temp\_ex-08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\Temp\_ex-08.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\Temp\~TMD.tmp" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\Temp\~TMD.tmp:*:Disabled:~TMD

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\services.exe" [Enabled] .(.Microsoft Corporation - Applications Services et Contrôleur.) (.not file.) -- C:\WINDOWS\system32\services.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{f64d6810-918d-11de-a1df-00196609771e}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- I:\Setup.exe (.not file.)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll

O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\x264vfw.dll

O52 - TDSD: \Drivers32\"VIDC.DIV3"="DivXc32.dll" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32.dll

O52 - TDSD: \Drivers32\"VIDC.DIV4"="DivXc32f.dll" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32f.dll

O52 - TDSD: \Drivers32\"VIDC.3iv2"="3ivxVfWCodec.dll" . (.3ivx.com - 3ivx D4 4.5.1 Pro Video for Windows Codec.) -- C:\WINDOWS\System32\3ivxVfWCodec.dll

O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll

O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm

O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll

O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec (PRO)" . (.Fraunhofer Institut Integrierte Schaltungen - "MPEG Layer-3 Audio Codec Pro ".) -- C:\WINDOWS\System32\l3codecp.acm

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"x264vfw.dll"="x264 H.264 Video Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"DivXc32.dll"="DivX ;-) MPEG-4 (Low-Motion)" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32.dll

O52 - TDSD: \drivers.desc\"DivXc32f.dll"="DivX ;-) MPEG-4 (Fast-Motion)" . (.Hacked with Joy ! - DivX ;-) MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32f.dll

O52 - TDSD: \drivers.desc\"3ivxVfWCodec.dll"="3ivx D4 4.5.1 Pro" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm

O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX ;-) Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC3 ACM Decompressor" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \drivers.desc\"C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm"="Dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.2.5 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\68652936 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\DOCUME~1\ALLUSE~1\APPLIC~1\68652936\68652936.exe

O53 - SMSR:HKLM\...\startupreg\76918031 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\DOCUME~1\ALLUSE~1\APPLIC~1\76918031\76918031.exe

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKCU\...\Policies\Explorer] - "ClearRecentDocsjava-script"=1

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.21AF8E9C727C6D7643AD497268F55BF1] - 24/05/2007 - 18:15:00 ---A- . (.D-Link Corporation - Driver for D-Link Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\A3AB.sys

O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 03/08/2004 - 21:31:20 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys

O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 29/03/2000 - 15:17:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS

O58 - SDL:[MD5.7554246A1F39CEFD6C42B80016BDCCA8] - 22/01/2008 - 22:38:03 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 11/05/2009 - 11:49:28 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys

O58 - SDL:[MD5.A88D29D928AD2B830E87B53E3F9BC182] - 16/02/2010 - 13:24:01 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 11/05/2009 - 11:49:28 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

O58 - SDL:[MD5.1289E9A5D9118A25A13C0009519088E3] - 01/03/2010 - 09:05:24 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys

O58 - SDL:[MD5.124E75B7C483E5D646F99EF5ACFD61B8] - 29/04/2008 - 10:19:50 ---A- . (.Lavasoft AB - Driver for Ad-Watch Real-Time Process protection.) -- C:\WINDOWS\system32\drivers\Awrtpd.sys

O58 - SDL:[MD5.973E80FEB99243D150FA3CA490698EB0] - 29/04/2008 - 10:19:54 ---A- . (.Lavasoft AB - Driver for Ad-Watch Real-Time Registry Protection.) -- C:\WINDOWS\system32\drivers\Awrtrd.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.924AB66E831E9CF3E20DBC6B63103516] - 23/08/2004 - 09:21:12 R--A- . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\system32\drivers\cmuda.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.B2418FB4CD0D46361B7AF43FCF15CFBB] - 07/04/2005 - 09:00:18 ---A- . (.ADS - Instant DVD 2.0.) -- C:\WINDOWS\system32\drivers\dvr2ins.sys

O58 - SDL:[MD5.6E883BF518296A40959131C2304AF714] - 17/08/2001 - 19:11:06 ---A- . (.3Com Corporation - 3Com EtherLink PCI Driver.) -- C:\WINDOWS\system32\drivers\el90xbc5.sys

O58 - SDL:[MD5.01293927595AD16D0A9979AB85C3A755] - 23/08/2001 - 18:13:30 ---A- . (.3Com Corporation - Pilote Miniport réseau 3Com Fast EtherLink XL / EtherLink XL.) -- C:\WINDOWS\system32\drivers\el90xnd5.sys

O58 - SDL:[MD5.4C3180982ABBC7CFA14DD21C0CBB1C22] - 14/05/2008 - 19:32:42 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\WINDOWS\system32\drivers\emBDA.sys

O58 - SDL:[MD5.49B03351781DE98981DF0814A15DC992] - 14/05/2008 - 19:32:24 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\WINDOWS\system32\drivers\emOEM.sys

O58 - SDL:[MD5.A2A85C1375FA4037419B94D91437C21C] - 21/05/2002 - 12:40:18 R--A- . (.Sitecom - Sitecom LN-020.) -- C:\WINDOWS\system32\drivers\FASTNIC.sys

O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 17/08/2001 - 19:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5.sys

O58 - SDL:[MD5.B7186B33B6CF3A23841015531E6E7D68] - 11/11/2003 - 11:41:08 R--A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5b.sys

O58 - SDL:[MD5.25EDD75E23C5EF6B33D0FBCCE125A601] - 15/08/2005 - 11:08:26 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys

O58 - SDL:[MD5.9C4BBACF4E9B9543C3CE23F1FE556941] - 15/08/2005 - 11:08:26 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys

O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 22/04/2010 - 21:10:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\jszra.sys

O58 - SDL:[MD5.A8480D72EB28D76DB6DD3A32B0D8F8B0] - 15/10/2002 - 14:48:46 ---A- . (.WayTech Development, Inc. - Keyboard filter driver.) -- C:\WINDOWS\system32\drivers\kbfilter.sys

O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 20:26:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\muejykh.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.AC3E7DB45F04EBD40F4C1E0A0D774269] - 29/04/2008 - 10:20:00 ---A- . (.Lavasoft AB - Driver for Ad-Watch network monitoring.) -- C:\WINDOWS\system32\drivers\NSDriver.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.86724469CD077901706854974CD13C3E] - 25/04/2005 - 01:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 04/08/2004 - 23:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/05/2009 - 09:12:49 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.4B039BBD037B01F5DB5A144C837F283A] - 02/07/2003 - 03:42:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS

O58 - SDL:[MD5.0363E216E4EB5052969C96608934DBDE] - 20/06/2005 - 11:53:30 R--A- . (.VIA Technologies inc,.ltd - VIA RAID DRIVER FOR WIN 2000/XP/2003IA32.) -- C:\WINDOWS\system32\drivers\viamraid.sys

O58 - SDL:[MD5.7C6DD89E2B5E78A8247E327C2B301DB1] - 12/03/2002 - 01:57:00 ---A- . (.VIA Technologies, Inc. - VIA AC'97 Enhanced Audio WDM Driver.) -- C:\WINDOWS\system32\drivers\viaudio.sys

O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 21:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\vldhwzbp.sys

O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 20/04/2010 - 06:08:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\xozqr.sys

O58 - SDL:[MD5.00000000000000000000000000000000] - 24/04/2010 - 02:50:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\yrzeqf.sys

O58 - SDL:[MD5.00000000000000000000000000000000] - 24/04/2010 - 02:50:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\yxhmawja.sys

O58 - SDL:[MD5.4DE2D6C86FCDFF8F1E31F4A76A6B535C] - 11/04/2010 - 18:52:32 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\95E1D0B6AE.sys

O58 - SDL:[MD5.920298C7AEF97D8168D219D35975D295] - 12/05/2007 - 16:39:32 ---A- . (.Alpha Networks Inc. - ANIO (NT5) Driver.) -- C:\WINDOWS\system32\ANIO.sys

O58 - SDL:[MD5.ACF780F3DCE634A0B8ECE6E3CD505C9C] - 12/05/2007 - 16:39:32 ---A- . (.ANI - ANIO (NDIS4) Driver.) -- C:\WINDOWS\system32\anio4.sys

O58 - SDL:[MD5.5AE0176FCF1EDB5CEE28E4D542085107] - 12/05/2007 - 16:39:32 ---A- . (.Alpha Networks Inc. - ANIO (NT5) Driver.) -- C:\WINDOWS\system32\ANIO64.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.44E374AB50198740E1342586CA839EDB] - 11/04/2010 - 18:52:32 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

O58 - SDL:[MD5.A568B9A9FFE2D9387222A5C90F86D731] - 17/07/2003 - 09:10:06 R--A- . (.VIA Networking Technologies, Inc. - Network Device Monitor Utility.) -- C:\WINDOWS\system32\ntsim.sys

O58 - SDL:[MD5.354585D8E53F2FF9B8AD5E1E2EF68CEF] - 07/03/2005 - 19:44:18 ---A- . (.Matsushita Electric Industrial Co., Ltd. - Phoebe Photo Distribution Manager.) -- C:\WINDOWS\system32\PhDi2.sys

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 06/01/1999 - 10:32:48 ---A- C:\Documents And Settings\Amidala\Mes documents\Kobian_KM266\Pilotes\vga\Win2K&XP\_INST32I.EX_ [291403]

O61 - LFC:Last File Created 21/04/2010 - 19:49:51 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.free-av[1].txt [75]

O61 - LFC:Last File Created 21/04/2010 - 19:50:12 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\IdentityCRL\production\MetaConfig.xml [163]

O61 - LFC:Last File Created 21/04/2010 - 19:50:14 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@c.live[1].txt [65]

O61 - LFC:Last File Created 21/04/2010 - 19:50:15 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@c.msn[1].txt [64]

O61 - LFC:Last File Created 21/04/2010 - 19:50:15 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@msn[2].txt [64]

O61 - LFC:Last File Created 21/04/2010 - 19:50:30 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@messenger.msn[1].txt [101]

O61 - LFC:Last File Created 21/04/2010 - 19:50:36 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@rad.msn[2].txt [680]

O61 - LFC:Last File Created 21/04/2010 - 19:50:37 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@login.live[1].txt [276]

O61 - LFC:Last File Created 21/04/2010 - 19:50:41 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@profile.live[2].txt [344]

O61 - LFC:Last File Created 21/04/2010 - 19:53:33 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@download.cnet[2].txt [98]

O61 - LFC:Last File Created 21/04/2010 - 19:54:22 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@cnet[2].txt [799]

O61 - LFC:Last File Created 21/04/2010 - 19:55:25 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\Backup\new\contacts.edb [4218880]

O61 - LFC:Last File Created 21/04/2010 - 19:55:26 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\LogFiles\edb00012.log [4194304]

O61 - LFC:Last File Created 21/04/2010 - 19:55:27 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\Backup\new\edb00012.log [4194304]

O61 - LFC:Last File Created 21/04/2010 - 19:55:27 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\contacts.pat [16384]

O61 - LFC:Last File Created 21/04/2010 - 19:55:28 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\Backup\new\contacts.pat [16384]

O61 - LFC:Last File Created 21/04/2010 - 19:55:39 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\Backup\new\contacts.edb [2121728]

O61 - LFC:Last File Created 21/04/2010 - 19:55:40 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\LogFiles\edb00011.log [4194304]

O61 - LFC:Last File Created 21/04/2010 - 19:55:41 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\Backup\new\contacts.pat [16384]

O61 - LFC:Last File Created 21/04/2010 - 19:55:41 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\Backup\new\edb00011.log [4194304]

O61 - LFC:Last File Created 21/04/2010 - 19:55:41 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\contacts.pat [16384]

O61 - LFC:Last File Created 21/04/2010 - 19:56:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\MessengerCache\bUvnf2AGvCzzlpm2Fi8eltNogvzw= [2053]

O61 - LFC:Last File Created 21/04/2010 - 20:01:49 ---A- C:\Documents And Settings\Amidala\Mes documents\avira_antivir_personal_en.exe [44089584]

O61 - LFC:Last File Created 21/04/2010 - 20:18:00 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Messenger\pascale.bonnanfant@laposte.net\SocialNews\WNResponse.xml [42500]

O61 - LFC:Last File Created 21/04/2010 - 20:24:35 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\MessengerCache\2ti5uiYlZK3JcC662FS6+Fit7Fks= [401730]

O61 - LFC:Last File Created 21/04/2010 - 20:25:09 ---A- C:\Documents And Settings\All Users\Application Data\restart.txt [0]

O61 - LFC:Last File Created 21/04/2010 - 20:25:36 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\MSN Messenger\sqmnoopt00.sqm [284]

O61 - LFC:Last File Created 21/04/2010 - 20:25:36 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@live[1].txt [65]

O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\LogFiles\edb.log [4194304]

O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\contacts.edb [2113536]

O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\dbstore.ini [174]

O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\edb.chk [8192]

O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Messenger\ContactsLog.txt [114776]

O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\LogFiles\edb.log [4194304]

O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\contacts.edb [4210688]

O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\dbstore.ini [174]

O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\edb.chk [8192]

O61 - LFC:Last File Created 21/04/2010 - 20:37:03 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 [898]

O61 - LFC:Last File Created 21/04/2010 - 20:37:03 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 [94]

O61 - LFC:Last File Created 21/04/2010 - 20:37:08 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 [95739]

O61 - LFC:Last File Created 21/04/2010 - 20:37:08 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 [124]

O61 - LFC:Last File Created 21/04/2010 - 20:37:46 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Adobe\Color\ACECache4.lst [8370]

O61 - LFC:Last File Created 21/04/2010 - 20:39:22 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\dd_vcredistMSI2B22.txt [524672]

O61 - LFC:Last File Created 21/04/2010 - 20:39:23 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\dd_vcredistUI2B22.txt [11698]

O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [1716]

O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\AntiVir Help.lnk [1711]

O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\AntiVir on the Internet.lnk [1727]

O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\Display readme.lnk [856]

O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\Start AntiVir.lnk [1734]

O61 - LFC:Last File Created 21/04/2010 - 20:41:54 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\JOBS\updjob.avj [1264]

O61 - LFC:Last File Created 21/04/2010 - 20:42:04 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IDX\master.idx [56]

O61 - LFC:Last File Created 21/04/2010 - 20:42:39 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@notifier.avira[2].txt [360]

O61 - LFC:Last File Created 21/04/2010 - 20:43:13 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-04-21-21-41-55.log [51358]

O61 - LFC:Last File Created 21/04/2010 - 20:43:13 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\5ed6ae15.avl [3094]

O61 - LFC:Last File Created 21/04/2010 - 20:45:22 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@72.233.76[1].txt [83]

O61 - LFC:Last File Created 21/04/2010 - 20:45:24 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@30831.123bounce[1].txt [103]

O61 - LFC:Last File Created 21/04/2010 - 20:45:41 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@ad.zanox[1].txt [120]

O61 - LFC:Last File Created 21/04/2010 - 20:46:59 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.savoirtoutfaire[2].txt [103]

O61 - LFC:Last File Created 21/04/2010 - 20:46:59 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.savoirtoutfaire[3].txt [201]

O61 - LFC:Last File Created 21/04/2010 - 20:48:25 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@linternaute[2].txt [767]

O61 - LFC:Last File Created 21/04/2010 - 20:54:24 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@mesnotices[1].txt [479]

O61 - LFC:Last File Created 21/04/2010 - 20:57:16 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\java-scripts\glob.settings.js [10]

O61 - LFC:Last File Created 21/04/2010 - 20:57:17 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\Preferences\AutoFillDefaults.dat [0]

O61 - LFC:Last File Created 21/04/2010 - 20:57:17 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\Preferences\defaultHeuristics.dat [870]

O61 - LFC:Last File Created 21/04/2010 - 20:57:18 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\Collab\RSS [103]

O61 - LFC:Last File Created 21/04/2010 - 20:58:09 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\6c56b525.avl [1702]

O61 - LFC:Last File Created 21/04/2010 - 21:13:27 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\AVSCAN-20100421-214329-814F963B.LOG [18868]

O61 - LFC:Last File Created 21/04/2010 - 21:14:38 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\setup.log [100288]

O61 - LFC:Last File Created 21/04/2010 - 21:28:53 -SHA- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\MSHist012010042120100422\index.dat [49152]

O61 - LFC:Last File Created 21/04/2010 - 21:29:14 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@infos-du-net[2].txt [565]

O61 - LFC:Last File Created 21/04/2010 - 21:34:42 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@google[1].txt [344]

O61 - LFC:Last File Created 21/04/2010 - 21:35:21 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@commentcamarche[2].txt [391]

O61 - LFC:Last File Created 21/04/2010 - 21:39:42 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\MSN Messenger\sqmnoopt01.sqm [284]

O61 - LFC:Last File Created 21/04/2010 - 21:40:10 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\EVENTDB\avevtdb.dbe [8192]

O61 - LFC:Last File Created 21/04/2010 - 21:40:10 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\sched.log [1138]

O61 - LFC:Last File Created 22/04/2010 - 20:18:46 -SHA- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\MSHist012010042220100423\index.dat [32768]

O61 - LFC:Last File Created 22/04/2010 - 21:03:24 ---A- C:\Documents And Settings\Amidala\Bureau\AVSCAN-20100421-214329-814F963B.LOG [18868]

O61 - LFC:Last File Created 22/04/2010 - 21:09:52 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@facebook[2].txt [459]

O61 - LFC:Last File Created 22/04/2010 - 21:10:35 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\MSN Messenger\sqmnoopt02.sqm [284]

O61 - LFC:Last File Created 22/04/2010 - 21:10:42 -SHA- C:\Documents And Settings\Amidala\Recent\Desktop.ini [150]

O61 - LFC:Last File Created 22/04/2010 - 21:10:53 -SH-- C:\Documents And Settings\Amidala\ntuser.ini [184]

O61 - LFC:Last File Created 22/04/2010 - 21:11:01 ---A- C:\Documents And Settings\All Users\Application Data\Lavasoft\Ad-Aware\history.aaw [976]

O61 - LFC:Last File Created 22/04/2010 - 21:11:01 ---A- C:\Documents And Settings\All Users\Application Data\Lavasoft\Ad-Aware\settings.aaw [3616]

O61 - LFC:Last File Created 24/04/2010 - 10:29:35 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 24/04/2010 - 10:29:39 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 24/04/2010 - 10:29:40 -SHA- C:\Documents And Settings\Amidala\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 24/04/2010 - 10:29:53 ---A- C:\Documents And Settings\All Users\Application Data\InstallShield\UpdateService\Database\{4D2778E5-AD01-4e75-A6DA-1D5831514609}.ini [139]

O61 - LFC:Last File Created 24/04/2010 - 10:29:53 ---A- C:\Documents And Settings\All Users\Application Data\Lavasoft\Ad-Aware\logs\Ad-Aware event.log [57855]

O61 - LFC:Last File Created 24/04/2010 - 10:30:48 ---A- C:\Documents And Settings\Amidala\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [0]

O61 - LFC:Last File Created 24/04/2010 - 10:32:20 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [32768]

O61 - LFC:Last File Created 24/04/2010 - 10:32:20 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768]

O61 - LFC:Last File Created 24/04/2010 - 10:34:49 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\jusched.log [188799]

O61 - LFC:Last File Created 24/04/2010 - 10:35:01 ---A- C:\Documents And Settings\Amidala\Cookies\index.dat [344064]

O61 - LFC:Last File Created 24/04/2010 - 10:35:01 ---A- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\index.dat [1015808]

O61 - LFC:Last File Created 24/04/2010 - 10:35:03 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\java_install_reg.log [21456]

O61 - LFC:Last File Created 24/04/2010 - 10:35:20 -SHA- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [16384]

O61 - LFC:Last File Created 24/04/2010 - 10:35:20 -SHA- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\MSHist012010042420100425\index.dat [32768]

O61 - LFC:Last File Created 24/04/2010 - 10:35:25 ---A- C:\Documents And Settings\Amidala\Application Data\Sun\Java\Deployment\cache\6.0\32\6c34baa0-59311a94.idx [440]

O61 - LFC:Last File Created 24/04/2010 - 10:35:32 ---A- C:\Documents And Settings\Amidala\Application Data\Sun\Java\Deployment\cache\6.0\24\2a20e358-282f493e.idx [441]

O61 - LFC:Last File Created 24/04/2010 - 10:35:45 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@vente-privee[1].txt [109]

O61 - LFC:Last File Created 24/04/2010 - 10:36:14 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@fr.vente-privee[1].txt [253]

O61 - LFC:Last File Created 24/04/2010 - 10:41:46 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@123bounce[2].txt [186]

O61 - LFC:Last File Created 24/04/2010 - 10:43:50 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@zebulon[1].txt [499]

O61 - LFC:Last File Created 24/04/2010 - 10:43:51 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@forum.zebulon[2].txt [389]

O61 - LFC:Last File Created 24/04/2010 - 10:44:08 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.zebulon[2].txt [415]

O61 - LFC:Last File Created 24/04/2010 - 10:44:16 ---A- C:\Documents And Settings\Amidala\Application Data\Macromedia\Flash Player\#SharedObjects\DGCEQ78M\cdn5.specificclick.net\img\gu.sol [69]

O61 - LFC:Last File Created 24/04/2010 - 10:46:07 ---A- C:\Documents And Settings\All Users\Bureau\ZHPDiag.lnk [675]

O61 - LFC:Last File Created 24/04/2010 - 10:46:08 ---A- C:\Documents And Settings\All Users\Bureau\ZHPFix.lnk [670]

O61 - LFC:Last File Created 27/05/2002 - 11:22:00 ---A- C:\Documents And Settings\Amidala\Mes documents\Kobian_KM266\Pilotes\P4M266_Sound_170c\_INST32I.EX_ [296674]

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe - Lavasoft Ad-Aware Service (aawservice) .(.Lavasoft - Ad-Aware Service.) - LEGACY_AAWSERVICE

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\ANIO.sys - ANIO Service (ANIO) .(.Alpha Networks Inc. - ANIO (NT5) Driver.) - LEGACY_ANIO

O64 - Services: CurCS - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe - ANIWZCSd Service (ANIWZCSdService) .(.Wireless Service - ANIWZCS2 Service Launcher.) - LEGACY_ANIWZCSDSERVICE

O64 - Services: CurCS - (.not file.) - AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSCHEDULER

O64 - Services: CurCS - (.not file.) - AntiVir PersonalEdition Classic Guard (AntiVirService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER

O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART

O64 - Services: CurCS - (.not file.) - Center Microsoft (atzvd) .(.Pas de propriétaire - Pas de description.) - LEGACY_ATZVD

O64 - Services: CurCS - C:\WINDOWS\sysTEM32\DRIVERS\avgntdd.sys - avgntdd (avgntdd) .(.Avira GmbH - Avira AntiVir File Filter Driver.) - LEGACY_AVGNTDD

O64 - Services: CurCS - C:\WINDOWS\sysTEM32\drivers\avgntmgr.sys - avgntmgr (avgntmgr) .(.Avira GmbH - Avira AntiVir File Filter Driver Manager.) - LEGACY_AVGNTMGR

O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE

O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC

O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT

O64 - Services: CurCS - (.not file.) - Monitor Security (monpgllh) .(.Pas de propriétaire - Pas de description.) - LEGACY_MONPGLLH

O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - C:\WINDOWS\system32\ntsim.sys - NTSIM (NTSIM) .(.VIA Networking Technologies, Inc. - Network Device Monitor Utility.) - LEGACY_NTSIM

O64 - Services: CurCS - (.not file.) - Shell Security (oxvcozudm) .(.Pas de propriétaire - Pas de description.) - LEGACY_OXVCOZUDM

O64 - Services: CurCS - (.not file.) - PAGEDFRG (PAGEDFRG) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAGEDFRG

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - C:\Program Files\CyberLink\Shared files\RichVideo.exe - Cyberlink RichVideo Service(CRVS) (RichVideo) .(.Pas de propriétaire - RichVideo Module.) - LEGACY_RICHVIDEO

O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\YRZEQF.sys - yrzeqf (yrzeqf) .(.Pas de propriétaire - Pas de description.) - LEGACY_YRZEQF

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\YXHMAWJA.sys - yxhmawja (yxhmawja) .(.Pas de propriétaire - Pas de description.) - LEGACY_YXHMAWJA

---\\ Liste des fichiers non signés (LUF) (O65)

O65 - LUF:22/01/2008 (.Pas de propriétaire - ATI Smart.) (5.13.0027) - c:\windows\system32\ati2sgag.exe

O65 - LUF:27/10/2005 (.Pas de propriétaire - JJAKEn Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\JJAKEn.dll

O65 - LUF:11/09/2008 (.Pas de propriétaire - WlanApp Dynamic Link Library.) (1, 1, 9, 911) - c:\windows\system32\wlanapp.dll

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <Avant Browser> <Avant Browser>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe

O68 - StartMenuInternet: <avant.exe> <>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Recherche d'infection Master Boot Record (O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully

user: MBR read successfully

called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS

kernel: MBR read successfully

user & kernel MBR OK

End of the scan (984 lines in 27mn 05s)

--------------------------------------------------------------------------------------------------------------------

Avira AntiVir Personal

Report file date: mercredi 21 avril 2010 21:43

Scanning for 2026905 virus strains and unwanted programs.

The program is running as an unrestricted full version.

Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 2) [5.1.2600]

Boot mode : Normally booted

Username : Amidala

Computer name : STAR-B163D8EDF5

Version information:

BUILD.DAT : 10.0.0.565 32097 Bytes 12/04/2010 16:29:00

AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 11:37:38

AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 11:57:04

LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 17:33:04

LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 22:40:49

VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36

VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 18:27:49

VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 16:37:42

VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 15:37:42

VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 10:29:03

VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 19:42:14

VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 19:42:14

VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 19:42:14

VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 19:42:14

VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 19:42:15

VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 19:42:15

VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 19:42:15

VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 19:42:15

VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 19:42:15

VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 19:42:16

VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 19:42:16

VBASE016.VDF : 7.10.6.153 2048 Bytes 21/04/2010 19:42:16

VBASE017.VDF : 7.10.6.154 2048 Bytes 21/04/2010 19:42:16

VBASE018.VDF : 7.10.6.155 2048 Bytes 21/04/2010 19:42:17

VBASE019.VDF : 7.10.6.156 2048 Bytes 21/04/2010 19:42:17

VBASE020.VDF : 7.10.6.157 2048 Bytes 21/04/2010 19:42:17

VBASE021.VDF : 7.10.6.158 2048 Bytes 21/04/2010 19:42:17

VBASE022.VDF : 7.10.6.159 2048 Bytes 21/04/2010 19:42:17

VBASE023.VDF : 7.10.6.160 2048 Bytes 21/04/2010 19:42:17

VBASE024.VDF : 7.10.6.161 2048 Bytes 21/04/2010 19:42:17

VBASE025.VDF : 7.10.6.162 2048 Bytes 21/04/2010 19:42:17

VBASE026.VDF : 7.10.6.163 2048 Bytes 21/04/2010 19:42:17

VBASE027.VDF : 7.10.6.164 2048 Bytes 21/04/2010 19:42:17

VBASE028.VDF : 7.10.6.165 2048 Bytes 21/04/2010 19:42:17

VBASE029.VDF : 7.10.6.166 2048 Bytes 21/04/2010 19:42:17

VBASE030.VDF : 7.10.6.167 2048 Bytes 21/04/2010 19:42:17

VBASE031.VDF : 7.10.6.169 58368 Bytes 21/04/2010 19:42:18

Engineversion : 8.2.1.220

AEVDF.DLL : 8.1.1.3 106868 Bytes 13/02/2010 11:16:21

AESCRIPT.DLL : 8.1.3.26 1286521 Bytes 21/04/2010 19:42:26

AESCN.DLL : 8.1.5.0 127347 Bytes 25/02/2010 17:38:41

AESBX.DLL : 8.1.2.1 254323 Bytes 17/03/2010 10:09:47

AERDL.DLL : 8.1.4.6 541043 Bytes 21/04/2010 19:42:25

AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 11:34:51

AEOFFICE.DLL : 8.1.0.41 201083 Bytes 17/03/2010 10:09:46

AEHEUR.DLL : 8.1.1.24 2613623 Bytes 21/04/2010 19:42:24

AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 15:05:25

AEGEN.DLL : 8.1.3.7 373106 Bytes 21/04/2010 19:42:19

AEEMU.DLL : 8.1.1.0 393587 Bytes 10/11/2009 08:04:22

AECORE.DLL : 8.1.13.1 188790 Bytes 01/04/2010 15:05:25

AEBB.DLL : 8.1.0.3 53618 Bytes 10/09/2009 11:15:06

AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 11:03:38

AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 11:03:35

AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 15:47:40

AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 11:35:46

AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 11:39:51

AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 11:22:13

AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 08:53:30

SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 11:57:58

AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 14:38:56

NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 13:41:00

RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 12:10:20

RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 13:14:29

Configuration settings for the scan:

Jobname.............................: Short system scan after installation

Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: off

Integrity checking of system files..: off

Scan all files......................: Intelligent file selection

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

Start of the scan: mercredi 21 avril 2010 21:43

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avnotify.exe' - '1' Module(s) have been scanned

Scan process 'iexplore.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'avconfig.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'setup.exe' - '1' Module(s) have been scanned

Scan process 'msiexec.exe' - '1' Module(s) have been scanned

Scan process 'presetup.exe' - '1' Module(s) have been scanned

Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'alg.exe' - '1' Module(s) have been scanned

Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'RichVideo.exe' - '1' Module(s) have been scanned

Scan process 'MDM.EXE' - '1' Module(s) have been scanned

Scan process 'jqs.exe' - '1' Module(s) have been scanned

Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned

Scan process 'CRSSupervisor.exe' - '1' Module(s) have been scanned

Scan process 'MagicKey.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned

Scan process 'ctfmon.exe' - '1' Module(s) have been scanned

Scan process 'MediaDetect.exe' - '1' Module(s) have been scanned

Scan process 'WZCSLDR2.exe' - '1' Module(s) have been scanned

Scan process 'AirPlusCFG.exe' - '1' Module(s) have been scanned

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'RunDll32.exe' - '1' Module(s) have been scanned

Scan process 'issch.exe' - '1' Module(s) have been scanned

Scan process 'Explorer.EXE' - '1' Module(s) have been scanned

Scan process 'aawservice.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).

C:\Documents and Settings\Amidala\Menu Démarrer\Programmes\Démarrage\monxga32.exe

[WARNING] The file could not be opened!

The registry was scanned ( '485' files ).

End of the scan: mercredi 21 avril 2010 21:58

Used time: 14:17 Minute(s)

The scan has been done completely.

0 Scanned directories

964 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

1 Files cannot be scanned

963 Files not concerned

3 Archives were scanned

1 Warnings

0 Notes

pear · le 26 avril 2010

Bonsoir,

Téléchargez MBAM

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

* Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

* Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation à MBAM de se connecter, acceptez.

* Une fois la mise à jour terminée, allez dans l'onglet Recherche.

* Sélectionnez "Exécuter un examen complet"

* Cliquez sur "Rechercher"

* .L' analyse prendra un certain temps, soyez patient !

* A la fin , un message affichera :

L'examen s'est terminé normalement.

*Si MBAM n'a rien trouvé, il le dira aussi.

Cliquez sur "Ok" pour poursuivre.

*Fermez les navigateurs.

Cliquez sur Afficher les résultats .

*Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

* Copiez-collez ce rapport dans la prochaine réponse.

Connexion

Pas encore inscrit ?

Infection Monwga32.exe

Messages recommandés

pakie

pear

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer