Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

impossible d'installer un antivirus

conan15

Par conan15
dans Analyses et éradication malwares

 Partager

Messages recommandés

conan15 Member

conan15

Posté(e)
Posté(e)

bonjour

 

je suis nouveau inscrit sous psudo: fatal22. Mon problème c'est qu'il m'est impossible d'installer un antivirus gratuit autre que microsoft internet security que je n'apprécie pas. Avant j'avais avast que j'ai désinstallé. Mon ordi qui est sous vista ne fait plus les mise à jour depuis un moment.J'ai essayé tous les antivirus gratuits mais aucun ne veut s'installer sur mon pc hormis bien sur micosoft internet security.Je sollicite votre aide pour résoudre mon problème. Merci

Florinator Extrem Member

Florinator

Posté(e)
Posté(e)

Bonsoir Conan :)

 

 

Il me faudrait quelques infos sur ta machine stp, fais ceci:

 

Télécharge ZHPDiag crée par Nicolas Coolman

 

  • Enregistre le sur ton bureau
  • Double clique sur l'icône
  • Suis les instructions à l'ecran
  • Clique sur loupe.jpg pour lancer l'analyse
  • Clique sur PanelCopierPP.jpg pour copier le rapport
  • Puis colle le dans ta prochaine réponses
  • Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

 

A++

conan15 Member

conan15

Posté(e)
  • Auteur
Posté(e)

voilà le rapport:

Rapport de ZHPDiag v1.26.53 par Nicolas Coolman, Update du 24/08/2010

Run by karima at 27/08/2010 10:06:43

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v7.0.6000.16757

MFIE: Mozilla Firefox (3.0.10)

 

---\\ System Information

Platform : Windows Vista Home Premium (6.0.6000)

Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1022 MB (36% free)

System drive C: has 17 GB (23%) free of 71 GB

 

---\\ Logged in mode

Computer Name: PC-DE-KARIMA

User Name: karima

All Users Names: yaniss, rabah, lyes, karima, Amelia, Administrateur,

Unselected Option: O1,O45,O61,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 71 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 71 Go of 71 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

 

 

---\\ Processus lancés

[MD5.C456658AF90F42BE3CDF1048F9CDB5CA] - (.Microsoft Corporation - Notifications du contrôle parental Windows.) -- C:\Windows\System32\wpcumi.exe [176128]

[MD5.A503A47A5E7EA8024379A8CC6059B74A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [3784704]

[MD5.2E0953919779A44BF9DFB7B07C58535A] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125440]

[MD5.693E4C15CEE5D6487D7913A2701B5E40] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]

[MD5.04E87A8A60CE38DA0C23DCA055A4BC82] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [547328]

[MD5.8072CEDAEF0C606D364E24F6F75B1099] - (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\system32\WerCon.exe [1137152]

 

 

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll

P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll

P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0009.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Content Upload Plugin.) -- C:\Program Files\DivX\DivX Content Uploader\npUpload.dll

P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.448] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

P2 - FPN: [HKLM] [@videolan.org/vlc;version=0.8.6h] - (.VideoLAN Team - Version 0.8.6h, copyright 1996-2007 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} . (.Hewlett-Packard Co. - Leo (Framework) - add-on for Internet Explo.) -- C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: (no name) - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O3 - Toolbar: (no name) - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O3 - Toolbar: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [MSSE] . (.Microsoft Corporation - Microsoft Security Essentials User Interfac.) -- C:\Program Files\Microsoft Security Essentials\msseces.exe

O4 - HKLM\..\Run: [WPCUMI] . (.Microsoft Corporation - Notifications du contrôle parental Windows.) -- C:\Windows\system32\WpcUmi.exe

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\Windows\system32\msconfig.exe

O4 - HKCU\..\Run: [????r] Clé orpheline

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-18\..\Run: [Gestionnaire Antidote.exe] . (.Druide informatique inc. - Gestionnaire Antidote.) -- C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe

O4 - HKUS\S-1-5-18\..\Run: [Gestionnaire Antidote.exe] . (.Druide informatique inc. - Gestionnaire Antidote.) -- C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-21-2309819576-2535532102-2727766173-1000\..\Run: [????r] Clé orpheline

O4 - HKUS\S-1-5-21-2309819576-2535532102-2727766173-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-21-2309819576-2535532102-2727766173-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Windows Live Search . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} . (.Hewlett-Packard Co. - Leo (Toolbar Extensions) - add-on for Internet Explorer.) -- C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} . (.Hewlett-Packard Co. - Leo (Toolbar Extensions) - add-on for Internet Explorer.) -- C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.not file.) - (.not file.)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{D54AC278-E53F-4338-AC15-064DBD8402E2}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{D54AC278-E53F-4338-AC15-064DBD8402E2}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{D54AC278-E53F-4338-AC15-064DBD8402E2}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.Pas de propriétaire - Pas de description.) - C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll (.not file.)

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: AG Windows Service (AGWinService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AGI\common\win32\PythonService.exe

O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire - Pas de description.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Shield Client Service (ShieldClientService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Shield\shieldclnt.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: (no name) - >{1B320010-9D3D-429F-B71B-A4A30EA1E956} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Adobe Shockwave Director 10.4 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\SwDir.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\Windows\system32\Macromed\Flash\Flash9f.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: kl1 (kl1) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\system32\DRIVERS\kl1.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {2614F54E-A828-49FA-93BA-45A3F756BFAA}

O42 - Logiciel: 40000 lettres types & correspondance - (.Anuman Interactive.) [HKLM] -- 40000 lettres types & correspondance

O42 - Logiciel: Acer Empowering Technology - (.Acer Inc..) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2}

O42 - Logiciel: Acer Picture Slide DVD - (.Pas de propriétaire.) [HKLM] -- {41581EF5-45A7-11DA-9D78-000129760D75}

O42 - Logiciel: Acer Plug and Record - (.Pas de propriétaire.) [HKLM] -- {F6EFFB76-4A07-11DA-9D78-000129760D75}

O42 - Logiciel: Acer ScreenSaver - (.Acer Inc..) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}

O42 - Logiciel: Acer Tour - (.Acer Inc..) [HKLM] -- {94389919-B0AA-4882-9BE8-9F0B004ECA35}

O42 - Logiciel: Acer Zone MagicDirector - (.Pas de propriétaire.) [HKLM] -- {F79A208D-D929-11D9-9D77-000129760D75}

O42 - Logiciel: Acer Zone Main Page - (.Pas de propriétaire.) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}

O42 - Logiciel: Acer Zone MakeDisk - (.Pas de propriétaire.) [HKLM] -- {B145EC69-66F5-11D8-9D75-000129760D75}

O42 - Logiciel: Acer Zone SoftDMA - (.Pas de propriétaire.) [HKLM] -- {AA4BF92B-2AAF-11DA-9D78-000129760D75}

O42 - Logiciel: Acer ePerformance Management - (.Acer Inc..) [HKLM] -- {D462BF9E-0C35-4705-BF9B-3DF9F3816643}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}

O42 - Logiciel: Antidote RX v2 - (.Druide informatique inc..) [HKLM] -- {A474EA56-5DBD-4181-8230-806A4762EA7F}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: CV Expert 3 - (.Carrière Interactive.) [HKLM] -- CvExpert3

O42 - Logiciel: Cap b2i - (.Rectorat Rouen.) [HKLM] -- {CB022D24-0445-4136-B636-5F40DC51E956}

O42 - Logiciel: Codeur Windows Media Série 9 - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

O42 - Logiciel: Composant Hmk - (.Pas de propriétaire.) [HKLM] -- Composant Hmk

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}

O42 - Logiciel: DivX Content Uploader - (.DivX, Inc..) [HKLM] -- {D050D7362D214723AD585B541FFB6C11}

O42 - Logiciel: DivX Converter Mobile - (.DivX, Inc..) [HKLM] -- {AF145F8997B44EE9B106D018EF1DB58B}

O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}

O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}

O42 - Logiciel: Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HDUpdate - (.IMAGINE Editions.) [HKLM] -- {669CA59D-B37A-41C2-9F83-87559A633C37}

O42 - Logiciel: HP Customer Participation Program 9.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP OCR Software 9.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: HP Photosmart All-In-One Software 9.0 - (.HP.) [HKLM] -- {B22C19AE-6A67-4f28-B541-5AE72FB17A25}

O42 - Logiciel: HP Photosmart Essential 2.01 - (.HP.) [HKLM] -- HP Photosmart Essential

O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}

O42 - Logiciel: HP Smart Web Printing - (.Nom de votre société.) [HKLM] -- {415CDA53-9100-476F-A7B2-476691E117C7}

O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB}

O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM] -- {487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}

O42 - Logiciel: HelloDoc - (.IMAGINE Editions.) [HKLM] -- {A639045D-BD54-4E88-9E00-233EE5C9B3B1}

O42 - Logiciel: Hotfix for Windows Media Encoder (KB929182) - (.Microsoft Corporation.) [HKLM] -- KB929182

O42 - Logiciel: IBM ViaVoice Dictation Runtime 7.0 - US English - (.Pas de propriétaire.) [HKLM] -- DeleteProdRunDictate_US

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Java 6 Update 12 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216012FF}

O42 - Logiciel: LG PC Suite - (.LGE.) [HKLM] -- {993960EE-CA4D-443F-8F88-E24260DD5FD2}

O42 - Logiciel: LG USB Modem driver - (.LG Electronics.) [HKLM] -- {C3ABE126-2BB2-4246-BFE1-6797679B3579}

O42 - Logiciel: MP3 Player Utilities 3.68 - (.MyMPxPlayer.org.) [HKLM] -- {D98BFAD2-0C90-47F4-9D69-2EFF21631884}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 and SOAP Toolkit 3.0 - (.Webroot Software, Inc..) [HKLM] -- {32343DB6-9A52-40C9-87E4-5E7C79791C87}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware

O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}

O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {E62A1F01-07B7-4541-A835-EE5B0BF064C2}

O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Language Pack 2007 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Essentials

O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- {EF98A02A-1748-4762-9B7D-5ED1600520D5}

O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (.Pas de propriétaire.) [HKLM] -- MSTTS

O42 - Logiciel: Mozilla Firefox (3.0.10) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.0.10)

O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {67ADE9AF-5CD9-4089-8825-55DE4B366799}

O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}

O42 - Logiciel: OpenOffice.org 2.4 - (.OpenOffice.org.) [HKLM] -- {B6694BAA-7604-46AA-A41F-B5F1E6DADE7A}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}

O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0) - (.MobileTop.) [HKLM] -- E24870CB6AA1C3511635FF9020A3E9471287FBE7

O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452

O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F

O42 - Logiciel: Package de pilotes Windows - Philips USB (10/01/2007 1.10.03.5790) - (.Philips.) [HKLM] -- 520EB7B13D6313F71239600F750802893CCAE993

O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: SAMSUNG Android USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Android USB Modem

O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device

O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem

O42 - Logiciel: SAMSUNG Mobile Modem V2 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem V2

O42 - Logiciel: SAMSUNG Mobile USB Download Driver Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Download Driver

O42 - Logiciel: SAMSUNG Mobile USB Driver - (.SAMSUNG.) [HKLM] -- {7184F382-8A6C-4B85-A3AC-B63734B1E241}

O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0

O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem

O42 - Logiciel: SAMSUNG SYMBIAN USB Download Driver - (.SAMSUNG Electronics CO,.LTD.) [HKLM] -- {D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}

O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device

O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit

O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device

O42 - Logiciel: Samsung Mobile USB Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile USB Modem Device

O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver

O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}

O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}

O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}

O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {AF7E85DC-317C-47F5-810E-B82EE093A612}

O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{797AE457-BA17-4BBC-B501-25FB3A0103C7}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB958439) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6491B8AA-D11C-4648-A461-6234B31EB7E2}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB958437) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{648FC016-2D6B-4A16-8D87-404533642F4B}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB951338) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{558B709B-821B-4FC5-90FC-9A8890641E77}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB950114) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB956358) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{4551666D-0FD6-4C69-8A81-1C6F2E64517C}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5F7F6FFF-395D-480E-8450-64F385D82C5F}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB956828) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{885E081B-72BD-4E76-8E98-30B4BE468FAC}

O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.) [HKLM] -- KB954156

O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: TomTom HOME 2.7.4.1962 - (.TomTom.) [HKLM] -- TomTom HOME

O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

O42 - Logiciel: TuneUp Utilities 2008 - (.TuneUp Software.) [HKLM] -- {5888428E-699C-4E71-BF71-94EE06B497DA}

O42 - Logiciel: TypingMaster Pro - (.TypingMaster Inc.) [HKLM] -- {98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB952142) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{4AD3A076-427C-491F-A5B7-7D1DE788A756}

O42 - Logiciel: Update for Office 2007 (KB946691) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A420F522-7395-4872-9882-C591B4B92278}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb958619) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}

O42 - Logiciel: VideoLAN VLC media player 0.8.6h - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: VirtualCom driver - (.AIT.) [HKLM] -- {1943A043-5C85-4A16-A0D0-D687B2C1A40F}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {C514C594-23AA-4F13-A070-DB8BDB27594F}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {BADF6744-3787-48F6-B8C9-4C4995401D65}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- Windows Live Toolbar

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3DFF4274-EBB0-4356-9692-972965018954}

O42 - Logiciel: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion

O42 - Logiciel: Your Uninstaller! 2008 Version 6.2 - (.URSoft, Inc..) [HKLM] -- Your Uninstaller! 2008

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AL-Software]

[HKCU\Software\ALWIL Software]

[HKCU\Software\ATI Technologies Inc.]

[HKCU\Software\Acer]

[HKCU\Software\Adobe]

[HKCU\Software\Andrew Zhezherun]

[HKCU\Software\AppDataLow\IEPro]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\AskSBar]

[HKCU\Software\AppDataLow\Software\Conduit]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\PHPNukeFR]

[HKCU\Software\AppDataLow\Software\Peer2Peer-FR]

[HKCU\Software\AppDataLow\Software\SmartShopper]

[HKCU\Software\AppDataLow\Software\Vuze_Remote]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\ArcSoft]

[HKCU\Software\Avg]

[HKCU\Software\Binary Noise]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Conduit]

[HKCU\Software\CyberLink]

[HKCU\Software\Digital Workshop]

[HKCU\Software\DivXNetworks]

[HKCU\Software\Druide informatique inc.]

[HKCU\Software\ESTsoft]

[HKCU\Software\Foxit Software]

[HKCU\Software\Freeware]

[HKCU\Software\GIANTCompany]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\Hercules]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IBM]

[HKCU\Software\IM Providers]

[HKCU\Software\IMAGINE Editions]

[HKCU\Software\IZSoftware]

[HKCU\Software\Iris]

[HKCU\Software\JavaSoft]

[HKCU\Software\KasperskyLab]

[HKCU\Software\LG Electronics Inc]

[HKCU\Software\LG Media Player]

[HKCU\Software\Lavalys]

[HKCU\Software\Lavasoft]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MGS]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MicroGaming]

[HKCU\Software\Mobileleader]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\NewTech Infosystems]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\Novell]

[HKCU\Software\ODBC]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Parisprog]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Privoxy]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\Rep-Listing]

[HKCU\Software\S3R521]

[HKCU\Software\SOFTWIN]

[HKCU\Software\SWISSKNIFE]

[HKCU\Software\SWiSHzone.com]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Samsung]

[HKCU\Software\Steganos]

[HKCU\Software\Symantec]

[HKCU\Software\TomTom]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\URSoft]

[HKCU\Software\Uniblue]

[HKCU\Software\Unlimited Possibilities]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Voice]

[HKCU\Software\Webroot]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\WinZip Computing]

[HKCU\Software\Windows Live]

[HKCU\Software\Wise Solutions]

[HKCU\Software\Xobni]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\eChanblard]

[HKCU\Software\ej-technologies]

[HKCU\Software\shockwave.com]

[HKLM\Software\ACLEngine]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AbiSuite]

[HKLM\Software\Acer Inc.]

[HKLM\Software\Acer]

[HKLM\Software\Acro Software Inc]

[HKLM\Software\Adobe]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\ArcSoft]

[HKLM\Software\Avg]

[HKLM\Software\Borland]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CompanyA]

[HKLM\Software\Conduit]

[HKLM\Software\CyberLink]

[HKLM\Software\Cygnus Solutions]

[HKLM\Software\DEVGURU]

[HKLM\Software\DivXNetworks]

[HKLM\Software\Druide informatique inc.]

[HKLM\Software\ESTsoft]

[HKLM\Software\Eset]

[HKLM\Software\Foxit Software]

[HKLM\Software\FullCircle]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Havas Medimedia]

[HKLM\Software\Hercules Technologies]

[HKLM\Software\Hercules]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\IBM]

[HKLM\Software\ICE]

[HKLM\Software\IMAGINE Editions]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\LG Electronics]

[HKLM\Software\LG PC Suite2]

[HKLM\Software\LGE]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\MCCI]

[HKLM\Software\Macromedia]

[HKLM\Software\MarkAny]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NOS]

[HKLM\Software\Nero]

[HKLM\Software\Neuf]

[HKLM\Software\NewTech Infosystems]

[HKLM\Software\ODBC]

[HKLM\Software\OVP]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PCSuite]

[HKLM\Software\PHPNukeFR]

[HKLM\Software\PassMark]

[HKLM\Software\Peer2Peer-FR]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Python]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RichFX]

[HKLM\Software\S3R521]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Samsung]

[HKLM\Software\Shield]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Steganos]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\SymDebug]

[HKLM\Software\Symantec]

[HKLM\Software\TomTom]

[HKLM\Software\Trad-FR]

[HKLM\Software\TuneUp]

[HKLM\Software\TypingMaster Inc]

[HKLM\Software\VIDAL]

[HKLM\Software\Vision]

[HKLM\Software\Voice]

[HKLM\Software\Volatile]

[HKLM\Software\Vuze_Remote]

[HKLM\Software\WholeSecurity]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Yahoo]

[HKLM\Software\afplanet]

[HKLM\Software\ej-technologies]

[HKLM\Software\emme]

[HKLM\Software\iTinySoft]

[HKLM\Software\magnet]

[HKLM\Software\mozilla.org]

[HKLM\Software\noname]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Inc

O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\Acro Software

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive

O43 - CFD:Common File Directory ----D- C:\Program Files\capb2i

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\Conduit

O43 - CFD:Common File Directory ----D- C:\Program Files\CV Expert 3

O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink

O43 - CFD:Common File Directory ----D- C:\Program Files\Dactylo

O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX

O43 - CFD:Common File Directory ----D- C:\Program Files\DivX

O43 - CFD:Common File Directory ----D- C:\Program Files\Druide

O43 - CFD:Common File Directory ----D- C:\Program Files\eChanblard

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\frndic

O43 - CFD:Common File Directory ----D- C:\Program Files\GNU Solfege

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\GPLGS

O43 - CFD:Common File Directory ----D- C:\Program Files\Hercules

O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\HP

O43 - CFD:Common File Directory ----D- C:\Program Files\IEPro

O43 - CFD:Common File Directory ----D- C:\Program Files\IMAGINE Editions

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\LG Electronics

O43 - CFD:Common File Directory ----D- C:\Program Files\LG PC Suite 2

O43 - CFD:Common File Directory ----D- C:\Program Files\LimeWire

O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\MarkAny

O43 - CFD:Common File Directory ----D- C:\Program Files\MediaCoder

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Security Essentials

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN

O43 - CFD:Common File Directory ----D- C:\Program Files\MSSOAP

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\MyMPxPlayer.org

O43 - CFD:Common File Directory ----D- C:\Program Files\navilog1

O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems

O43 - CFD:Common File Directory ----D- C:\Program Files\NOS

O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 2.4

O43 - CFD:Common File Directory ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD:Common File Directory ----D- C:\Program Files\PC Drivers HeadQuarters

O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- C:\Program Files\Real

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\Red Kawa

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung

O43 - CFD:Common File Directory ----D- C:\Program Files\SFR

O43 - CFD:Common File Directory ----D- C:\Program Files\Shield

O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD:Common File Directory ----D- C:\Program Files\TomTom DesktopSuite

O43 - CFD:Common File Directory ----D- C:\Program Files\TomTom HOME 2

O43 - CFD:Common File Directory ----D- C:\Program Files\TomTom International B.V

O43 - CFD:Common File Directory ----D- C:\Program Files\Total Video Converter

O43 - CFD:Common File Directory ----D- C:\Program Files\TubeMaster

O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2008

O43 - CFD:Common File Directory R---D- C:\Program Files\TypingMaster

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\ViaVoice

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Components

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!

O43 - CFD:Common File Directory ----D- C:\Program Files\Your Uninstaller 2008

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Borland Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\HP

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\NewTech Infosystems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Softwin

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared

O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe

O43 - CFD:Common File Directory ----D- C:\ProgramData\Alwil Software

O43 - CFD:Common File Directory ----D- C:\ProgramData\AMV Converter Studio

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data

O43 - CFD:Common File Directory ----D- C:\ProgramData\avg8

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau

O43 - CFD:Common File Directory ----D- C:\ProgramData\CyberLink

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents

O43 - CFD:Common File Directory ----D- C:\ProgramData\Driver Whiz

O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule

O43 - CFD:Common File Directory ----D- C:\ProgramData\ESET

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites

O43 - CFD:Common File Directory ----D- C:\ProgramData\Google

O43 - CFD:Common File Directory ----D- C:\ProgramData\Grisoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\ProgramData\HP

O43 - CFD:Common File Directory ----D- C:\ProgramData\HP Product Assistant

O43 - CFD:Common File Directory ----D- C:\ProgramData\HPSSUPPLY

O43 - CFD:Common File Directory ----D- C:\ProgramData\InstallShield

O43 - CFD:Common File Directory ----D- C:\ProgramData\Kaspersky Lab

O43 - CFD:Common File Directory ----D- C:\ProgramData\Kaspersky Lab Setup Files

O43 - CFD:Common File Directory ----D- C:\ProgramData\Lavasoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\ma-config.com

O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles

O43 - CFD:Common File Directory ----D- C:\ProgramData\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\ProgramData\NOS

O43 - CFD:Common File Directory ----D- C:\ProgramData\Office Genuine Advantage

O43 - CFD:Common File Directory ----D- C:\ProgramData\PassMark

O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Drivers HeadQuarters

O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Suite

O43 - CFD:Common File Directory ----D- C:\ProgramData\QuickTime

O43 - CFD:Common File Directory ----D- C:\ProgramData\Real

O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu

O43 - CFD:Common File Directory ----D- C:\ProgramData\SUPERAntiSpyware.com

O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec

O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates

O43 - CFD:Common File Directory ----D- C:\ProgramData\TomTom

O43 - CFD:Common File Directory ----D- C:\ProgramData\TuneUp Software

O43 - CFD:Common File Directory ----D- C:\ProgramData\WEBREG

O43 - CFD:Common File Directory ----D- C:\ProgramData\WinZip

O43 - CFD:Common File Directory ----D- C:\ProgramData\WLInstaller

O43 - CFD:Common File Directory ----D- C:\ProgramData\Yahoo! Companion

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Borland Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\HP

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\NewTech Infosystems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Softwin

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.00000000000000000000000000000000] - 27/08/2010 - 08:58:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1109710]

O44 - LFC:[MD5.7420E322C76C49ACB184986EB7E13CEC] - 27/08/2010 - 08:53:10 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.4DF069CA2199BC20CCC56F02681BCD83] - 26/08/2010 - 18:14:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [118244]

O44 - LFC:[MD5.1E9140CA50AE2EB017C4D1970858E8F5] - 26/08/2010 - 18:14:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [612848]

O44 - LFC:[MD5.A1CD10B9BCFBE64F65017199AB437D2A] - 26/08/2010 - 18:14:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [693350]

O44 - LFC:[MD5.7B2CB610081307955AF19224153F8E84] - 26/08/2010 - 18:14:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [104570]

O44 - LFC:[MD5.EFC7008496B9E2E592ABB02D135409C4] - 26/08/2010 - 18:14:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1519970]

O44 - LFC:[MD5.F5824D6E5EB0428579166A03720EED00] - 02/08/2010 - 18:17:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [422928]

O44 - LFC:[MD5.773C2CFED5F33DAD0EB0166C36C3E7E0] - 02/08/2010 - 18:09:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [2529418]

O44 - LFC:[MD5.A4119A867291314234E1EFE0388DD2FD] - 02/08/2010 - 05:20:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [148338]

O44 - LFC:[MD5.997B0ACFEFD2A565A1F93DCD3FBA5236] - 31/07/2010 - 19:47:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Antidote.ini [140]

O44 - LFC:[MD5.CE5E5DFBC43EF286C9D841E83EBDAAC1] - 01/08/2010 - 11:35:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [53508]

O44 - LFC:[MD5.DB074B5B987080FF05E258074648F579] - 01/08/2010 - 10:47:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\TEST.log [704]

O44 - LFC:[MD5.3B34675F4F56DEF0C21F8CDE381E38B5] - 01/08/2010 - 10:47:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\win.ini [571]

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers\"VIDC.CVID"="iccvid.drv" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers\"VIDC.MSVC"="msvidc.drv" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\PROGRA~1\ACERZO~1\ACERZO~2\Kernel\Burner\MKDMP3Enc.ACM"="MP3 PowerEncoder" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.7.0 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Acer Empowering Technology Monitor [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\SysMonitor.exe

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\AutoStartNPSAgent [Key] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

O53 - SMSR:HKLM\...\startupreg\Gestionnaire Antidote.exe [Key] . (.Druide informatique inc. - Gestionnaire Antidote.) -- C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe

O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

O53 - SMSR:HKLM\...\startupreg\WarReg_PopUp [Key] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2

O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys

O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.FE3EA6E9AFC1A78E6EDCA121E006AFB7] - 10/11/2006 - 14:05:00 ---A- . (.Arcsoft, Inc. - Arcsoft® ASPI Shell.) -- C:\Windows\system32\drivers\afc.sys

O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys

O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.AE8A0EDF1F1627CDF33C0E3059686CDF] - 05/12/2006 - 15:05:22 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.7B4BDE18D1A8F4823771C19B1390EAA1] - 31/07/2007 - 17:30:52 ---A- . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\camfilt2.sys

O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys

O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.CC0587F353DF94C119D7B57F99C8B6E5] - 13/07/2007 - 10:45:08 ---A- . (.Akkord Corporation - Stream Class Mini Driver.) -- C:\Windows\system32\drivers\HDvidv.sys

O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys

O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys

O58 - SDL:[MD5.42879F027AB4F1C20274ACB81619EB10] - 24/12/2007 - 10:32:26 ---A- . (.Kaspersky Lab - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl1.sys

O58 - SDL:[MD5.5AADC9297C39AA249CD994ACDBA19034] - 11/07/2007 - 10:40:18 ---A- . (.LG Electronics Inc. - LG CDMA USB Multi function Driver.) -- C:\Windows\system32\drivers\lgusbbus.sys

O58 - SDL:[MD5.4650FFE04E5922399B0E932319E6B215] - 11/07/2007 - 15:51:48 ---A- . (.LG Electronics Inc. - LG CDMA USB Diagnostics Driver.) -- C:\Windows\system32\drivers\lgusbdiag.sys

O58 - SDL:[MD5.2666FE171E0C2E7085CCD5FE0BAC09E3] - 11/07/2007 - 10:45:00 ---A- . (.LG Electronics Inc. - LG CDMA USB Modem Driver.) -- C:\Windows\system32\drivers\lgusbmodem.sys

O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 13/12/2006 - 19:44:35 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys

O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys

O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 17/09/2007 - 14:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfd.sys

O58 - SDL:[MD5.88B72D2A800300EB05C69F3C6C3180F2] - 10/11/2006 - 14:10:50 ---A- . (.HiTRUST - PSD Filter Driver.) -- C:\Windows\system32\drivers\psdfilter.sys

O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.A47B2875680AD67B35C6150BD0203056] - 08/11/2006 - 12:09:24 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys

O58 - SDL:[MD5.729248B54AFF21E740054ACEBFDBCB1C] - 13/07/2001 - 12:56:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\SBKUPNT.SYS

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.ABDEA870B939DD5A791069070351A4DF] - 13/01/2008 - 18:17:18 ---A- . (.Pas de propriétaire - WINNT/2K/XP/2003 Driver.) -- C:\Windows\system32\drivers\ShieldmNt.sys

O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys

O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.4723512C035A3A880DB4657705466240] - 11/10/2007 - 11:24:00 ---A- . (.Softwareentwicklung Remus - ArchiCrypt - ArchiCrypt Live Engine.) -- C:\Windows\system32\drivers\sleen16.sys

O58 - SDL:[MD5.DA820CF259A332F3CB8B2F647B111892] - 01/10/2007 - 14:38:00 ---A- . (.Philips - Philips SPC520 Camera Driver (WDM Main Driver).) -- C:\Windows\system32\drivers\SPC520.sys

O58 - SDL:[MD5.76369A6A4CF64BD2B2DD6D8DBB685912] - 01/10/2007 - 14:38:04 ---A- . (.Philips - Philips SPC520 Camera Driver (DS MiniDriver).) -- C:\Windows\system32\drivers\SPC520m.sys

O58 - SDL:[MD5.D6870895FE46A464A19141440EB6CC1E] - 03/07/2007 - 15:54:24 ---A- . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\Windows\system32\drivers\sscdbus.sys

O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 03/07/2007 - 15:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcm.sys

O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 03/07/2007 - 15:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcmnt.sys

O58 - SDL:[MD5.0FE167362E4689B716CDC8D93ADEDDA8] - 03/07/2007 - 15:57:24 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\Windows\system32\drivers\sscdmdfl.sys

O58 - SDL:[MD5.55A15707E32B6709242AD127E62CA55A] - 03/07/2007 - 15:58:20 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\Windows\system32\drivers\sscdmdm.sys

O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 03/07/2007 - 16:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwh.sys

O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 03/07/2007 - 16:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwhnt.sys

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 25/10/2007 - 16:26:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\StarOpen.sys

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.E0C67BE430C6DE490D6CCAECFA071F9E] - 29/08/2006 - 03:30:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\UBHelper.sys

O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys

O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys

O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.7D1F3B131D503EF43EE594B5A2B9B427] - 02/11/2006 - 08:30:56 ---A- . (.Marvell - Pilote miniport NDIS6.0 pour contrôleur Ethernet Marvell Yukon.) -- C:\Windows\system32\drivers\yk60x86.sys

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys

O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 05/10/2009 - 08:29:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\FsUsbExDisk.Sys

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS

O58 - SDL:[MD5.697A5F9C9750476316926FD08B79B130] - 26/01/2007 - 10:34:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\INT15.SYS

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)

O63 - Logiciel: Toolbar SD - (.IDN Team.)

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - (.not file.) - AIDA32Driver (AIDA32Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AIDA32DRIVER

O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR

O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP

O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI

O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Clean Driver (AvgAsCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGASCLN

O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_ANTI-SPYWARE_DRIVER

O64 - Services: CurCS - (.not file.) - bdfdll (bdfdll) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFDLL

O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Users\karima\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Users\karima\AppData\Local\Temp\cpuz132\cpuz132_x32.sys (.not file.) - cpuz132 (cpuz132) .(.Pas de propriétaire - Pas de description.) - LEGACY_CPUZ132

O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\system32\Drivers\dfsc.sys - Dfs Client Driver (DfsC) .(.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - (.not file.) - EAMON (eamon) .(.Pas de propriétaire - Pas de description.) - LEGACY_EAMON

O64 - Services: CurCS - (.not file.) - easdrv (easdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_EASDRV

O64 - Services: CurCS - (.not file.) - epfwtdir (epfwtdir) .(.Pas de propriétaire - Pas de description.) - LEGACY_EPFWTDIR

O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(.Pas de propriétaire - Pas de description.) - LEGACY_FSUSBEXDISK

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(.Pas de propriétaire - Pas de description.) - LEGACY_IDSVIX86

O64 - Services: CurCS - (.not file.) - File Security Driver (IKFileSec) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKFILESEC

O64 - Services: CurCS - (.not file.) - System Filter Driver (IKSysFlt) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKSYSFLT

O64 - Services: CurCS - (.not file.) - System Security Driver (IKSysSec) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKSYSSEC

O64 - Services: CurCS - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15 (int15) .(.Pas de propriétaire - Pas de description.) - LEGACY_INT15

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kl1.sys - kl1 (kl1) .(.Kaspersky Lab - Kaspersky Unified Driver.) - LEGACY_KL1

O64 - Services: CurCS - (.not file.) - Kaspersky Lab Boot Guard Driver (klbg) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLBG

O64 - Services: CurCS - (.not file.) - KLIF (KLIF) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLIF

O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCHINJDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\MpFilter.sys - Microsoft Malware Protection Driver (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\MpNWMon.sys - Microsoft Malware Protection Network Driver (MpNWMon) .(.Microsoft Corporation - Network monitor driver.) - LEGACY_MPNWMON

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\parvdm.sys - Parvdm (Parvdm) .(.Microsoft Corporation - Pilote parallèle VDM.) - LEGACY_PARVDM

O64 - Services: CurCS - (.not file.) - pavboot (pavboot) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVBOOT

O64 - Services: CurCS - (.not file.) - PCTools KDS (PCTCore) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTCORE

O64 - Services: CurCS - (.not file.) - PCTSDInjDriver32 (PCTSDInjDriver32) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTSDINJDRIVER32

O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\Drivers\PSDFILTER.sys - PSDFilter (PSDFilter) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSDFILTER

O64 - Services: CurCS - (.not file.) - PSDNSERVER (PSDNServ) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSDNSERV

O64 - Services: CurCS - (.not file.) - psdvdisk (psdvdisk) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSDVDISK

O64 - Services: CurCS - (.not file.) - PsSdk31 (PsSdk31) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSSDK31

O64 - Services: CurCS - (.not file.) - PsSdkLBF (PsSdkLBF) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSSDKLBF

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - (.not file.) - RDP Winstation Driver (RDPWD) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPWD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - (.not file.) - SASKUTIL (SASKUTIL) .(.Pas de propriétaire - Pas de description.) - LEGACY_SASKUTIL

O64 - Services: CurCS - C:\Windows\system32\Drivers\SBKUPNT.sys - SBKUPNT (SBKUPNT) .(.Pas de propriétaire - Pas de description.) - LEGACY_SBKUPNT

O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - (.not file.) - Shdbus (Shdbus) .(.Pas de propriétaire - Pas de description.) - LEGACY_SHDBUS

O64 - Services: CurCS - (.not file.) - Shieldf (Shieldf) .(.Pas de propriétaire - Pas de description.) - LEGACY_SHIELDF

O64 - Services: CurCS - (.not file.) - Shieldm (Shieldm) .(.Pas de propriétaire - Pas de description.) - LEGACY_SHIELDM

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\drivers\tdtcp.sys - TDTCP (TDTCP) .(.Microsoft Corporation - TCP Transport Driver.) - LEGACY_TDTCP

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tssecsrv.sys - Terminal Services Security Filter Driver (tssecsrv) .(.Microsoft Corporation - TS Security Filter Driver.) - LEGACY_TSSECSRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\UBHELPER.sys - UBHelper (UBHelper) .(.Pas de propriétaire - Pas de description.) - LEGACY_UBHELPER

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] Live Search - (Live Search) - Bing

O69 - SBI: SearchScopes [HKCU] {05C72334-11F3-4e9f-8740-98128F52EFB9} - (IE7Pro Search) - IE7Pro Start

O69 - SBI: SearchScopes [HKCU] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Live Search Powered by Kiwee) - http://kwtb.search.imgag.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {77EFBC34-556C-426E-B100-16739C1DDA59} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio

O69 - SBI: SearchScopes [HKCU] {A540D69B-1CD5-44FA-9B2A-DFEA5EBD97F1} - (uStart) - http://www.ustart.orgNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A11

O69 - SBI: SearchScopes [HKCU] {BA9F2F42-B7EB-4FF3-95E6-3ABE134F2F4E} - (Live Search, le moteur de MSN) - Bing

O69 - SBI: SearchScopes [HKCU] {F26741AA-0C14-4731-B4D9-B102A9F4AB47} - (Yahoo! Search) - Yahoo! Search - Web Search

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (Live Search Powered by Kiwee) - http://kwtb.search.imgag.com

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {3E6433C3-B87C-43EB-B19F-5A7CD6970E04} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (Live Search Powered by Kiwee) - http://kwtb.search.imgag.com

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {3E6433C3-B87C-43EB-B19F-5A7CD6970E04} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio

 

 

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by karima at 27/08/2010 10:11:04

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

kernel: MBR read successfully

user & kernel MBR OK

copy of MBR has been found in sector 22 !

copy of MBR has been found in sector 23 !

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]

O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software GmbH - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [28416]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [63488]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [245248]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [39936]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [39936]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [121344]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [569344]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [416768]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [310272]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [234496]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [65536]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [286208]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [427520]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1809944]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [750080]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [245248]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [178688]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111104]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [152576]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [34816]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [161280]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [595456]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [92160]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81408]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [69120]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | 12/11/2006 24576 | ePerformance Service (AcerMemUsageCheckService) . (.Pas de propriétaire.) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

SS - | Auto 12/11/2006 0 | AG Windows Service (AGWinService) . (.Pas de propriétaire.) - C:\Program Files\AGI\common\win32\PythonService.exe

SR - | Auto 05/12/2006 557056 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe

SS - | Auto 05/12/2006 0 | Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

SS - | Auto 08/12/2006 45056 | eRecovery Service (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

SR - | Auto 09/10/2009 238952 | FsUsbExService (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe

SS - | Auto 27/06/2010 136176 | Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 19/10/2006 61440 | LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

SR - | Auto 21/01/2005 143360 | Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

SR - | Auto 26/01/2009 1153368 | SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

SS - | Demand 07/04/2008 430592 | ServiceLayer (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

SS - | Auto 13/01/2008 45056 | Shield Client Service (ShieldClientService) . (.Pas de propriétaire.) - C:\Program Files\Shield\shieldclnt.exe

SS - | Demand 07/05/2010 92008 | TomTomHOMEService (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

SS - | Demand 03/07/2008 355584 | C:\Windows\System32\TuneUpDefragService.exe (TuneUp.Defrag) . (.TuneUp Software GmbH.) - C:\Windows\System32\TuneUpDefragService.exe

 

 

---\\ Infection BT - BHO/Toolbar (Possible)

[HKCU\Software\AppDataLow\Software\AskSBar]

 

 

 

End of the scan (1154 lines in 04mn 23s)(0)

Florinator Extrem Member

Florinator

Posté(e)
Posté(e)

Bonjour Conan :)

 

Rien de bien méchant:

 

Télécharge Ad-Remover

 

Déconnectes toi et fermes toutes applications en cours

 

  • Double clique sur le programme, et valide le message d'avertissement
  • Double clique sur l'icône située sur ton bureau
  • Choisi l'option "scanner"
  • Poste le rapport qui apparait à la fin .

 

Remarque: Le rapport est sauvegardé sous C:\Ad-report SCAN.log. Il est possible que ton antivirus se mette en alerte, ignore la.

 

A++

conan15 Member

conan15

Posté(e)
  • Auteur
Posté(e)

bonjour

voici le rapport Ad-report:

======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par C_XX le 26/07/10 à 12:00

Contact: AdRemover.contact[AT]gmail.com

Site web: Ad_Remover

 

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 16:59:25 le 27/08/2010, Mode normal

 

Microsoft® Windows Vista Édition Familiale Premium (X86)

karima@PC-DE-KARIMA (Acer Aspire T660)

 

============== RECHERCHE ==============

 

 

0,Dossier trouvé: C:\Users\karima\AppData\LocalLow\Conduit

0,Dossier trouvé: C:\Program Files\Conduit

 

0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2504091

0,Clé trouvée: HKLM\Software\Conduit

0,Clé trouvée: HKCU\Software\Conduit

0,Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit

 

 

============== SCAN ADDITIONNEL ==============

 

** Mozilla Firefox Version [3.0.10 (fr)] **

 

-- C:\Users\karima\AppData\Roaming\Mozilla\FireFox\Profiles\qykrsx6h.default\User.js --

keyword.URL, hxxp://redirecterror.sfr.fr/?q=

 

-- C:\Users\karima\AppData\Roaming\Mozilla\FireFox\Profiles\qykrsx6h.default\Prefs.js --

browser.download.dir, C:\\Users\\karima\\Downloads

browser.startup.homepage_override.mstone, rv:1.9.0.10

keyword.URL, hxxp://redirecterror.sfr.fr/?q=

 

-- C:\Users\Amelia\AppData\Roaming\Mozilla\FireFox\Profiles\azrukptv.default\Prefs.js --

browser.download.dir, C:\\Users\\Amelia\\Downloads

browser.startup.homepage_override.mstone, rv:1.9.0.10

keyword.URL, hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01b...

 

-- C:\Users\lyes\AppData\Roaming\Mozilla\FireFox\Profiles\tiwm0ccu.default\Prefs.js --

browser.download.dir, C:\\Users\\lyes\\Downloads

browser.startup.homepage, hxxp://www.msn.fr/

browser.startup.homepage_override.mstone, rv:1.9.0.10

keyword.URL, hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01b...

 

-- C:\Users\rabah\AppData\Roaming\Mozilla\FireFox\Profiles\r5n42lp0.default\User.js --

keyword.URL, hxxp://redirecterror.sfr.fr/?q=

 

-- C:\Users\rabah\AppData\Roaming\Mozilla\FireFox\Profiles\r5n42lp0.default\Prefs.js --

browser.download.dir, C:\\Users\\rabah\\Downloads

browser.download.lastDir, C:\\Users\\rabah\\Documents

browser.startup.homepage, hxxp://www.google.com/firefox

browser.startup.homepage_override.mstone, rv:1.9.0.10

keyword.URL, hxxp://redirecterror.sfr.fr/?q=

 

-- C:\Users\yaniss\AppData\Roaming\Mozilla\FireFox\Profiles\wiuq154p.default\Prefs.js --

browser.download.dir, C:\\Users\\yaniss\\Downloads

browser.startup.homepage_override.mstone, rv:1.9.0.10

 

========================================

 

** Internet Explorer Version [7.0.6000.16757] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

 

C:\Ad-Report-SCAN[1].txt - 27/08/2010 (3989 Octet(s))

 

Fin à: 17:03:47, 27/08/2010

 

============== E.O.F ==============

Florinator Extrem Member

Florinator

Posté(e)
Posté(e)

Bonjour Conan15 :)

 

Il y a surtout beaucoup de traces de toolbar, jette un oeuil ici pour savoir comment les éviter:

 

 

 

 

 

1

 

  • Copie ces lignes ci dessous:

 

O3 - Toolbar: (no name) - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} . (.Pas de propriétaire - Pas de description.) -- (.not file.)        
O3 - Toolbar: (no name) - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} . (.Pas de propriétaire - Pas de description.) -- (.not file.)        
O3 - Toolbar: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Pas de propriétaire - Pas de description.) -- (.not file.)       
O4 - HKCU\..\Run: [????r] Clé orpheline  
O4 - HKUS\S-1-5-21-2309819576-2535532102-2727766173-1000\..\Run: [????r] Clé orpheline
[HKCU\Software\AppDataLow\Software\AskSBar]
[HKCU\Software\AppDataLow\Software\Conduit] 
[HKCU\Software\AppDataLow\Software\PHPNukeFR]  
[HKCU\Software\AppDataLow\Software\Peer2Peer-FR] 
[HKCU\Software\AppDataLow\Software\SmartShopper]     
[HKCU\Software\AppDataLow\Software\Vuze_Remote] 
[HKCU\Software\Conduit]  
[HKLM\Software\Conduit] 
[HKLM\Software\PHPNukeFR]
[HKLM\Software\Peer2Peer-FR]
[HKLM\Software\Trad-FR] 
O43 - CFD:Common File Directory ----D- C:\Program Files\Conduit 
O69 - SBI: SearchScopes [HKCU] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Live Search Powered by Kiwee) - [url=http://kwtb.search.imgag.com][url=http://kwtb.search.imgag.com]http://kwtb.search.imgag.com[/url][/url]   
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (Live Search Powered by Kiwee) - [url=http://kwtb.search.imgag.com][url=http://kwtb.search.imgag.com]http://kwtb.search.imgag.com[/url][/url] 
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (Live Search Powered by Kiwee) - [url=http://kwtb.search.imgag.com][url=http://kwtb.search.imgag.com]http://kwtb.search.imgag.com[/url][/url]  
O69 - SBI: SearchScopes [HKCU] {77EFBC34-556C-426E-B100-16739C1DDA59} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio  
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {3E6433C3-B87C-43EB-B19F-5A7CD6970E04} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio  
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {3E6433C3-B87C-43EB-B19F-5A7CD6970E04} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio

 

 

  • Ouvre ZHPDiag, puis clique sur l'icône PanelZHPFix.jpg
    Si l'icône n'apparait pas, relance un scan avec ZHPDiag, à la fin du scan elle apparaitra
  • Clique successivement sur l'icône PanelHelper.jpg,pour effacer le rapport qui s'est affiché
  • Clique ensuite sur malette-cachee.jpg pour coller la sélection
  • Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre
  • Clique sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.
  • Clique sur "Tous" puis sur "Nettoyer".
    Si on te demande de redémarrer l'ordi pour achever le nettoyage, fais le immmédiatement.
  • Copie/colle le rapport dans ton prochain post.

 

Remarque:Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPFixReport.txt

 

 

 

 

2

 

 

Télécharge TFC crée par OldTimer

 

  • Double clique dessus pour le lancer. (Note: Si tu es sous Vista, fais un clique droit sur le fichier et choisis "Exécuter en tant qu'Administrateur").
  • L'outil va fermer tous les programmes lors de son exécution, donc vérifies que tu ais sauvegardé tout ton travail en cours avant de commencer.
  • Clique sur le bouton "Start" pour lancer le processus.Laisse le programme s'exécuter sans l'interrompre.
  • Lorsqu'il a terminé, l'outil devrait faire redémarrer votre système. S'il ne le fait pas, fais redémarrer manuellement le PC toi même pour finir le nettoyage.

 

 

Dis moi comment se comporte la machine maintenant.

 

A++

conan15 Member

conan15

Posté(e)
  • Auteur
Posté(e) (modifié)

bonjour

voilà le rapport ZHPFix:

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:00

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=hex:00

"{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990}"="PHPNukeFR Toolbar"

"{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}"="Peer2Peer-FR Toolbar"

"{ba14329e-9550-4989-b3f2-9732e92d17cc}"="Vuze Remote Toolbar"

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:00

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=hex:00

"{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}"="Peer2Peer-FR Toolbar"

"{ba14329e-9550-4989-b3f2-9732e92d17cc}"="Vuze Remote Toolbar"

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\Software\Conduit]

 

[HKEY_LOCAL_MACHINE\Software\Conduit\Community Alerts]

"Path"="C:\\Program Files\\Conduit\\Community Alerts\\Alert.dll"

 

[HKEY_LOCAL_MACHINE\Software\Conduit\Toolbars]

"Vuze Remote Toolbar"="{BA14329E-9550-4989-B3F2-9732E92D17CC}"

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\Software\PHPNukeFR]

 

[HKEY_LOCAL_MACHINE\Software\PHPNukeFR\toolbar]

"Path"="C:\\Program Files\\PHPNukeFR"

"ComId"="{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990}"

"Server"="users.conduit.com"

"SponsorId"="CT2102473"

"DisplayTitle"="PHPNukeFR Toolbar"

"DisplayName"="PHPNukeFR"

"MultiCommunityEnabled"="FALSE"

"GroupingEnabled"="FALSE"

"ToolbarHelperFileName"="C:\\Program Files\\PHPNukeFR\\PHPNukeFRToolbarHelper.exe"

"version"="4.5.188.7"

"UserID"="UN20081218180749251"

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\Software\Peer2Peer-FR]

 

[HKEY_LOCAL_MACHINE\Software\Peer2Peer-FR\toolbar]

"Path"="C:\\Program Files\\Peer2Peer-FR"

"ComId"="{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}"

"Server"="users.conduit.com"

"SponsorId"="CT2004604"

"DisplayTitle"="Peer2Peer-FR Toolbar"

"DisplayName"="Peer2Peer-FR"

"MultiCommunityEnabled"="TRUE"

"GroupingEnabled"="FALSE"

"ToolbarHelperFileName"="C:\\Program Files\\Peer2Peer-FR\\Peer2Peer-FRToolbarHelper.exe"

"version"="4.5.188.6"

"UserID"="UN20081218181044676"

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\Software\Trad-FR]

 

[HKEY_LOCAL_MACHINE\Software\Trad-FR\Install]

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:00

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=hex:00

"{ba14329e-9550-4989-b3f2-9732e92d17cc}"="Vuze Remote Toolbar"

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\AskSBar]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\AskSBar\bar]

"CacheDir"="C:\\Users\\karima\\AppData\\LocalLow\\AskSBar\\bar\\Cache\\"

"HistoryDir"="C:\\Users\\karima\\AppData\\LocalLow\\AskSBar\\bar\\History\\"

"SettingsDir"="C:\\Users\\karima\\AppData\\LocalLow\\AskSBar\\bar\\Settings\\"

"ConfigDateStamp"="2009031502"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\AskSBar\SearchAssistant]

"fs"="0"

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Channels]

"LastCheckTime"=dword:494e8c36

"Interval"=dword:0000001e

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Channels\491096]

"LastUpdateTime"="1225619866"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Channels\491096\Feeds]

"486966"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Channels\518321]

"LastUpdateTime"="1229266315"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Channels\518321\Feeds]

"514191"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Feeds]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Feeds\486966]

"Url"="http://alert.services.conduit.com/Alerts/AlertServices.asmx/GetHostedFeedRss?alertID=491096&alertFeedId=486966"

"Title"="Peer2Peer-FR Alerts"

"UpdateFeedInterval"=dword:0000001e

"LastCheckTime"=dword:494e8c37

"IsFeedModified"="FALSE"

"DownloadErrorCount"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Feeds\514191]

"Url"="http://alert.services.conduit.com/Alerts/AlertServices.asmx/GetHostedFeedRss?alertID=518321&alertFeedId=514191"

"Title"="PHPNukeFR Alerts"

"UpdateFeedInterval"=dword:0000001e

"LastCheckTime"=dword:494e8c37

"IsFeedModified"="FALSE"

"DownloadErrorCount"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Sources]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Sources\IE_TB_CT2004604]

"491096"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Data\Sources\IE_TB_CT2102473]

"518321"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\RegisteredSources]

"IE_TB_CT2102473"=dword:00000000

"IE_TB_CT2004604"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Settings]

"AutoUpdateEnabled"="TRUE"

"ShowAlerts"="TRUE"

"ALPClientsServerName"="http://alert.client.conduit.com"

"ALPServicesServerName"="http://alert.services.conduit.com"

"FirstTimeStamp"=dword:494d488d

"UpdateAllFeedsLastTime"=dword:494e8ffd

"LoginMessageLastCheckTime"=dword:494e8c36

"LoginMessageIntervalInMinutes"=dword:000000b4

"LoginMessageLastUpdateTime"="1223817397"

"ShowMessageAfterUserCloseInterval"=dword:0000012c

"MessageAppearTime"=dword:00000014

"DefaultShowIconInSystemTray"="FALSE"

"AutoUpdateIntervalInHours"=dword:000001f8

"AutoUpdateServerName"="http://alert.storage.conduit.com"

"AutoUpdateServerVersion"="1.0.0.0"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Settings\Locales]

"LP_CurrentUILocale"="en"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Community Alerts\Settings\Locales\en]

"LP_LastUpdateTime"="1229801487"

"LP_LastCheckTime"=dword:494d4899

"LP_ReloadIntervalInHours"=dword:000000a8

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Toolbar]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\Toolbar\UPage]

"MyGadgetsLastUpdateTime"="2008-12-20T21:31:39.185625+02:00"

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar]

"Server"="users.conduit.com"

"WebServerUrl"="http://PHPNukeFR.OurToolbar.com/"

"Write us link"="mailto:support@phpnuke.org"

"UsageURL"="http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"'>http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"'>http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"

"GroupingServerURL"="http://services.conduit.com/"'>http://services.conduit.com/"'>http://services.conduit.com/"

"UserID"="UN20081218180749251"

"users.conduit.com Last Login"=dword:494e8c35

"DisplayName"="PHPNukeFR "

"LoginCache"=dword:00000003

"PrivacyPageURL"="http://www.conduit.com/privacy/Default.aspx"'>http://www.conduit.com/privacy/Default.aspx"

"LoginLastReplyTime"=dword:494e8c37

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\IE5]

"CabinetVisible"="FALSE"

"ExplorerVisible"="FALSE"

"FirstTime"="FALSE"

"Visible"="TRUE"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\IE5\User]

"Visible"="TRUE"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings]

"EnableSearchFromAdress"="TRUE"

"SearchFromAdressUrl"="http://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&q=MYSEARCHTERM"

"FixPageNotFoundError"=dword:00000001

"MaxThreadPoolSize"=dword:00000014

"CopyDefaultData"="FALSE"

"SettingsLastCheck"=dword:494e8c35

"VisualLastUpdateTime"=dword:49457583

"SettingsLastUpdate"=dword:49457583

"Locale"="fr"

"LocaleAlignRTL"="FALSE"

"SettingsReloadInterval"=dword:00000078

"AllowNonPrivacyFunctions"="FALSE"

"HomePageUrl"="http://www.phpnuke.org/"

"AlignMode"=dword:00000000

"FixPageNotFoundErrorUrl"="http://PHPNukeFR.OurToolbar.com/notfound/?actid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&url=EB_MAIN_FRAME_URL"

"SHRINK_TOOLBAR"=dword:00000000

"EmailAccountsCopyNeeded"="FALSE"

"LanguagePackLastUpdateTime"="1228376639"

"3rdPartyReloadInterval"=dword:00000018

"3rdPartyLastUpdate"=dword:49457583

"3rdPartyLastCheck"=dword:494d4891

"LanguagePackLastCheck"=dword:494d4896

"LanguagePackReloadInterval"=dword:00000018

"LastEmailsCheckTime"=dword:494e8f07

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\CommunityGroup]

"CommunityDetectedTooltipWidth"=dword:00000127

"CommunityDetectedTooltipHeight"=dword:00000053

"CommunityDetectedTooltipUrl"="http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"'>http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\RadioPlayer]

"ServerUrl"="http://services.conduit.com/RadioRequest.ctp"'>http://services.conduit.com/RadioRequest.ctp"

"MediaListReloadInterval"=dword:000005a0

"PodcastReloadInterval"=dword:0000001e

"MediaListLastCheck"=dword:494d48a3

"IPStationsLastUpdateTime"="3"

"ServerLastUpdateTime"="128737696351870000"

"CurrentTitle"="RFI Afrique "

"CurrentMedia"="9512198"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\rss]

"http://www.phpnuke-europe.org/backend.php'>http://www.phpnuke-europe.org/backend.php "=dword:494e8c3d

"http://www.phpnuke-espanol.org/backend.php'>http://www.phpnuke-espanol.org/backend.php "=dword:494e8c3e

"http://phpnuke.org.br/backend.php'>http://phpnuke.org.br/backend.php "=dword:494e8c71

"http://www.phpnuke-service.de/backend.php'>http://www.phpnuke-service.de/backend.php "=dword:494e8c3d

"http://news.google.fr/?output=rss'>http://news.google.fr/?output=rss "=dword:494e8c4b

"http://p.yimg.com/dj/rss/'>http://p.yimg.com/dj/rss/ "=dword:494e8c4b

"http://www.feediz.com/synd/2732.xml'>http://www.feediz.com/synd/2732.xml "=dword:494e8c4a

"http://feeds.feedburner.com/France2-ALaUne'>http://feeds.feedburner.com/France2-ALaUne "=dword:494e8c4a

"http://www.feediz.com/synd/7192.xml'>http://www.feediz.com/synd/7192.xml "=dword:494e8c49

"http://feeds.feedburner.com/France2-Culture'>http://feeds.feedburner.com/France2-Culture "=dword:494e8c4a

"http://feeds.feedburner.com/France2-Sport'>http://feeds.feedburner.com/France2-Sport "=dword:494e8c4a

"http://fr.sports.yahoo.com/eurosport/tickerdb/sport/0.xml'>http://fr.sports.yahoo.com/eurosport/tickerdb/sport/0.xml "=dword:494e8c4b

"http://d.yimg.com/dj/rss/sport.xml'>http://d.yimg.com/dj/rss/sport.xml "=dword:494e8c4a

"http://video.google.fr/videofeed?type=top100new&num=20&output=rss'>http://video.google.fr/videofeed?type=top100new&num=20&output=rss "=dword:494e8c49

"http://www.desarrollonuke.org/backend.php'>http://www.desarrollonuke.org/backend.php "=dword:494e8c3f

"http://www.phpnuke.org/backend.php'>http://www.phpnuke.org/backend.php "=dword:494e8c3e

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\rss\unreadItems]

"http://www.phpnuke-europe.org/backend.php "=dword:0000000a

"http://www.phpnuke-espanol.org/backend.php "=dword:0000000a

"http://phpnuke.org.br/backend.php "=dword:0000000a

"http://www.phpnuke-service.de/backend.php "=dword:0000000a

"http://news.google.fr/?output=rss "=dword:00000032

"http://p.yimg.com/dj/rss/ "=dword:00000013

"http://www.feediz.com/synd/2732.xml "=dword:00000018

"http://feeds.feedburner.com/France2-ALaUne "=dword:0000001a

"http://www.feediz.com/synd/7192.xml "=dword:00000032

"http://feeds.feedburner.com/France2-Culture "=dword:0000000a

"http://feeds.feedburner.com/France2-Sport "=dword:00000011

"http://fr.sports.yahoo.com/eurosport/tickerdb/sport/0.xml "=dword:00000032

"http://d.yimg.com/dj/rss/sport.xml "=dword:00000006

"http://video.google.fr/videofeed?type=top100new&num=20&output=rss "=dword:00000028

"http://www.desarrollonuke.org/backend.php "=dword:00000006

"http://www.phpnuke.org/backend.php "=dword:0000000a

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\Search]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\Search\Settings]

"SearchFromAddressUrl"="http://search.conduit.com/ResultsExt.aspx?ctid=EB_CTID&SearchSource=2&q=MYSEARCHTERM"'>http://search.conduit.com/ResultsExt.aspx?ctid=EB_CTID&SearchSource=2&q=MYSEARCHTERM"

"ContextMenuSearchUrl"="http://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8"'>http://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8"

"BackToDefaultSearchEnginePublisher"="TRUE"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\UPage]

"MyGadgetsIntervalInMinutes"=dword:000005a0

"MyGadgetsServerUrl"="http://services.MyStuff.u-page.com/MyStuffService.asmx/LegacyLogin"'>http://services.MyStuff.u-page.com/MyStuffService.asmx/LegacyLogin"

"ToolbarApiTrustedDomains"="u-page.com"

"MyGadgetsLastCheckTime"=dword:494d48a3

"MyGadgetsUrl"="http://www.u-page.com/MiniIPage/?ctid=EB_TOOLBAR_ID"'>http://www.u-page.com/MiniIPage/?ctid=EB_TOOLBAR_ID"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\Update]

"Type"="Manual"

"LastUpdate"=dword:494d488d

"IntervalInHours"=dword:000001f8

"ModuleURL"="http://ieupdate.conduit.com/tbedrs.dll"'>http://ieupdate.conduit.com/tbedrs.dll"

"Version"="4.5.186.7"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\Weather]

"SearchServerUrl"="http://search.conduit.com/"'>http://search.conduit.com/"

"CurrentForecastCity"="<SUGGESTION><CITY>Paris</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0076</LOCATION_ID></SUGGESTION>"

"HistoryForecastCity1"="<SUGGESTION><CITY>Marseille</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0059</LOCATION_ID></SUGGESTION>"

"HistoryForecastCity2"="<SUGGESTION><CITY>Lyon</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0055</LOCATION_ID></SUGGESTION>"

"HistoryForecastCity3"="<SUGGESTION><CITY>Toulouse</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0099</LOCATION_ID></SUGGESTION>"

"IFeelLuckyLastTry"=dword:494d48a3

"IFeelLuckyErrCode"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\PHPNukeFR\toolbar\settings\Weather\fr]

"LastForecastUpdateTime"=dword:494e8c38

"Forecast"="<FORECAST><LOCATION_ID>FRXX0076</LOCATION_ID><DAYS><DAY1><DATE>20081221</DATE><DAY>Dimanche</DAY><F_MIN>43</F_MIN><F_MAX>N/A</F_MAX><C_MIN>6</C_MIN><C_MAX>N/A</C_MAX><UV_DESCRIPTION>Bas</UV_DESCRIPTION><UV_INDEX>1</UV_INDEX><SUNSET>4:56 pm</SUNSET><SUNRISE>8:41 am</SUNRISE><MOONRISE>2:48 am</MOONRISE><MOONSET>1:03 pm</MOONSET><MOON_PHASE>Lune Décroissante</MOON_PHASE><CONDITION_DESCRIPTION>Brumeux</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/foggy_big.gif</CONDITION_ICON></DAY1><DAY2><DATE>20081222</DATE><DAY>Lundi</DAY><F_MIN>43</F_MIN><F_MAX>49</F_MAX><C_MIN>6</C_MIN><C_MAX>9</C_MAX><UV_DESCRIPTION>Bas</UV_DESCRIPTION><UV_INDEX>0</UV_INDEX><SUNSET>4:56 pm</SUNSET><SUNRISE>8:42 am</SUNRISE><MOONRISE>3:59 am</MOONRISE><MOONSET>1:23 pm</MOONSET><MOON_PHASE>Lune Décroissante</MOON_PHASE><CONDITION_DESCRIPTION>Brumeux</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/foggy_big.gif</CONDITION_ICON></DAY2><DAY3><DATE>20081223</DATE><DAY>Mardi</DAY><F_MIN>35</F_MIN><F_MAX>45</F_MAX><C_MIN>1</C_MIN><C_MAX>7</C_MAX><UV_DESCRIPTION>Bas</UV_DESCRIPTION><UV_INDEX>1</UV_INDEX><SUNSET>4:57 pm</SUNSET><SUNRISE>8:42 am</SUNRISE><MOONRISE>5:09 am</MOONRISE><MOONSET>1:47 pm</MOONSET><MOON_PHASE>Lune Décroissante</MOON_PHASE><CONDITION_DESCRIPTION>Brumeux</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/foggy_big.gif</CONDITION_ICON></DAY3></DAYS><CURRENT_CONDITION><TEMP_F>N/A</TEMP_F><TEMP_C>N/A</TEMP_C><WEATHER_TEXT/><SKY/><FEELS_LIKE_F>N/A</FEELS_LIKE_F><FEELS_LIKE_C>N/A</FEELS_LIKE_C><ICON>http://weather.conduit.com/images/weather/Default/mostly_cloudy_big.gif</ICON><BUTTON_ICON>http://weather.conduit.com/images/weather/Default/mostly_cloudy.gif</BUTTON_ICON><TOOLTIP_ICON>http://weather.conduit.com/images/weather/Tooltip/mostly_cloudy_big.gif</TOOLTIP_ICON></CURRENT_CONDITION></FORECAST>"

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar]

"Server"="users.conduit.com"

"WebServerUrl"="http://Peer2PeerFR.Media-Toolbar.com/"

"Write us link"="mailto:ayuda@shareware.pro"

"UsageURL"="http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"

"GroupingServerURL"="http://services.conduit.com/"

"MultiCommunityID"="CT2004604"

"DisplayName"="Peer2Peer-FR"

"UserID"="UN20081218181044676"

"users.conduit.com Last Login"=dword:494d48a3

"LoginCache"=dword:00000003

"PrivacyPageURL"="http://www.conduit.com/privacy/Default.aspx"

"LoginLastReplyTime"=dword:494d48a4

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\IE5]

"CabinetVisible"="FALSE"

"ExplorerVisible"="FALSE"

"FirstTime"="FALSE"

"Visible"="TRUE"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\IE5\User]

"Visible"="TRUE"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings]

"EnableSearchFromAdress"="TRUE"

"SearchFromAdressUrl"="http://search.conduit.com/ResultsExt.aspx?ctid=CT2004604&q=MYSEARCHTERM"

"FixPageNotFoundError"=dword:00000001

"MaxThreadPoolSize"=dword:00000014

"CopyDefaultData"="FALSE"

"SHRINK_TOOLBAR"=dword:00000000

"SettingsLastCheck"=dword:494d488d

"VisualLastUpdateTime"=dword:494a19e3

"SettingsLastUpdate"=dword:494a19e3

"Locale"="fr"

"LocaleAlignRTL"="FALSE"

"SettingsReloadInterval"=dword:00000078

"AllowNonPrivacyFunctions"="TRUE"

"HomePageUrl"="http://www.shareware.pro"

"AlignMode"=dword:00000002

"FixPageNotFoundErrorUrl"="http://Peer2PeerFR.Media-Toolbar.com/notfound/?actid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&url=EB_MAIN_FRAME_URL"

"EmailAccountsCopyNeeded"="FALSE"

"LanguagePackLastUpdateTime"="1228376639"

"LanguagePackLastCheck"=dword:494d4898

"LanguagePackReloadInterval"=dword:00000018

"LastEmailsCheckTime"=dword:494d5980

"CommunityUpdateLastCheck"=dword:494d49b9

"3rdPartyReloadInterval"=dword:00000018

"3rdPartyLastUpdate"=dword:494a19e3

"3rdPartyLastCheck"=dword:494d48a4

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\CommunityGroup]

"DomainsListLastUpdateTime"="1201073583"

"CommunityDetectedTooltipWidth"=dword:00000127

"CommunityDetectedTooltipHeight"=dword:00000053

"CommunityDetectedTooltipUrl"="http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"

"DomainsListLastCheckTime"=dword:494d48a1

"DomainsListCheckInterval"=dword:000000a8

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\RadioPlayer]

"ServerUrl"="http://services.conduit.com/RadioRequest.ctp"

"MediaListReloadInterval"=dword:000005a0

"PodcastReloadInterval"=dword:0000001e

"MediaListLastCheck"=dword:494d489e

"IPStationsLastUpdateTime"="3"

"ServerLastUpdateTime"="128740738596870000"

"CurrentTitle"="Rap"

"CurrentMedia"="9951"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\rss]

"http://www.leparisien.fr/une/rss.xml"=dword:494d48a1

"http://www.lefigaro.fr/rss/figaro_actualites.xml"=dword:494d48a1

"http://www.youtube.com/rss/tag/espanol.rss'>http://www.youtube.com/rss/tag/espanol.rss "=dword:494d48a2

"http://www.liberation.fr/rss/laune"=dword:494d48a2

"http://www.lemonde.fr/rss/une.xml"=dword:494d48a2

"http://www.lequipe.fr/Xml/actu_rss.xml"=dword:494d48a2

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\rss\unreadItems]

"http://www.leparisien.fr/une/rss.xml"=dword:0000001e

"http://www.lefigaro.fr/rss/figaro_actualites.xml"=dword:00000017

"http://www.youtube.com/rss/tag/espanol.rss "=dword:00000014

"http://www.liberation.fr/rss/laune"=dword:0000001e

"http://www.lemonde.fr/rss/une.xml"=dword:00000013

"http://www.lequipe.fr/Xml/actu_rss.xml"=dword:0000001e

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\Search]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\Search\Settings]

"SearchFromAddressUrl"="http://search.conduit.com/ResultsExt.aspx?ctid=EB_CTID&SearchSource=2&q=MYSEARCHTERM"

"ContextMenuSearchUrl"="http://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8"

"BackToDefaultSearchEnginePublisher"="TRUE"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\UPage]

"MyGadgetsIntervalInMinutes"=dword:000005a0

"MyGadgetsServerUrl"="http://services.MyStuff.u-page.com/MyStuffService.asmx/LegacyLogin"

"ToolbarApiTrustedDomains"="u-page.com"

"MyGadgetsLastCheckTime"=dword:494d48a4

"MyGadgetsUrl"="http://www.u-page.com/MiniIPage/?ctid=EB_TOOLBAR_ID"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\Update]

"Type"="Manual"

"LastUpdate"=dword:494d48a3

"IntervalInHours"=dword:000001f8

"ModuleURL"="http://ieupdate.conduit.com/tbedrs.dll"

"Version"="4.5.186.7"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\Weather]

"SearchServerUrl"="http://search.conduit.com/"

"CurrentForecastCity"="<SUGGESTION><CITY>Paris</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0076</LOCATION_ID></SUGGESTION>"

"HistoryForecastCity1"="<SUGGESTION><CITY>Marseille</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0059</LOCATION_ID></SUGGESTION>"

"HistoryForecastCity2"="<SUGGESTION><CITY>Lyon</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0055</LOCATION_ID></SUGGESTION>"

"HistoryForecastCity3"="<SUGGESTION><CITY>Toulouse</CITY><COUNTRY>France</COUNTRY><LOCATION_ID>FRXX0099</LOCATION_ID></SUGGESTION>"

"IFeelLuckyLastTry"=dword:494d489f

"IFeelLuckyErrCode"=dword:00000000

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Peer2Peer-FR\toolbar\settings\Weather\fr]

"LastForecastUpdateTime"=dword:494d56ad

"Forecast"="<FORECAST><LOCATION_ID>FRXX0076</LOCATION_ID><DAYS><DAY1><DATE>20081220</DATE><DAY>Samedi</DAY><F_MIN>46</F_MIN><F_MAX>N/A</F_MAX><C_MIN>7</C_MIN><C_MAX>N/A</C_MAX><UV_DESCRIPTION>Bas</UV_DESCRIPTION><UV_INDEX>1</UV_INDEX><SUNSET>4:55 pm</SUNSET><SUNRISE>8:41 am</SUNRISE><MOONRISE>1:37 am</MOONRISE><MOONSET>12:46 pm</MOONSET><MOON_PHASE>Second Quartier</MOON_PHASE><CONDITION_DESCRIPTION>Brumeux</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/foggy_big.gif</CONDITION_ICON></DAY1><DAY2><DATE>20081221</DATE><DAY>Dimanche</DAY><F_MIN>43</F_MIN><F_MAX>48</F_MAX><C_MIN>6</C_MIN><C_MAX>8</C_MAX><UV_DESCRIPTION>Bas</UV_DESCRIPTION><UV_INDEX>0</UV_INDEX><SUNSET>4:56 pm</SUNSET><SUNRISE>8:41 am</SUNRISE><MOONRISE>2:48 am</MOONRISE><MOONSET>1:03 pm</MOONSET><MOON_PHASE>Lune Décroissante</MOON_PHASE><CONDITION_DESCRIPTION>Brumeux</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/foggy_big.gif</CONDITION_ICON></DAY2><DAY3><DATE>20081222</DATE><DAY>Lundi</DAY><F_MIN>43</F_MIN><F_MAX>48</F_MAX><C_MIN>6</C_MIN><C_MAX>8</C_MAX><UV_DESCRIPTION>Bas</UV_DESCRIPTION><UV_INDEX>0</UV_INDEX><SUNSET>4:56 pm</SUNSET><SUNRISE>8:42 am</SUNRISE><MOONRISE>3:59 am</MOONRISE><MOONSET>1:23 pm</MOONSET><MOON_PHASE>Lune Décroissante</MOON_PHASE><CONDITION_DESCRIPTION>Brumeux</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/foggy_big.gif</CONDITION_ICON></DAY3></DAYS><CURRENT_CONDITION><TEMP_F>N/A</TEMP_F><TEMP_C>N/A</TEMP_C><WEATHER_TEXT/><SKY/><FEELS_LIKE_F>N/A</FEELS_LIKE_F><FEELS_LIKE_C>N/A</FEELS_LIKE_C><ICON>http://weather.conduit.com/images/weather/Default/mostly_cloudy_big.gif</ICON><BUTTON_ICON>http://weather.conduit.com/images/weather/Default/mostly_cloudy.gif</BUTTON_ICON><TOOLTIP_ICON>http://weather.conduit.com/images/weather/Tooltip/mostly_cloudy_big.gif</TOOLTIP_ICON></CURRENT_CONDITION></FORECAST>"

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\SmartShopper]

"LeftPaneTitle"="SmartShopper"

"IEButtonPaneUrl_2260D608"="http://cs.lp.SmartShopper.com/cs/cs.aspx?HBHintSVC=GeneralProduct&HBShowSearch=1&MustShowUI=1&SG=$SG$&HBDump=$PV:HBDump$&HBCountry=$PVL:usr_RCT$&partner=lp.smartshopper&UCD=$UCD$&UCDW=$UCDW$&BANNERID=$BANNERID$&REQUESTERID=$REQUESTERID$&ClntVrsn=$Ver$&AffiliateID=$AFF_ID$&RequestContext=1"

"IEButtonPaneSize_2260D608"="262"

"IEButtonPaneOrient_2260D608"="vertical"

"IEButtonPaneUrl_BCEB373D"="http://cs.lp.SmartShopper.com/cs/cs.aspx?HBHintSVC=Travel&HBShowSearch=1&MustShowUI=1&SG=$SG$&HBDump=$PV:HBDump$&HBCountry=$PVL:usr_RCT$&partner=lp.smartshopper&UCD=$UCD$&UCDW=$UCDW$&BANNERID=$BANNERID$&REQUESTERID=$REQUESTERID$&ClntVrsn=$Ver$&AffiliateID=$AFF_ID$&RequestContext=1"

"IEButtonPaneSize_BCEB373D"="262"

"IEButtonPaneOrient_BCEB373D"="vertical"

"CfgPrcs"=dword:00000000

"affid"="1000006008"

"Version"="2.5.0"

"ProductName"="SmartShopper"

"SG_Not_Set"=dword:00000001

"InstallAffid"="1000006008"

"cookies_flag"=dword:00000001

"iid"="CF978E70523C9D498AC15867BD55FFC010530F29"

"UserCreateDate"="10/29/2008 02:35:46"

"usr_RCT"="fr"

"sendIds_success"=dword:00000000

"InstallCreateDate"=dword:4908ac33

"ShowHbBand"="0"

"CfgNextTime"=dword:490900af

"CID"="7E62CE40000000000000001921E072CBE9CB1880"

"UID"="077B08EFB2727440A0B46269646E8A2684B5F426"

"Upgrade/LastChecked"=dword:4908ac4f

"ServerDeltaTime"=dword:000000d5

"ServerDeltaSet"=dword:00000001

"currentResDir"="C:\\Users\\karima\\AppData\\LocalLow\\SmartShopper\\cs\\res1"

"sg"=""

"lsrvid"="8"

"guru_sg_update"=dword:00000001

"NetworkPermission"=dword:00000002

"NavmainEliminateTime"="20000"

"GuruVersion"="1.0.2.03"

"COptions/SmartShopper/General/csOptionsSwitches"=dword:000000ff

"LDAR"=dword:00003765

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Vuze_Remote]

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Vuze_Remote\toolbar]

"Server"="users.conduit.com"

"WebServerUrl"="http://VuzeRemote.OurToolbar.com/"

"Write us link"="customer.support@vuze.com"

"UsageURL"="http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"

"GroupingServerURL"="http://services.conduit.com/"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Vuze_Remote\toolbar\IE5]

"CabinetVisible"="FALSE"

"ExplorerVisible"="FALSE"

"FirstTime"="TRUE"

"Visible"="TRUE"

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Vuze_Remote\toolbar\settings]

"EnableSearchFromAdress"="FALSE"

"SearchFromAdressUrl"="http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=MYSEARCHTERM"

"FixPageNotFoundError"=dword:00000002

 

[HKEY_CURRENT_USER\Software\AppDataLow\Software\Vuze_Remote\toolbar\settings\LanguagePack]

"LanguagePackServerUrl"="http://translation.users.conduit.com/Translation.ashx"

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\Conduit]

 

[HKEY_CURRENT_USER\Software\Conduit\AppPaths]

 

[HKEY_CURRENT_USER\Software\Conduit\AppPaths\FoxitReader.exe]

"AppPath"="C:\\Program Files\\Foxit Software\\Foxit Reader\\Foxit Reader.exe"

 

[HKEY_CURRENT_USER\Software\Conduit\AppPaths\Vuze.exe]

"AppPath"="C:\\Program Files\\Vuze\\Azureus.exe"

Modifié par conan15
conan15 Member

conan15

Posté(e)
  • Auteur
Posté(e)

Je me suis trompé. Je pense que c'est celui-ci:

 

Rapport de ZHPFix v1.12.3138 par Nicolas Coolman, Update du 25/08/2010

Fichier d'export Registre :

Run by karima at 28/08/2010 13:39:21

Web site : ZHPFix Fix de rapport

Contact : nicolascoolman@yahoo.fr

 

========== Clé(s) du Registre ==========

HKCU\Software\AppDataLow\Software\AskSBar => Clé supprimée avec succès

HKCU\Software\AppDataLow\Software\Conduit => Clé supprimée avec succès

HKCU\Software\AppDataLow\Software\PHPNukeFR => Clé supprimée avec succès

HKCU\Software\AppDataLow\Software\Peer2Peer-FR => Clé supprimée avec succès

HKCU\Software\AppDataLow\Software\SmartShopper => Clé supprimée avec succès

HKCU\Software\AppDataLow\Software\Vuze_Remote => Clé supprimée avec succès

HKCU\Software\Conduit => Clé supprimée avec succès

HKLM\Software\Conduit => Clé supprimée avec succès

HKLM\Software\PHPNukeFR => Clé supprimée avec succès

HKLM\Software\Peer2Peer-FR => Clé supprimée avec succès

HKLM\Software\Trad-FR => Clé supprimée avec succès

 

========== Valeur(s) du Registre ==========

O3 - Toolbar: (no name) - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} . (.Pas de propriétaire - Pas de description.) -- (.not file.) => Valeur supprimée avec succès

O3 - Toolbar: (no name) - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} . (.Pas de propriétaire - Pas de description.) -- (.not file.) => Valeur supprimée avec succès

O3 - Toolbar: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Pas de propriétaire - Pas de description.) -- (.not file.) => Valeur supprimée avec succès

O4 - HKCU\..\Run: [????r] Clé orpheline => Valeur absente

O4 - HKUS\S-1-5-21-2309819576-2535532102-2727766173-1000\..\Run: [????r] Clé orpheline => Valeur absente

 

========== Elément(s) de donnée du Registre ==========

O69 - SBI: SearchScopes [HKCU] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Live Search Powered by Kiwee) - http://kwtb.search.imgag.com => Donnée supprimée avec succès

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (Live Search Powered by Kiwee) - http://kwtb.search.imgag.com => Donnée supprimée avec succès

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (Live Search Powered by Kiwee) - http://kwtb.search.imgag.com => Donnée supprimée avec succès

O69 - SBI: SearchScopes [HKCU] {77EFBC34-556C-426E-B100-16739C1DDA59} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio => Donnée supprimée avec succès

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {3E6433C3-B87C-43EB-B19F-5A7CD6970E04} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio => Donnée supprimée avec succès

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {3E6433C3-B87C-43EB-B19F-5A7CD6970E04} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflow => Donnée supprimée avec succès

 

========== Dossier(s) ==========

C:\Program Files\Conduit => Supprimé et mis en quarantaine

 

 

========== Récapitulatif ==========

11 : Clé(s) du Registre

5 : Valeur(s) du Registre

6 : Elément(s) de donnée du Registre

1 : Dossier(s)

 

 

End of the scan

Florinator Extrem Member

Florinator

Posté(e)
Posté(e) (modifié)

Télécharge Antivir

Désinstalle complètement Avira Antivir.

Redémarre la machine et réinstalle Antivir en suivant ce tuto

scan ta machine et poste moi le rapport stp.

Dis moi nottament si il y a de l'amélioration dans la tenue de l'antivirus.

 

 

A++

Modifié par Florinator

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...