Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

nettoyage virus svchosty

anubis03

Par anubis03
dans Analyses et éradication malwares

 Partager

Messages recommandés

Florinator Extrem Member

Florinator

Posté(e)
Posté(e) (modifié)

Fais ceci stp:

 

Télécharge ZHPDiag crée par Nicolas Coolman

 

  • Enregistre le sur ton bureau
  • Double clique sur l'icône
  • Suis les instructions à l'ecran
  • Clique sur loupe.jpg pour lancer l'analyse
  • Clique sur PanelCopierPP.jpg pour copier le rapport
  • Puis colle le dans ta prochaine réponses
  • Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

 

A++

Modifié par Florinator
anubis03 Junior Member

anubis03

Posté(e)
  • Auteur
Posté(e)

Rapport de ZHPDiag v1.26.49 par Nicolas Coolman, Update du 17/08/2010

Run by thomas at 22/08/2010 12:38:32

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18943

MFIE: Mozilla Firefox (3.6.8)

 

---\\ System Information

Platform : Windows Vista Home Premium (6.0.6002) Service Pack 2

Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3068 MB (58% free)

System drive C: has 24 GB (10%) free of 224 GB

 

---\\ Logged in mode

Computer Name: PC-DE-THOMAS

User Name: thomas

All Users Names: xavier, thomas, ASPNET, Administrateur,

Unselected Option: O1,O45,O61,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 24 Go of 224 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

 

 

---\\ Processus lancés

[MD5.62B3C9786081ECAAB272A118408D2817] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.E8B180646BAE9E688D2E6D7EA8DED794] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [959976]

[MD5.1BA064138A5EE6B61A11A552DC072E57] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [442467]

[MD5.1F373C5DB440D92839DDDF63F5BA2E8A] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528]

[MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]

[MD5.642FA80C2C43EE609313746AA305DC86] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808]

[MD5.16A692EDA8253BEB5F3A588055F7869B] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [482304]

 

 

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN:Firefox Plugin Navigator . (.BitTorrent, Inc. - BitTorrent Plugin 1.) -- C:\Program Files\Mozilla Firefox\Plugins\npbittorrent.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent.) -- C:\Program Files\DNA\plugins\npbtdna.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=0.9.8a] - (.the VideoLAN Team - Version 0.9.8a, copyright 1996-2008 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll (.not file.)

P2 - FPN: [HKCU] [@bittorrent.com/BitTorrentDNA] - (.Pas de propriétaire - Pas de description.) -- C:\Users\thomas\Program Files\DNA\plugins\npbtdna.dll (.not file.)

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Création d'une valeur Ini (Created inifile value, mapped to Registry) (F3)

F3 - REG:win.ini: load=C:\Users\thomas\AppData\Roaming\mstinit.exe

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] I:\Program Files\DAEMON Tools Lite\DTLite.exe (.not file.)

O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [bywuursys] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\tuspmk.dll

O4 - HKCU\..\Run: [xxxyxwaudio] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\cbbxww.dll

O4 - HKCU\..\Run: [eMuleAutoStart] I:\Program Files\eMule\emule.exe (.not file.)

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [DAEMON Tools Lite] I:\Program Files\DAEMON Tools Lite\DTLite.exe (.not file.)

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [bywuursys] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\tuspmk.dll

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [xxxyxwaudio] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\cbbxww.dll

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [eMuleAutoStart] I:\Program Files\eMule\emule.exe (.not file.)

O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe

O4 - Global Startup: Xfire.lnk . (.Pas de propriétaire - Pas de description.) -- I:\Program Files\Xfire\Xfire.exe

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{B88FDC44-9597-4D71-AC5B-6058889F8698}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{C54D7858-F414-4167-AC89-F53E7FA75C58}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{B88FDC44-9597-4D71-AC5B-6058889F8698}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{C54D7858-F414-4167-AC89-F53E7FA75C58}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{B88FDC44-9597-4D71-AC5B-6058889F8698}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{C54D7858-F414-4167-AC89-F53E7FA75C58}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Service Google Update (gupdate1cab16e97677860) (gupdate1cab16e97677860) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Corporation - HpService.) - C:\Windows\system32\Hpservice.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 187.6.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) . (.Pas de propriétaire - CLSched Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Windows\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe

O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\System32\ZoneLabs\vsmon.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{594DB747-C41A-4E50-8412-995363E234E7}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\regutils.dll

O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe

O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\Windows\system32\Macromed\Flash\Flash9f.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

O41 - Driver: Zone Alarm Firewall Driver (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\system32\DRIVERS\vsdatant.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader 8.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}

O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Algodoo Phun edition v5.28 - (.Algoryx.) [HKLM] -- Phun

O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}

O42 - Logiciel: Antimalware Doctor - (.Pas de propriétaire.) [HKCU] -- Antimalware Doctor

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: BSPKMBeta0.2 Installer - (.Pas de propriétaire.) [HKLM] -- BSPKMBeta0.2 Installer

O42 - Logiciel: Battlefield 1942 - (.Pas de propriétaire.) [HKLM] -- {698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}

O42 - Logiciel: Battlestations: Pacific - (.Eidos plc.) [HKLM] -- {BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC}

O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent

O42 - Logiciel: Blender (remove only) - (.Pas de propriétaire.) [HKLM] -- Blender

O42 - Logiciel: CCleaner (remove only) - (.Pas de propriétaire.) [HKLM] -- CCleaner

O42 - Logiciel: Call of Duty Modern Warfare 2 - (.Setup by frogs.) [HKLM] -- {3CDF9C0F-6C77-4307-80A6-0A9D47C174D8}_is1

O42 - Logiciel: Call of Duty® - World at War - (.Activision.) [HKLM] -- InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}

O42 - Logiciel: Call of Juarez - Bound in Blood - (.Ubisoft.) [HKLM] -- InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}

O42 - Logiciel: Command & Conquer 3 - (.Nom de votre société.) [HKLM] -- {DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}

O42 - Logiciel: Command & Conquer Red Alert 3 - (.Electronic Arts.) [HKLM] -- {296D8550-CB06-48E4-9A8B-E5034FB64715}

O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: DDS Converter 2.1 - (.Pas de propriétaire.) [HKLM] -- DDS Converter 2.1

O42 - Logiciel: DNA - (.BitTorrent Inc..) [HKCU] -- BitTorrent DNA

O42 - Logiciel: DesertCombat 0.7 - (.Pas de propriétaire.) [HKLM] -- DesertCombat

O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}

O42 - Logiciel: GTA San Andreas - (.Rockstar Games.) [HKLM] -- {D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}

O42 - Logiciel: Google SketchUp 7 - (.Google, Inc..) [HKLM] -- {5AD045DF-11AA-473D-B4AA-2A4F0E213047}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466}

O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}

O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F}

O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}

O42 - Logiciel: HP Help and Support - (.Hewlett-Packard.) [HKLM] -- {E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}

O42 - Logiciel: HP Quick Launch Buttons 6.40 D1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}

O42 - Logiciel: HP QuickPlay 3.7 - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}

O42 - Logiciel: HP QuickTouch 1.00 D2 - (.Hewlett-Packard.) [HKLM] -- {30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}

O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {f32502b5-5b64-4882-bf61-77f23edcac4f}

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}

O42 - Logiciel: HP User Guides 0103 - (.Hewlett-Packard.) [HKLM] -- {B8169E45-8E23-430B-91D1-EC64540C8ED0}

O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {340F521E-3576-4E1A-B75C-EB0ACF751379}

O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}

O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM] -- {228C6B46-64E2-404E-898A-EF0830603EF4}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}

O42 - Logiciel: Java 6 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160060}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LightScribe System Software 1.12.33.2 - (.LightScribe.) [HKLM] -- {582287DA-0806-4AC0-BF19-C15E3A466034}

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: MSI v2 to redistribute Rigs of Rods - (.Pricorde.) [HKLM] -- {36592557-65CE-4A4D-9970-764F17E0AFD3}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware

O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {A1C962E2-2426-49C6-A38B-9A07E40D607C}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}

O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95120000-0122-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Mozilla Firefox (3.6.8) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.8)

O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall

O42 - Logiciel: NASA World Wind 1.4 - (.Pas de propriétaire.) [HKLM] -- NASA World Wind 1.4

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B83FC356-B7C0-441F-8A4D-D71E088E7974}

O42 - Logiciel: Nexus: The Jupiter Incident - (.Nom de votre société.) [HKLM] -- {63BB4E50-0CC2-47AB-AC01-CBCD657B1FF4}

O42 - Logiciel: Nexus: The Jupiter Incident - Multiplayer Demo - (.Mithis.) [HKLM] -- {54316F1C-4E8F-43B8-AB51-DFA69FE800AC}

O42 - Logiciel: No Hope - (.Pas de propriétaire.) [HKCU] -- No Hope

O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN

O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

O42 - Logiciel: Paint.NET v3.5.5 - (.dotPDN LLC.) [HKLM] -- {F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}

O42 - Logiciel: PlayLinc - (.SCI.) [HKLM] -- {2158685C-E2B3-4026-B0A1-0FFE31837AFD}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: ProtectSmart Hard Drive Protection - (.Hewlett-Packard.) [HKLM] -- {9D615069-AA8F-4E89-AE9D-77AAE90F529F}

O42 - Logiciel: Prototype - (.Activision.) [HKLM] -- InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}

O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM] -- PunkBusterSvc

O42 - Logiciel: QuickPlay SlingPlayer 0.4.6 - (.SlingMedia.) [HKLM] -- SlingMedia.QPSlingPlayer

O42 - Logiciel: RUNAWAY: A TWIST OF FATE (Français) - (.Focus Home Interactive.) [HKLM] -- RUNAWAY: A TWIST OF FATE (fr)

O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem

O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0

O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem

O42 - Logiciel: SGCSim v5.1.0 - (.SGCSim.com.) [HKLM] -- {BF926BD5-83E9-417F-BC56-1AC181A13168}

O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver

O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}

O42 - Logiciel: San Andreas Mod Installer - (.cpmusick.) [HKLM] -- San Andreas Mod Installer1.1

O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}

O42 - Logiciel: Skype 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: Sniper Elite - (.Pas de propriétaire.) [HKLM] -- {A979B2D8-E3EE-4523-A26C-4AF0A6809280}

O42 - Logiciel: Star Wars Empire at War - (.LucasArts.) [HKLM] -- {99AE7207-8612-4DBA-A8F8-BAE5C633390D}

O42 - Logiciel: Star Wars Empire at War Forces of Corruption - (.LucasArts.) [HKLM] -- {6592FDEC-2C1A-413A-9985-25FEC2F0848D}

O42 - Logiciel: Steiners Advanced Units Mod 3.2.5 - (.SMG.) [HKLM] -- Steiners Advanced Units Mod

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab

O42 - Logiciel: Tom Clancy's Rainbow Six 3: Raven Shield - (.Pas de propriétaire.) [HKLM] -- {AF131494-F5D8-45C5-938C-D5F020CF1B0D}

O42 - Logiciel: Tom Clancy's Rainbow Six Vegas - (.Ubisoft.) [HKLM] -- {5731C0A8-B266-451A-8D3F-8066AA21836F}

O42 - Logiciel: Uninstall MEC2 - (.DERELICT STUDIOS.) [HKLM] -- {9CDAE8D9-1EB8-4595-89C3-21DB7CC16EAA}_is1

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}

O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner

O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: World in Conflict - (.Ubisoft Entertainment.) [HKLM] -- {F11ADC64-C89E-47F4-A0B3-3665FF859397}

O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: eToro - (.Pas de propriétaire.) [HKLM] -- eToro

O42 - Logiciel: gamedata - (.Pas de propriétaire.) [HKLM] -- gamedata

O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\2f050e55bc20a67fc7fa8aadb0531b72]

[HKCU\Software\3rd Eye Solutions]

[HKCU\Software\AC3Filter]

[HKCU\Software\ACE Compression Software]

[HKCU\Software\ACP]

[HKCU\Software\ASProtect]

[HKCU\Software\Adobe]

[HKCU\Software\Ahnlab]

[HKCU\Software\Aleksandar Puskas Software]

[HKCU\Software\America Online]

[HKCU\Software\Antimalware Doctor Inc]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Avira]

[HKCU\Software\Blizzard Entertainment]

[HKCU\Software\Bugsplat]

[HKCU\Software\Burda]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\Cygnus Solutions]

[HKCU\Software\DT Soft]

[HKCU\Software\Electronic Arts]

[HKCU\Software\Galactic Conquest]

[HKCU\Software\GameSpy]

[HKCU\Software\Google]

[HKCU\Software\HP Guide]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IDT]

[HKCU\Software\IGA]

[HKCU\Software\IM Providers]

[HKCU\Software\InstallShield]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JRMX9X1GML]

[HKCU\Software\JavaSoft]

[HKCU\Software\LightScribe]

[HKCU\Software\Lightrock Entertainment]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LucasArts]

[HKCU\Software\MWSetup]

[HKCU\Software\MW]

[HKCU\Software\Macromedia]

[HKCU\Software\Macrovision]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Massive Entertainment AB]

[HKCU\Software\MimarSinan]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NASA]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\NecroSystems]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Paint.NET]

[HKCU\Software\Patchou]

[HKCU\Software\Petroglyph Games]

[HKCU\Software\Petroglyph]

[HKCU\Software\Piriform]

[HKCU\Software\Playlogic]

[HKCU\Software\Policies]

[HKCU\Software\PySoft]

[HKCU\Software\ROUA3O12PW]

[HKCU\Software\SecuROM]

[HKCU\Software\Skype]

[HKCU\Software\Softthinks]

[HKCU\Software\Software]

[HKCU\Software\Speed-Downloading]

[HKCU\Software\Super Computer International]

[HKCU\Software\Synaptics]

[HKCU\Software\TOY5KNQ8OC]

[HKCU\Software\TraumaStudios]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Valve]

[HKCU\Software\Vision Thing]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\WoGInstaller]

[HKCU\Software\X Dimension]

[HKCU\Software\Xfire]

[HKCU\Software\ZE18MW23GY]

[HKCU\Software\Zone Labs]

[HKCU\Software\c4a97bc26d537dcdbe917656c1817fc6]

[HKCU\Software\eMule]

[HKCU\Software\ej-technologies]

[HKCU\Software\epsxe]

[HKCU\Software\etoro]

[HKCU\Software\keyhole.com]

[HKCU\Software\roxio]

[HKLM\Software\ACE Compression Software]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\AOL]

[HKLM\Software\Act-3D]

[HKLM\Software\Activision]

[HKLM\Software\Adobe]

[HKLM\Software\America Online]

[HKLM\Software\AviSynth]

[HKLM\Software\Avira]

[HKLM\Software\BitTorrent]

[HKLM\Software\BlenderFoundation]

[HKLM\Software\BrowserChoice]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CXT]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conexant]

[HKLM\Software\CyberLink]

[HKLM\Software\Cygnus Solutions]

[HKLM\Software\DC_Final_Client]

[HKLM\Software\DT Soft]

[HKLM\Software\Data Fellows]

[HKLM\Software\Debug]

[HKLM\Software\EA GAMES]

[HKLM\Software\EasyBits]

[HKLM\Software\Eidos]

[HKLM\Software\Electronic Arts]

[HKLM\Software\F-Secure]

[HKLM\Software\Google]

[HKLM\Software\HPQ]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\IDT]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JMicron Technology Corp.]

[HKLM\Software\JavaSoft]

[HKLM\Software\LightScribe]

[HKLM\Software\LucasArts]

[HKLM\Software\MC2]

[HKLM\Software\MCCI]

[HKLM\Software\Macromedia]

[HKLM\Software\Massive Entertainment AB]

[HKLM\Software\MetaStream]

[HKLM\Software\MimarSinan]

[HKLM\Software\Mithis]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\OPTENET]

[HKLM\Software\OldTimer Tools]

[HKLM\Software\Paint.NET]

[HKLM\Software\Patchou]

[HKLM\Software\Pendulo Studios]

[HKLM\Software\PocketSoft]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\Realtek]

[HKLM\Software\Rebellion]

[HKLM\Software\Red Storm Entertainment]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Rockstar Games]

[HKLM\Software\SAMI]

[HKLM\Software\Samsung Electronics Co., Ltd.]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Speed-Downloading]

[HKLM\Software\Stargate BFM]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\TML-Studios]

[HKLM\Software\Techland]

[HKLM\Software\TrendMicro]

[HKLM\Software\Trymedia Systems]

[HKLM\Software\Ubi Soft]

[HKLM\Software\Ubisoft]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\Viewpoint]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\WildTangent]

[HKLM\Software\WinRAR]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Xfire]

[HKLM\Software\Zone Labs]

[HKLM\Software\ej-technologies]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Activision

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\AGEIA Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Algodoo Phun Edition

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5

O43 - CFD:Common File Directory ----D- C:\Program Files\BitTorrent

O43 - CFD:Common File Directory ----D- C:\Program Files\BSPKMBeta0.2 Installer

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Common File

O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink

O43 - CFD:Common File Directory ----D- C:\Program Files\DDS Converter 2

O43 - CFD:Common File Directory ----D- C:\Program Files\DNA

O43 - CFD:Common File Directory ----D- C:\Program Files\Electronic Arts

O43 - CFD:Common File Directory ----D- C:\Program Files\eToro

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\HP

O43 - CFD:Common File Directory ----D- C:\Program Files\HP Games

O43 - CFD:Common File Directory ----D- C:\Program Files\IDT

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallJammer Registry

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games for Windows - LIVE

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office Outlook Connector

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\muvee Technologies

O43 - CFD:Common File Directory R---D- C:\Program Files\Online Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Paint.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung

O43 - CFD:Common File Directory R---D- C:\Program Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics

O43 - CFD:Common File Directory ----D- C:\Program Files\SystemRequirementsLab

O43 - CFD:Common File Directory ----D- C:\Program Files\TML-Studios

O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro

O43 - CFD:Common File Directory ----D- C:\Program Files\Ubi Soft

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\Western Digital

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Safety Center

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Zone Labs

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AOL

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\muvee Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PocketSoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD:Common File Directory ----D- C:\ProgramData\2DBoy

O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe

O43 - CFD:Common File Directory ----D- C:\ProgramData\Age of Empires 3

O43 - CFD:Common File Directory ----D- C:\ProgramData\AOL

O43 - CFD:Common File Directory ----D- C:\ProgramData\AOL OCP

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data

O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira

O43 - CFD:Common File Directory ----D- C:\ProgramData\Azureus

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau

O43 - CFD:Common File Directory ----D- C:\ProgramData\CheckPoint

O43 - CFD:Common File Directory ----D- C:\ProgramData\CyberLink

O43 - CFD:Common File Directory ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents

O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule

O43 - CFD:Common File Directory ----D- C:\ProgramData\F-Secure

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites

O43 - CFD:Common File Directory ----D- C:\ProgramData\FRA

O43 - CFD:Common File Directory ----D- C:\ProgramData\fssg

O43 - CFD:Common File Directory ----D- C:\ProgramData\Google

O43 - CFD:Common File Directory ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\ProgramData\InstallShield

O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes

O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee

O43 - CFD:Common File Directory ----D- C:\ProgramData\Media Center Programs

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD:Common File Directory ----D- C:\ProgramData\Messenger Plus!

O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles

O43 - CFD:Common File Directory ----D- C:\ProgramData\MsvThumbs

O43 - CFD:Common File Directory ----D- C:\ProgramData\muvee Technologies

O43 - CFD:Common File Directory ----D- C:\ProgramData\NVIDIA

O43 - CFD:Common File Directory ----D- C:\ProgramData\Office Genuine Advantage

O43 - CFD:Common File Directory ----D- C:\ProgramData\Pendulo Studios

O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu

O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec

O43 - CFD:Common File Directory ----D- C:\ProgramData\TEMP

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates

O43 - CFD:Common File Directory ----D- C:\ProgramData\Trymedia

O43 - CFD:Common File Directory ----D- C:\ProgramData\Viewpoint

O43 - CFD:Common File Directory ----D- C:\ProgramData\WildTangent

O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch

O43 - CFD:Common File Directory ----D- C:\ProgramData\WLInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AOL

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\muvee Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PocketSoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.00000000000000000000000000000000] - 22/08/2010 - 09:11:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1676794]

O44 - LFC:[MD5.D33433723BB5E31665170E0D5877403E] - 22/08/2010 - 09:03:34 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\vsconfig.xml [352615]

O44 - LFC:[MD5.F83DF5CB05F664BEA08140F4EE6D1A9C] - 22/08/2010 - 09:03:15 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/08/2010 - 19:06:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/08/2010 - 19:06:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 20/08/2010 - 16:24:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\DOErrors.log [52]

O44 - LFC:[MD5.36FA40613B510A8AF1FED7AA5D315772] - 20/08/2010 - 09:06:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\rkill.log [485]

O44 - LFC:[MD5.0C7FB4C343B60470D8FB451DE68C03AA] - 18/08/2010 - 18:48:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\error.log [10250]

O44 - LFC:[MD5.D3B4329A88E39E0779E75D003C8C7393] - 16/08/2010 - 00:07:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [403352045]

O44 - LFC:[MD5.C95CD48CBF75B46C43CFB76E3AD13B5A] - 16/08/2010 - 00:07:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [1260]

O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 15/08/2010 - 11:55:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 15/08/2010 - 11:55:34 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.44CD3BB2588C463E494CE9B3ACE4FB2F] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1507110]

O44 - LFC:[MD5.45B26C1F9A859EE10DC72E70E91F5BC2] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [106490]

O44 - LFC:[MD5.E2576CE8E55937124044913E6622A885] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [129632]

O44 - LFC:[MD5.2F069E7A9F6089D047A8D8821086DC64] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [598562]

O44 - LFC:[MD5.84CCDBFFD82487A927225C87CDC54983] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [682034]

O44 - LFC:[MD5.F1339931E3F10B4016540A6FA73A9F6E] - 12/08/2010 - 08:07:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [360400]

O44 - LFC:[MD5.FBB3FB8272B66E4233BE2453F3A56325] - 11/08/2010 - 22:58:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\win.ini [240]

O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 11/08/2010 - 19:17:29 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [81920]

 

 

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe

 

 

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{0fcb3be1-2855-11df-bbf1-001eec7e69cf}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\rg9g9bgq.exe (.not file.)

O51 - MPSK:{2d5a0f7c-a571-11df-bac4-001eec7e69cf}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\Autorun.exe (.not file.)

O51 - MPSK:{def4af2d-209f-11df-8a04-001eec7e69cf}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\LaunchU3.exe -a (.not file.)

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\BitTorrent DNA [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Users\thomas\Program Files\DNA\btdna.exe

O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe

O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe

O53 - SMSR:HKLM\...\startupreg\F-Secure Manager [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.exe

O53 - SMSR:HKLM\...\startupreg\F-Secure TNB [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe

O53 - SMSR:HKLM\...\startupreg\HP Health Check Scheduler [Key] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O53 - SMSR:HKLM\...\startupreg\hpWirelessAssistant [Key] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O53 - SMSR:HKLM\...\startupreg\isCfgWiz [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe

O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel [Key] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll

O53 - SMSR:HKLM\...\startupreg\OnScreenDisplay [Key] . (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

O53 - SMSR:HKLM\...\startupreg\OPTENET_GUI [Key] . (.Orange - Contrôle Parental.) -- C:\PROGRA~1\CONTRO~1\bin\optgui.exe

O53 - SMSR:HKLM\...\startupreg\QlbCtrl.exe [Key] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

O53 - SMSR:HKLM\...\startupreg\QPService [Key] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe

O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O53 - SMSR:HKLM\...\startupreg\SysTrayApp [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe

O53 - SMSR:HKLM\...\startupreg\UCam_Menu [Key] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2

O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.AEF9EE4451D5C46370142CB06D0F3591] - 07/08/2008 - 14:31:52 ---A- . (.Hewlett-Packard Corporation - HP Accelerometer.) -- C:\Windows\system32\drivers\Accelerometer.sys

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.E54E27976E2C5A6465D44C10B1D87AC0] - 17/07/2002 - 16:20:32 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\system32\drivers\ASPI32.SYS

O58 - SDL:[MD5.76C10D80E46CB79570479CB7CF205D39] - 24/03/2009 - 15:07:58 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys

O58 - SDL:[MD5.CF6A67C90951E3E763D2135DEDE44B85] - 02/11/2006 - 08:30:53 ---A- . (.Broadcom Corporation - BCM 802.11g Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.4CD6B056C5FD9E97C06FE74C81479517] - 24/01/2008 - 14:23:12 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\system32\drivers\enecir.sys

O58 - SDL:[MD5.C25C70FD4D49391091D9EB8C747F19E6] - 28/08/2006 - 22:54:56 ---A- . (.Applied Networking Inc. - Hamachi Virtual Network Interface Driver, OEM.) -- C:\Windows\system32\drivers\gan_adapter.sys

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys

O58 - SDL:[MD5.64637B65C90DF48C94BB9346AFB3AC61] - 07/08/2008 - 14:42:12 ---A- . (.Hewlett-Packard Corporation - HP Disk Filter - SATA/RAID.) -- C:\Windows\system32\drivers\hpdskflt.sys

O58 - SDL:[MD5.35956140E686D53BF676CF0C778880FC] - 18/06/2007 - 16:12:04 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys

O58 - SDL:[MD5.DA971CFC625D13636E04C405948E9D62] - 08/07/2008 - 11:16:26 ---A- . (.JMicron Technology Corporation - JMicron JMB38X Flash Media Controller Driver.) -- C:\Windows\system32\drivers\jmcr.sys

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys

O58 - SDL:[MD5.8DE67BD902095A13329FD82C85A1FA09] - 17/11/2008 - 15:40:22 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys

O58 - SDL:[MD5.F972DC046C374A9E02F2DFBE74EBB203] - 14/05/2008 - 03:09:00 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda32v.sys

O58 - SDL:[MD5.24000B817CC84AC1555F41929879AF5A] - 03/10/2009 - 05:02:06 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 187.66.) -- C:\Windows\system32\drivers\nvlddmkm.sys

O58 - SDL:[MD5.1657F3FBD9061526C14FF37E79306F98] - 02/11/2006 - 08:30:56 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm60x32.sys

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.6D2DBE236CF5EF94E4BE1969D1B6D304] - 19/02/2010 - 14:33:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\PnkBstrK.sys

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.2FC33077F85D7DC0D03678C06D43898C] - 02/05/2008 - 14:59:40 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.9E7DEE11FD5A4355941A45F13C0ED59A] - 26/03/2006 - 13:22:14 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\system32\drivers\sfdrv01.sys

O58 - SDL:[MD5.4D0CE0FADCA29E7DA68CE597AC9010BD] - 05/07/2006 - 13:46:06 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\system32\drivers\sfdrv01a.sys

O58 - SDL:[MD5.DAAD4C099EBF5094D32C373AC1AC0F3C] - 14/06/2006 - 15:56:56 ---A- . (.Protection Technology (StarForce) - FrontLine Helper Driver.) -- C:\Windows\system32\drivers\sfhlp02.sys

O58 - SDL:[MD5.C526AD307FF1900BC4C864F74553F762] - 11/08/2006 - 14:47:13 ---A- . (.Protection Technology (StarForce) - FrontLine Synchronization Driver.) -- C:\Windows\system32\drivers\sfsync04.sys

O58 - SDL:[MD5.5DC0D3978B2C98F370BD8A5C9FD86092] - 14/06/2006 - 18:12:13 ---A- . (.Protection Technology (StarForce) - FrontLine VFS Driver.) -- C:\Windows\system32\drivers\sfvfs02.sys

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.00000000000000000000000000000000] - 22/07/2010 - 02:50:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 13/07/2009 - 10:54:33 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.14622AE81C72B08691EEDAABC1D4A129] - 02/05/2007 - 10:12:34 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device II 1.0 Driver.) -- C:\Windows\system32\drivers\ssm_bus.sys

O58 - SDL:[MD5.79B3761947FFDA77F2EF2225C1A1DFB1] - 02/05/2007 - 10:12:34 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_cm.sys

O58 - SDL:[MD5.79B3761947FFDA77F2EF2225C1A1DFB1] - 02/05/2007 - 10:12:34 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_cmnt.sys

O58 - SDL:[MD5.43EE5E9FDA61A5E0EAC4C1DE699E6E4D] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ssm_mdfl.sys

O58 - SDL:[MD5.918CFD32C7FEB174F356A0A6FAD11F4B] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Driver.) -- C:\Windows\system32\drivers\ssm_mdm.sys

O58 - SDL:[MD5.029711A9A56D300E1DC60EC65121403E] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_wh.sys

O58 - SDL:[MD5.029711A9A56D300E1DC60EC65121403E] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_whnt.sys

O58 - SDL:[MD5.21CC262AB5F42F7A6B91DC7304C2F267] - 27/06/2008 - 16:44:18 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt.sys

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.F5D926807BD9BC0AF68F9376144DE425] - 28/03/2008 - 02:06:00 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS

O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:23:23 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS

O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys

O58 - SDL:[MD5.C25C70FD4D49391091D9EB8C747F19E6] - 28/08/2006 - 22:54:56 ---A- . (.Applied Networking Inc. - Hamachi Virtual Network Interface Driver, OEM.) -- C:\Windows\system32\gan_adapter.sys

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)

O63 - Logiciel: RSIT - (.random/random.)

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\adp94xx.sys - adp94xx (adp94xx) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX

O64 - Services: CurCS - C:\Windows\system32\drivers\adpahci.sys - adpahci (adpahci) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI

O64 - Services: CurCS - C:\Windows\system32\drivers\adpu160m.sys - adpu160m (adpu160m) .(.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) - LEGACY_ADPU160M

O64 - Services: CurCS - C:\Windows\system32\drivers\adpu320.sys - adpu320 (adpu320) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) - LEGACY_ADPU320

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\system32\drivers\djsvs.sys - aic78xx (aic78xx) .(.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) - LEGACY_AIC78XX

O64 - Services: CurCS - C:\Windows\system32\drivers\aliide.sys - aliide (aliide) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE

O64 - Services: CurCS - C:\Windows\system32\drivers\amdide.sys - amdide (amdide) .(.Microsoft Corporation - Pilote IDE AMD.) - LEGACY_AMDIDE

O64 - Services: CurCS - C:\Windows\system32\drivers\arc.sys - arc (arc) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC

O64 - Services: CurCS - C:\Windows\system32\drivers\arcsas.sys - arcsas (arcsas) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS

O64 - Services: CurCS - C:\Windows\system32\drivers\atapi.sys - IDE Channel (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\system32\drivers\cmdide.sys - cmdide (cmdide) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE

O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_CO_MON

O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\system32\drivers\EagleNT.sys (.not file.) - EagleNT (EagleNT) .(.Pas de propriétaire - Pas de description.) - LEGACY_EAGLENT

O64 - Services: CurCS - C:\Windows\system32\drivers\elxstor.sys - elxstor (elxstor) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR

O64 - Services: CurCS - (.not file.) - F-Secure HIPS (F-Secure HIPS) .(.Pas de propriétaire - Pas de description.) - LEGACY_F-SECURE_HIPS

O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - (.not file.) - F-Secure Email Scanning Driver (FSES) .(.Pas de propriétaire - Pas de description.) - LEGACY_FSES

O64 - Services: CurCS - (.not file.) - F-Secure Firewall Driver (FSFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_FSFW

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\hpcisss.sys - HpCISSs (HpCISSs) .(.Hewlett-Packard Company - Smart Array Storport Driver.) - LEGACY_HPCISSS

O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\drivers\i2omp.sys - i2omp (i2omp) .(.Microsoft Corporation - I2O Miniport Driver.) - LEGACY_I2OMP

O64 - Services: CurCS - C:\Windows\system32\drivers\iastorv.sys - Intel RAID Controller Vista (iaStorV) .(.Intel Corporation - Intel Matrix Storage Manager driver (base).) - LEGACY_IASTORV

O64 - Services: CurCS - C:\Windows\system32\drivers\iirsp.sys - iirsp (iirsp) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP

O64 - Services: CurCS - C:\Windows\system32\drivers\intelide.sys - intelide (intelide) .(.Microsoft Corporation - Intel PCI IDE Driver.) - LEGACY_INTELIDE

O64 - Services: CurCS - C:\Windows\system32\drivers\isapnp.sys - PnP ISA/EISA Bus Driver (isapnp) .(.Microsoft Corporation - Pilote de bus PNP ISA.) - LEGACY_ISAPNP

O64 - Services: CurCS - C:\Windows\system32\drivers\iteatapi.sys - ITEATAPI_Service_Install (iteatapi) .(.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) - LEGACY_ITEATAPI

O64 - Services: CurCS - C:\Windows\system32\drivers\iteraid.sys - ITERAID_Service_Install (iteraid) .(.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) - LEGACY_ITERAID

O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_fc.sys - LSI_FC (LSI_FC) .(.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC

O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_sas.sys - LSI_SAS (LSI_SAS) .(.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS

O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_scsi.sys - LSI_SCSI (LSI_SCSI) .(.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Windows\system32\drivers\megasas.sys - megasas (megasas) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS

O64 - Services: CurCS - C:\Windows\system32\drivers\megasr.sys - MegaSR (MegaSR) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mraid35x.sys - Mraid35x (Mraid35x) .(.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\drivers\msdsm.sys - Microsoft Multi-Path Device Specific Module (msdsm) .(.Microsoft Corporation - Microsoft Device Specific Module.) - LEGACY_MSDSM

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\drivers\nfrd960.sys - nfrd960 (nfrd960) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\system32\drivers\nvraid.sys - NVIDIA nForce RAID Driver (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) - LEGACY_NVRAID

O64 - Services: CurCS - C:\Windows\system32\drivers\nvstor.sys - nvstor (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR

O64 - Services: CurCS - C:\Windows\system32\drivers\pciide.sys - pciide (pciide) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE

O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\drivers\ql2300.sys - QLogic Fibre Channel Miniport Driver (ql2300) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300

O64 - Services: CurCS - C:\Windows\system32\drivers\ql40xx.sys - QLogic iSCSI Miniport Driver (ql40xx) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\drivers\sbp2port.sys - SBP-2 Transport/Protocol Bus Driver (sbp2port) .(.Microsoft Corporation - SBP-2 Protocol Driver.) - LEGACY_SBP2PORT

O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\sfdrv01a.sys - StarForce Protection Environment Driver (version 1.x.a) (sfdrv01a) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01A

O64 - Services: CurCS - C:\Windows\system32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x) (sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02

O64 - Services: CurCS - C:\Windows\system32\drivers\sfsync04.sys - StarForce Protection Synchronization Driver (version 4.x) (sfsync04) .(.Protection Technology (StarForce) - FrontLine Synchronization Driver.) - LEGACY_SFSYNC04

O64 - Services: CurCS - C:\Windows\system32\drivers\sfvfs02.sys - StarForce Protection VFS Driver (version 2.x) (sfvfs02) .(.Protection Technology (StarForce) - FrontLine VFS Driver.) - LEGACY_SFVFS02

O64 - Services: CurCS - C:\Windows\system32\drivers\sisraid2.sys - SiSRaid2 (SiSRaid2) .(.Microsoft Corporation - SiS RAID Stor Miniport Driver.) - LEGACY_SISRAID2

O64 - Services: CurCS - C:\Windows\system32\drivers\sisraid4.sys - SiSRaid4 (SiSRaid4) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\symc8xx.sys - Symc8xx (Symc8xx) .(.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\drivers\sym_hi.sys - Sym_hi (Sym_hi) .(.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI

O64 - Services: CurCS - C:\Windows\system32\drivers\sym_u3.sys - Sym_u3 (Sym_u3) .(.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) - LEGACY_SYM_U3

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\uliahci.sys - uliahci (uliahci) .(.ULi Electronics Inc. - ULi SATA Controller Driver.) - LEGACY_ULIAHCI

O64 - Services: CurCS - C:\Windows\system32\drivers\ulsata.sys - UlSata (UlSata) .(.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) - LEGACY_ULSATA

O64 - Services: CurCS - C:\Windows\system32\drivers\ulsata2.sys - ulsata2 (ulsata2) .(.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) - LEGACY_ULSATA2

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\viaide.sys - viaide (viaide) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\vsdatant.sys - Zone Alarm Firewall Driver (Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT

O64 - Services: CurCS - C:\Windows\system32\drivers\vsmraid.sys - vsmraid (vsmraid) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\system32\drivers\wd.sys - Microsoft Watchdog Timer Driver (Wd) .(.Microsoft Corporation - Microsoft Watchdog Timer Driver.) - LEGACY_WD

O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL

 

 

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=4118 (Avira AntiVir) - (.Pas de propriétaire - Pas de description.) --

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: prefs.js [thomas - n9036dap.default] user_pref("extensions.snipit.askTbInstalled", true);

O69 - SBI: SearchScopes [HKCU] {230C22EE-865B-4F83-92C2-08CF69DA6578} - (AOL Recherche) - http://slirsredirect.search.aol.com

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON Search) - DAEMON-Search.com :: EXPLORE

O69 - SBI: SearchScopes [HKCU] {B3D1C463-0C12-4F24-BCB2-7943255E8DC0} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France

O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - Ask Toolbar

 

 

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by thomas at 22/08/2010 12:42:56

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll >>UNKNOWN [0x867380E8]<<

kernel: MBR read successfully

detected MBR rootkit hooks:

\Driver\atapi -> 0x867380e8

Warning: possible MBR rootkit infection !

user & kernel MBR OK

Use "Recovery Console" command "fixmbr" to clear infection !

Use "ZHPFix" command "MBRFix" to clear infection !

 

Message: Certains émulateurs de CD/DVD peuvent hooker le pilote atapi de façon légitime. Voici quelques émulateurs :

Message: Alcohol xx%, CDSpace, Circle Virtual CD, CloneCD, Daemon Tools, Virtual CloneDrive, Virtual CD, VirtualDrive, WinCDEmu,...

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [122880]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [595456]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]

O83 - Search Svchost Services: ezSharedSvc (ezSharedSvc) . (.EasyBits Sofware AS - Shared EasyBits services for Windows.) -- C:\Windows\System32\ezsvc7.dll [129992]

 

 

---\\ Infection BT - BHO/Toolbar (Possible)

O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - Ask Toolbar

 

 

 

End of the scan (1163 lines in 04mn 25s)(0)

Florinator Extrem Member

Florinator

Posté(e)
Posté(e)

Bonjour anubis :)

 

On travail sur Vista donc on va y aller doucement sur le traitement.

L'infection n'est pas simple à sortir et je te demanderai d'appliquer à la lettre les consignes ci dessous:

 

Télécharge GMer

 

  • Clique sur "Download EXE"
  • Sauvegarde-le sur ton Bureau (le nom est aléatoire)

 

NB:Sauvegarde ces instructions dans un fichier texte ou imprime-les, car tu devras fermer le navigateur.

 

  • Fais un clique droit dessus ((le nom comporte 8 chiffres/lettres aléatoires) et "Exécuter en tant qu'administrateur"
  • Déconnecte toi d'Internet puis ferme tous les programmes.

 

NB:Si l'outil te lance un warning d'activité de rootkit et te demande de faire un scan , clique "NO"

 

  • Dans la section de droite de la fenêtre de l'outil, décoche l'option suivante IAT/EAT
  • Assure-toi que "Show All" est décoché
  • Clique sur "Scan" et patiente (cela peut prendre 10 minutes ou +)
  • Une fois fini, clique sur le bouton "Save..." (au bas à droite) ;
  • Nomme le fichier "Florinator" et sauvegarde-le sur le Bureau ;
  • Copie/colle le contenu de ce rapport dans ta réponse.

 

A++

  • 2 mois après...
@rno Junior Member

@rno

Posté(e)
Posté(e)

Bonjour florinator, j'ai le même type de pb que anubis il me semble. J'ai au démarrage de mon pc une fenêtre qui s'ouvre pour me demander si je veux exécuter un fichier: c:/Users/User/Appdata/Roaming/system.exe

 

Je ne sais pas ce que c'est et je n'ai pas réussi à le trouver su mon PC. Je ne l'ai pas exécuté de peur d'aggraver les choses. J'ai depuis ça des alertes fréquentes de mon antivirus (microsoft security essentials (gratuit)) qui détecte d'autres virus (trojan pour la plupart) depuis que j'ai ce message bizarre qui s'affiche. J'ai aussi des pb avec internet qui m'ouvre des pages de pub tous le temps même quand je ne suis pas sur internet et mon PC à plus de mal qu'avant. Voila, c'est à peu près tout. J'ai exécuté Rkill pour voir mais vu que je ne m'y connais pas assez je comprend pas le rapport(cf. ci-dessous)

 

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as User on 16/11/2010 at 16:36:10.

 

 

Services Stopped:

 

 

Processes terminated by Rkill or while it was running:

 

 

C:\Users\User\AppData\Local\Temp\Ogv.exe

C:\Users\User\AppData\Local\Temp\Ogw.exe

C:\Users\User\Documents\Fichiers d'installations\rkill.exe

 

 

Rkill completed on 16/11/2010 at 16:36:16.

 

 

 

Voilà,

 

Est ce que tu pourrais m'aider stp ??

 

Merci d'avance,

 

A+

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

@rno, le topic dans lequel tu postes date...la dernière réponse a été faite par Florinator le 23 août 2010!

Il faut créer un nouveau sujet juste pour toi car on ne mélange pas les analyses, ceci par souci de clarté ;)

 

 

Je vois que tu as déjà créé un autre sujet sur un autre forum....>> Problème, virus appdata/roaming/system.exe - Aidoweb

Je te demanderais de rester sur cette discussion: Winx va s'occuper de toi: il t'a répondu avant que tu n'ouvre la nouvelle discussion ici.

On ne poste jamais sur plusieurs forums à la fois pour une demande de désinfection ;)

 

Ce sujet sera réouvert pour anubis03 si jamais il en fait la demande.

Invité
Ce sujet ne peut plus recevoir de nouvelles réponses.
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...