Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

antimalware doctor virus ( RESOLU )

fred0222

Par fred0222
dans Analyses et éradication malwares

 Partager

Messages recommandés

fred0222 Junior Member

fred0222

Posté(e)
Posté(e) (modifié)

Bonjour à tous,

 

Mon PC portable sous vista est infecté par un virus antimalware doctor depuis 2 jours, à chaque démarrage celui ci ouvre plusieurs fenêtres en me disant que mon pc est infecté.

J'ai utilisé malwarebytes il a trouvé des fichiers infectés mais ne peut pas les supprimer il se bloque et je suis obligé de fermer malwarebytes, j'ai refait une analyse en mode sans échec et là il arrive à supprimer les virus mais lorsque je démarre l'ordinateur en mode normal le virus est toujours là !

Je ne peux pas accéder à internet explorer ni à google chrome bloqués par le virus heureusement firefox fonctionne

Que dois-je faire quelqu'un peut il m'aider?

Merci d'avance pour votre aide.

Modifié par fred0222

Florinator Extrem Member

Florinator

Posté(e)
Posté(e)

Bonjour Fred :)

 

Oui je peux t'aider à supprimer cette saloperie.

Démarre en mode sans echec avec prise en charge réseaux pour faire ce scan stp:

 

 

Télécharge RSIT crée par Random/random

 

  • Enregistre le sur ton bureau
  • Double-clique dessus
  • Clique sur Continue à l'écran Disclaimer.

 

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.


  •  
  • Poste le contenu de log.txt qui sera affiché
  • Poste le contenu de info.txt qui sera réduit dans la Barre des Tâches.

 

Remarque: Les 2 rapports se situent aussi dans C:/Rsit

 

A++

fred0222 Junior Member

fred0222

Posté(e)
  • Auteur
Posté(e)

salut florinator voici le contenu log :

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by mélodie at 2010-08-28 16:59:00

Microsoft® Windows Vista Édition Familiale Basique Service Pack 1

System drive C: has 23 GB (41%) free of 57 GB

Total RAM: 1915 MB (61% free)

 

HijackThis download failed

 

======Scheduled tasks folder======

 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\User_Feed_Synchronization-{7D084DFF-677B-46C3-9BB0-55332F1104D9}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-29 814648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-07 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-03-07 149280]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]

"NDSTray.exe"=NDSTray.exe []

"cfFncEnabler.exe"=cfFncEnabler.exe []

"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-15 30192]

"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]

"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]

"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-25 150040]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-25 170520]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-25 145944]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-08 6037504]

"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]

"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]

"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]

"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816]

"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-05-09 716800]

"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]

"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-06-09 98304]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"=TOSCDSPD.EXE []

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-13 68856]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]

"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-01-26 1724728]

"DirectPlayerCore"=C:\Program Files\NBC Direct\DirectPlayerCore.exe [2009-11-11 1150016]

"awsorcmnex.exe"=C:\Users\mélodie\AppData\Local\Temp\awsorcmnex.exe []

"rjkcvueiwbulw"=c:\users\mélodie\appdata\local\idntakhg\nmjikkj.exe [2010-08-26 265216]

"newsecureapp70700.exe"=C:\Users\mélodie\AppData\Roaming\1F118278F43AABF7029CCA98003085DB\newsecureapp70700.exe [2010-08-26 1063424]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^mélodie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]

C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^mélodie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]

C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-12-15 384000]

 

C:\Users\mélodie\AppData\Local\Windows

winhelp.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-08-28 16:56:35 ----D---- C:\Program Files\trend micro

2010-08-28 16:56:34 ----D---- C:\rsit

2010-08-28 14:41:48 ----A---- C:\Windows\ntbtlog.txt

2010-08-28 00:56:05 ----D---- C:\Program Files\Enigma Software Group

2010-08-28 00:55:54 ----D---- C:\Windows\95431C66CF9A4913BFFF6050785AFB65.TMP

2010-08-28 00:41:33 ----D---- C:\Program Files\ZHPDiag

2010-08-28 00:09:11 ----A---- C:\Ad-Report-SCAN[1].txt

2010-08-27 23:30:39 ----A---- C:\Ad-Report-CLEAN[2].txt

2010-08-27 22:20:42 ----A---- C:\Ad-Report-CLEAN[1].txt

2010-08-27 22:20:32 ----D---- C:\Program Files\Ad-Remover

2010-08-27 18:54:23 ----D---- C:\Users\mélodie\AppData\Roaming\Malwarebytes

2010-08-27 18:54:14 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

2010-08-27 18:54:12 ----D---- C:\ProgramData\Malwarebytes

2010-08-27 18:54:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-08-27 18:54:11 ----A---- C:\Windows\system32\drivers\mbam.sys

2010-08-26 23:36:43 ----D---- C:\Users\mélodie\AppData\Roaming\1F118278F43AABF7029CCA98003085DB

2010-08-24 18:40:29 ----D---- C:\ProgramData\WindowsSearch

2010-08-23 18:22:12 ----A---- C:\Windows\system32\win32k.sys

2010-08-23 18:22:09 ----A---- C:\Windows\system32\ntkrnlpa.exe

2010-08-23 18:22:08 ----A---- C:\Windows\system32\ntoskrnl.exe

2010-08-23 18:19:18 ----A---- C:\Windows\system32\shell32.dll

2010-08-23 17:57:09 ----A---- C:\Windows\system32\mshtml.dll

2010-08-23 17:57:09 ----A---- C:\Windows\system32\iertutil.dll

2010-08-23 17:57:08 ----A---- C:\Windows\system32\ieframe.dll

2010-08-23 17:57:07 ----A---- C:\Windows\system32\wininet.dll

2010-08-23 17:57:07 ----A---- C:\Windows\system32\urlmon.dll

2010-08-23 17:57:07 ----A---- C:\Windows\system32\msfeeds.dll

2010-08-23 17:57:07 ----A---- C:\Windows\system32\iedkcs32.dll

2010-08-23 17:57:07 ----A---- C:\Windows\system32\ie4uinit.exe

2010-08-23 17:57:06 ----A---- C:\Windows\system32\occache.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\mstime.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\msfeedssync.exe

2010-08-23 17:57:06 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\jsproxy.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\ieUnatt.exe

2010-08-23 17:57:06 ----A---- C:\Windows\system32\ieui.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\iesysprep.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\iesetup.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\iernonce.dll

2010-08-23 17:57:06 ----A---- C:\Windows\system32\iepeers.dll

2010-08-23 17:46:52 ----A---- C:\Windows\system32\iccvid.dll

2010-08-23 17:46:10 ----A---- C:\Windows\system32\rtutils.dll

2010-08-23 17:45:48 ----A---- C:\Windows\system32\msxml3.dll

2010-08-23 17:45:47 ----A---- C:\Windows\system32\drivers\srv2.sys

2010-08-23 17:45:47 ----A---- C:\Windows\system32\drivers\srv.sys

2010-08-23 17:43:13 ----A---- C:\Windows\system32\drivers\tcpip.sys

2010-08-23 17:39:53 ----A---- C:\Windows\system32\schannel.dll

2010-07-30 21:50:41 ----D---- C:\Users\mélodie\AppData\Roaming\AVS4YOU

2010-07-30 21:49:00 ----D---- C:\Program Files\Common Files\AVSMedia

2010-07-30 21:48:21 ----A---- C:\Windows\system32\msxml3a.dll

2010-07-30 21:48:21 ----A---- C:\Windows\system32\msvcr70.dll

2010-07-30 21:48:21 ----A---- C:\Windows\system32\msvcp70.dll

2010-07-30 21:48:21 ----A---- C:\Windows\system32\mfc70.dll

2010-07-30 21:48:21 ----A---- C:\Windows\system32\GdiPlus.dll

2010-07-30 21:48:20 ----D---- C:\ProgramData\AVS4YOU

2010-07-30 21:48:20 ----D---- C:\Program Files\AVS4YOU

2010-07-30 19:24:16 ----D---- C:\Program Files\VideoConverter

2010-07-30 18:26:20 ----D---- C:\Users\mélodie\AppData\Roaming\FreeVideoConverter

2010-07-30 18:26:20 ----D---- C:\Program Files\Free Video Converter

 

======List of files/folders modified in the last 1 months======

 

2010-08-28 16:56:35 ----RD---- C:\Program Files

2010-08-28 16:55:45 ----AD---- C:\Windows\System32

2010-08-28 16:55:45 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-08-28 16:55:44 ----D---- C:\Windows\inf

2010-08-28 16:54:49 ----D---- C:\Program Files\Mozilla Firefox

2010-08-28 16:50:06 ----D---- C:\Windows\Temp

2010-08-28 16:44:24 ----D---- C:\Windows\Prefetch

2010-08-28 14:43:06 ----SHD---- C:\Windows\Installer

2010-08-28 14:41:48 ----D---- C:\Windows

2010-08-28 00:55:54 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2010-08-27 22:02:52 ----D---- C:\Windows\system32\drivers

2010-08-27 22:02:52 ----D---- C:\Windows\Performance

2010-08-27 18:54:12 ----HD---- C:\ProgramData

2010-08-27 01:23:02 ----SHD---- C:\System Volume Information

2010-08-27 01:20:39 ----D---- C:\Users\mélodie\AppData\Roaming\OfferBox

2010-08-27 01:19:57 ----HD---- C:\Program Files\InstallShield Installation Information

2010-08-27 01:19:46 ----D---- C:\Program Files\Microsoft Games

2010-08-27 01:16:38 ----D---- C:\Users\mélodie\AppData\Roaming\Skype

2010-08-27 01:16:24 ----D---- C:\Users\mélodie\AppData\Roaming\skypePM

2010-08-27 00:50:22 ----D---- C:\Program Files\Fluendo

2010-08-27 00:08:00 ----D---- C:\Windows\Debug

2010-08-26 20:56:26 ----D---- C:\Users\mélodie\AppData\Roaming\dvdcss

2010-08-26 18:02:25 ----D---- C:\Users\mélodie\AppData\Roaming\NBC Direct

2010-08-26 13:04:05 ----D---- C:\ProgramData\PMB Files

2010-08-25 19:07:25 ----D---- C:\Windows\Microsoft.NET

2010-08-25 19:06:57 ----RSD---- C:\Windows\assembly

2010-08-25 16:09:22 ----D---- C:\Windows\winsxs

2010-08-25 11:54:35 ----D---- C:\Program Files\Microsoft Works

2010-08-25 11:51:43 ----D---- C:\Windows\system32\catroot

2010-08-25 11:51:42 ----D---- C:\Windows\system32\catroot2

2010-08-25 00:15:28 ----D---- C:\Windows\system32\migration

2010-08-25 00:15:28 ----D---- C:\Program Files\Internet Explorer

2010-08-25 00:15:25 ----D---- C:\Program Files\Movie Maker

2010-08-24 18:19:27 ----D---- C:\ProgramData\Microsoft Help

2010-08-24 18:18:45 ----D---- C:\Program Files\Windows Mail

2010-08-24 00:14:39 ----D---- C:\Users\mélodie\AppData\Roaming\moovida-1

2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe

2010-07-31 17:12:19 ----D---- C:\Program Files\Picasa2

2010-07-30 21:49:00 ----D---- C:\Program Files\Common Files

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]

R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-07-18 279376]

R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]

R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]

R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]

R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]

R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]

S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

S1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

S1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

S2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]

S2 irda;Protocole IrDA; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]

S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]

S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]

S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]

S3 irsir;Pilote série infrarouge Microsoft; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-21 20992]

S3 k600bus;Sony Ericsson 600i driver (WDM); C:\Windows\system32\DRIVERS\k600bus.sys [2005-05-11 52384]

S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k600mdfl.sys [2005-05-11 6096]

S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k600mdm.sys [2005-05-11 87456]

S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\k600mgmt.sys [2005-05-11 79248]

S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k600obex.sys [2005-05-11 77072]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-04-02 62976]

S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-11-16 131984]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]

S2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-30 133104]

S2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]

S2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]

S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]

S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]

S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-02-06 126976]

S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-15 30192]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-06 182768]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

 

-----------------EOF-----------------

 

et le contenu info:

 

info.txt logfile of random's system information tool 1.08 2010-08-28 16:56:39

 

======Uninstall list======

 

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}

-->"C:\Program Files\MGI\MGI PhotoSuite II\System\MGIUninstall.exe" C:\Windows\IsUn040c.exe -f"C:\Program Files\MGI\MGI PhotoSuite II\Uninst.isu" -y -c"C:\Program Files\MGI\MGI PhotoSuite II\System\CustomUninstall.dll"

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c

Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

Adobe Acrobat Reader 3.01-->C:\Windows\unin040c.exe -fC:\Acrobat3\Reader\DeIsL1.isu

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Photoshop Album 2.0 Edition Découverte-->MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}

Adobe Reader 9.3.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}

Ad-Remover By C_XX-->C:\Program Files\Ad-Remover\Uninstall.exe

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c

Fissa-->C:\Users\mélodie\AppData\Roaming\FissaSearch\FissaUninstaller.exe /quiet

Google Chrome-->"C:\Program Files\Google\Chrome\Application\5.0.375.127\Installer\setup.exe" --uninstall --system-level

Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall

Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall

Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}

Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Manuels TOSHIBA-->C:\Program Files\InstallShield Installation Information\{5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}\setup.exe -runfromtemp -l0x040c -removeonly

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile FRA Language Pack-->MsiExec.exe /X{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}

Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}

Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}

Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}

Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

Module linguistique Microsoft .NET Framework 4 Client Profile FRA-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1036 /parameterfolder ClientLP

Mozilla Firefox (3.5.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe

PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"

Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"

QuickTime-->C:\Windows\unvise32qt.exe C:\Windows\system32\QuickTime\Uninstall.log

Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly

REALTEK RTL8187B Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0x40C

Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9 -removeonly

Realtek WiFi Protected Setup Library-->C:\Program Files\InstallShield Installation Information\{02CA24DD-C8B0-4280-BE53-7862869C2EB1}\Install.exe -uninst -l0x40C

Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly

Search Settings v1.2.3-->MsiExec.exe /X{5F05C28D-DEA9-4AD6-A73A-064175988EAB}

Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}

Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}

Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}

Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb

Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb

Skype 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x040c -removeonly

TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}

TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}

TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x040c -ADDREMOVE -removeonly

TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c

TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x040c -removeonly

TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}

TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2883F6F5-0509-43F3-868C-D50330DD9DD3}\setup.exe" -l0x40c

Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly

TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}

TOSHIBA Software Modem-->Tosmreg -U

TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}\setup.exe" -l0x40c

Toshiba TEMPRO-->MsiExec.exe /X{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}

TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c

TRDCReminder-->C:\Program Files\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x040c

TRORDCLauncher-->C:\Program Files\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x040c

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}

VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}

VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}

Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

ZHPDiag 1.26-->"C:\Program Files\ZHPDiag\unins000.exe"

 

======Security center information======

 

AS: Windows Defender

 

======System event log======

 

Computer Name: PC

Event Code: 10005

Message: DCOM a reçu l'erreur "1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur :

{1BE1F766-5536-11D1-B726-00C04FB926AF}

Record Number: 176522

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20100828145135.000000-000

Event Type: Erreur

User:

 

Computer Name: PC

Event Code: 10005

Message: DCOM a reçu l'erreur "1084" lors de la mise en route du service WSearch avec les arguments "" pour démarrer le serveur :

{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Record Number: 176523

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20100828145137.000000-000

Event Type: Erreur

User:

 

Computer Name: PC

Event Code: 10005

Message: DCOM a reçu l'erreur "1084" lors de la mise en route du service WSearch avec les arguments "" pour démarrer le serveur :

{9E175B6D-F52A-11D8-B9A5-505054503030}

Record Number: 176524

Source Name: Microsoft-Windows-DistributedCOM

Time Written: 20100828145137.000000-000

Event Type: Erreur

User:

 

Computer Name: PC

Event Code: 7001

Message: Le service Explorateur d'ordinateurs dépend du service Serveur qui n'a pas pu démarrer en raison de l'erreur :

Le service ou le groupe de dépendance n'a pas pu démarrer.

Record Number: 176541

Source Name: Service Control Manager

Time Written: 20100828145239.000000-000

Event Type: Erreur

User:

 

Computer Name: PC

Event Code: 7026

Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :

avgio

avipbb

spldr

ssmdrv

Wanarpv6

Record Number: 176551

Source Name: Service Control Manager

Time Written: 20100828145239.000000-000

Event Type: Erreur

User:

 

=====Application event log=====

 

Computer Name: PC

Event Code: 6000

Message: L’abonné aux notifications Winlogon <GPClient> n’était pas disponible pour traiter un événement de notification.

Record Number: 21014

Source Name: Microsoft-Windows-Winlogon

Time Written: 20100828143654.000000-000

Event Type: Avertissement

User:

 

Computer Name: PC

Event Code: 10

Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Record Number: 21031

Source Name: Microsoft-Windows-WMI

Time Written: 20100828143918.000000-000

Event Type: Erreur

User:

 

Computer Name: PC

Event Code: 6000

Message: L’abonné aux notifications Winlogon <GPClient> n’était pas disponible pour traiter un événement de notification.

Record Number: 21047

Source Name: Microsoft-Windows-Winlogon

Time Written: 20100828145127.000000-000

Event Type: Avertissement

User:

 

Computer Name: PC

Event Code: 4609

Message: Le système d'événements de COM+ a détecté un code de renvoi erroné lors de son traitement interne. Le HRESULT est 8007043c à partir de la ligne 45 de d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp. Contactez les services de support technique Microsoft pour signaler cette erreur.

Record Number: 21049

Source Name: Microsoft-Windows-EventSystem

Time Written: 20100828145135.000000-000

Event Type: Erreur

User:

 

Computer Name: PC

Event Code: 10

Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Record Number: 21052

Source Name: Microsoft-Windows-WMI

Time Written: 20100828145238.000000-000

Event Type: Erreur

User:

 

=====Security event log=====

 

Computer Name: PC

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 30055

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100307132311.191000-000

Event Type: Échec de l'audit

User:

 

Computer Name: PC

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 30056

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100307132311.191000-000

Event Type: Échec de l'audit

User:

 

Computer Name: PC

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 30057

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100307132626.051000-000

Event Type: Échec de l'audit

User:

 

Computer Name: PC

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 30058

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100307132658.285000-000

Event Type: Échec de l'audit

User:

 

Computer Name: PC

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 30059

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100307132934.056000-000

Event Type: Échec de l'audit

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel

"PROCESSOR_REVISION"=0f0d

"NUMBER_OF_PROCESSORS"=2

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"SAFEBOOT_OPTION"=NETWORK

 

-----------------EOF-----------------

Florinator Extrem Member

Florinator

Posté(e)
Posté(e)

Re :)

 

Aller, on va attaquer tout ça:

 

 

 

1

 

Télécharge sur le bureau OTM crée par de Old_Timer

 

  • Enregistre-le sur ton Bureau.
  • Double-clique dessus.
  • Copie la liste qui se trouve dans la zone code ci-dessous et colle-la dans le cadre de gauche sous "Paste instructions for Items to be Moved".

 

go

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"awsorcmnex.exe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"rjkcvueiwbulw"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"newsecureapp70700.exe"=-

:Files
C:\Users\mélodie\AppData\Local\Temp\awsorcmnex.exe 
c:\users\mélodie\appdata\local\idntakhg\nmjikkj.exe
C:\Users\mélodie\AppData\Roaming\1F118278F43AABF7029CCA98003085DB

:Commands 
[emptytemp]

 

 

  • Clique sur "MoveIt!" pour lancer la suppression. Le résultat apparaitra alors dans le cadre "Results"
  • Copie/Colle ce résultat
  • Clique sur Exit pour fermer.

 

Remarque: Il est possible qu'il te soit demandé de redémarrer ton ordinateur pour supprimer les fichiers,ce redémarrage peut être plus long qu’à l’accoutumé.Accepte et dans ce cas, après redémarrage, tu trouveras justement le rapport dans le dossier CC:\_OTM\MovedFiles\date/heure suppression.log .

 

  • Si ton Bureau ne réapparaît pas:
    - Fais CTRL+ALT+SUPP pour ouvrir le Gestionnaire de tâches.
    - Clique en haut à gauche sur "Fichier"
    - Choisi "Nouvelle tâche" (Exécuter ...)
    - Tape "explorer" et valide.
    - Cela fera apparaître ton Bureau.

 

 

 

 

 

2

 

Si MBAM est déjà installé supprime le au préalable:

 

Télécharge MBAM

 

  • Installe le
  • Lance l'outil
  • Coche "Executer un examen complet"
  • Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
  • Clique sur Supprimer la sélection
  • Pour poster le rapport clique sur l'onglet Rapports/Log et
  • Sélectionne celui t'intéresse et clique sur Ouvrir
  • Fait copier coller et poste le rapport stp

 

A++

fred0222 Junior Member

fred0222

Posté(e)
  • Auteur
Posté(e)

alors voici le rapport apres OTM

 

All processes killed

Error: Unable to interpret <go> in the current context!

========== REGISTRY ==========

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\awsorcmnex.exe deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\rjkcvueiwbulw deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\newsecureapp70700.exe deleted successfully.

========== FILES ==========

File/Folder C:\Users\mélodie\AppData\Local\Temp\awsorcmnex.exe not found.

c:\users\mélodie\appdata\local\idntakhg\nmjikkj.exe moved successfully.

C:\Users\mélodie\AppData\Roaming\1F118278F43AABF7029CCA98003085DB folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: mélodie

->Temp folder emptied: 21928779 bytes

->Temporary Internet Files folder emptied: 6914608 bytes

->Java cache emptied: 40763838 bytes

->FireFox cache emptied: 34859314 bytes

->Google Chrome cache emptied: 856432 bytes

->Flash cache emptied: 6015 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 1090055 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1404 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 16620108 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 117,00 mb

 

 

OTM by OldTimer - Version 3.1.15.0 log created on 08282010_172621

 

puis le rapport apres MBAM

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4494

 

Windows 6.0.6001 Service Pack 1 (Safe Mode)

Internet Explorer 8.0.6001.18943

 

28/08/2010 18:56:36

mbam-log-2010-08-28 (18-56-36).txt

 

Type d'examen: Examen complet (C:\|E:\|)

Elément(s) analysé(s): 246712

Temps écoulé: 47 minute(s), 57 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 2

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 8

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\Program Files\Ad-Remover\Quarantine\C\Program Files\Dealio Toolbar\WidgiHelper.exe.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

C:\Program Files\Ad-Remover\Quarantine\C\Program Files\Dealio Toolbar\FF\components\dealioToolbarFF.dll.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

C:\Program Files\Ad-Remover\Quarantine\C\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

C:\Users\mélodie\AppData\Local\Windows\winhelp.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

C:\Users\mélodie\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

C:\_OTM\MovedFiles\08282010_172621\c_users\mélodie\appdata\local\idntakhg\nmjikkj.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

C:\_OTM\MovedFiles\08282010_172621\c_users\mélodie\appdata\Roaming\1F118278F43AABF7029CCA98003085DB\newsecureapp70700.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

C:\Users\mélodie\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.

Florinator Extrem Member

Florinator

Posté(e)
Posté(e) (modifié)

Ok parfait :super:

Tu as dû récupérer quelques fonctionnalités?

Tu peux vider la quarantaine de Mbam.

 

Télécharge ZHPDiag crée par Nicolas Coolman

 

  • Enregistre le sur ton bureau
  • Double clique sur l'icône
  • Suis les instructions à l'ecran
  • Clique sur loupe.jpg pour lancer l'analyse
  • Clique sur PanelCopierPP.jpg pour copier le rapport
  • Puis colle le dans ta prochaine réponses
  • Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

 

A++

Modifié par Florinator
fred0222 Junior Member

fred0222

Posté(e)
  • Auteur
Posté(e)

Rapport de ZHPDiag v1.26.544 par Nicolas Coolman, Update du 24/08/2010

Run by mélodie at 28/08/2010 21:33:20

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18943

MFIE: Mozilla Firefox (3.5.9)

 

---\\ System Information

Platform : Windows Vista Home Basic (6.0.6001) Service Pack 1

Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

Operating System: 32 Bits

Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)

Total RAM: 1915 MB (71% free)

System drive C: has 23 GB (40%) free of 56 GB

 

---\\ Logged in mode

Computer Name: PC

User Name: mélodie

All Users Names: mélodie, Administrateur,

Unselected Option: O1,O45,O61,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 56 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 55 Go)

F:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

 

 

---\\ Processus lancés

[MD5.0429A22099A6E22A4F0542026C58A4E0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [908248]

[MD5.88753AA5F0444890CFD253BF20953DAA] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [546816]

 

 

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\libdivx.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll

P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Pando Networks - Pando Web Installer.) -- C:\Program Files\Mozilla Firefox\Plugins\npPandoWebInst.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\ssldivx.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa3.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@nbc.com/DirectPlayer] - (.NBC Universal - NBC Direct Firefox Plugin.) -- C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 2.6.1f3.) -- C:\Users\mélodie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe

O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O4 - HKLM\..\Run: [Google EULA Launcher] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe

O4 - HKLM\..\Run: [Toshiba TEMPO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe

O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe

O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe

O4 - HKLM\..\Run: [smoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - HKCU\..\Run: [DirectPlayerCore] . (.NBC Universal - NBC Direct.) -- C:\Program Files\NBC Direct\DirectPlayerCore.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-21-1859143292-2799626838-472150575-1000\..\Run: [TOSCDSPD] TOSCDSPD.EXE

O4 - HKUS\S-1-5-21-1859143292-2799626838-472150575-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-1859143292-2799626838-472150575-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-1859143292-2799626838-472150575-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - HKUS\S-1-5-21-1859143292-2799626838-472150575-1000\..\Run: [DirectPlayerCore] . (.NBC Universal - NBC Direct.) -- C:\Program Files\NBC Direct\DirectPlayerCore.exe

O4 - Global Startup: IMVU.lnk . (.Pas de propriétaire - Pas de description.) -- C:\Users\mélodie\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} . (.Pas de propriétaire - Pas de description.) -- c:\toshiba\Webshops\ebay.ico

O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} . (.Pas de propriétaire - Pas de description.) -- c:\toshiba\Webshops\amazon.ico

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{67DA74FF-A07F-4B74-A89F-D65F326E866D}: DhcpNameServer = 212.27.40.241 212.27.40.242

O17 - HKLM\System\CS1\Services\Tcpip\..\{67DA74FF-A07F-4B74-A89F-D65F326E866D}: DhcpNameServer = 212.27.40.241 212.27.40.242

O17 - HKLM\System\CS3\Services\Tcpip\..\{67DA74FF-A07F-4B74-A89F-D65F326E866D}: DhcpNameServer = 212.27.40.241 212.27.40.242

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.242

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{7D084DFF-677B-46C3-9BB0-55332F1104D9}.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{8AA6CB35-67D7-45A2-B1F4-C87EC19E4522} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\Windows\system32\Macromed\Flash\Flash10c.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: Realtke RtlProt WLAN Utility Protocol Driver (RtlProt) . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - C:\Windows\system32\DRIVERS\rtlprot.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites

O42 - Logiciel: Adobe Acrobat Reader 3.01 - (.Pas de propriétaire.) [HKLM] -- Adobe Acrobat Reader 3.01

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Photoshop Album 2.0 Edition Découverte - (.Adobe Systems, Inc..) [HKLM] -- {11B569C2-4BF6-4ED0-9D17-A4273943CB24}

O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}

O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}

O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}

O42 - Logiciel: Fissa - (.Secure Digital Services.) [HKLM] -- Fissa

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: IDM Flash 4.4.0.468 - (.Internet Direct Media.) [HKCU] -- idm_flash

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI

O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}

O42 - Logiciel: Java 6 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160060}

O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware

O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox (3.5.9) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.9)

O42 - Logiciel: NBC Direct - (.NBC Universal.) [HKCU] -- NBC Direct

O42 - Logiciel: OpenOffice.org 3.0 - (.OpenOffice.org.) [HKLM] -- {6860B340-530D-46B3-91F8-1AE1F70F7C33}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime

O42 - Logiciel: REALTEK RTL8187B Wireless LAN Driver - (.Pas de propriétaire.) [HKLM] -- {895722FE-25FE-4854-95AC-B0C42F9DBEDA}

O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}

O42 - Logiciel: Realtek WiFi Protected Setup Library - (.REALTEK Semiconductor Corp..) [HKLM] -- {02CA24DD-C8B0-4280-BE53-7862869C2EB1}

O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}

O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5857EE21-03D0-482E-9620-5A30B314A2AE}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E8766951-2B6C-4022-86E8-80D2D1762B76}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7E9103DA-253F-41FF-9E83-7C83806C77DA}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.) [HKLM] -- KB954156

O42 - Logiciel: Security Update for Windows Media Encoder (KB979332) - (.Microsoft Corporation.) [HKLM] -- KB979332

O42 - Logiciel: Skype 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}

O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}

O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}

O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}

O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- {C730E42C-935A-45BB-A0C5-37E5234D111B}

O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3}

O42 - Logiciel: TOSHIBA Recovery Disc Creator - (.TOSHIBA.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}

O42 - Logiciel: TOSHIBA Software Modem - (.Agere Systems.) [HKLM] -- TOSHIBA Software Modem

O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}

O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}

O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}

O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}

O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}

O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ Local AppWizard-Generated Applications]

[HKCU\Software\ALWIL Software]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\Unity]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Avira]

[HKCU\Software\Binary Noise]

[HKCU\Software\Boonty]

[HKCU\Software\Bugsplat]

[HKCU\Software\CEC_CM_SW]

[HKCU\Software\Classes.crx]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\DeterministicNetworks]

[HKCU\Software\DivXNetworks]

[HKCU\Software\FissaSearch]

[HKCU\Software\GameHouse]

[HKCU\Software\Google]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\Intenium]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\LeaderTech]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MGI]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MimarSinan]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NBCU]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\OfferBox]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Pando Networks]

[HKCU\Software\Piriform]

[HKCU\Software\PlayfulAge]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Skype]

[HKCU\Software\Spointer]

[HKCU\Software\Synaptics]

[HKCU\Software\TOSHIBA]

[HKCU\Software\Trolltech]

[HKCU\Software\Ulead Systems]

[HKCU\Software\Unity]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\Zylom]

[HKCU\Software\keyhole.com]

[HKCU\Software\wnxmal]

[HKLM\Software\ALWIL Software]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Agere]

[HKLM\Software\America Online]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Avira]

[HKLM\Software\Cheat Engine]

[HKLM\Software\Chicony Electronics Co.,Ltd.]

[HKLM\Software\Cisco Systems]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Debug]

[HKLM\Software\DeterministicNetworks]

[HKLM\Software\DivXNetworks]

[HKLM\Software\Dtday]

[HKLM\Software\Electronic Arts]

[HKLM\Software\EnigmaSoftwareGroup]

[HKLM\Software\Ericsson]

[HKLM\Software\Google]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Lucent]

[HKLM\Software\MGI]

[HKLM\Software\Macromedia]

[HKLM\Software\Maxis]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NBCU]

[HKLM\Software\ODBC]

[HKLM\Software\OldTimer Tools]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\Pando Networks]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek USB 2.0 Card Reader]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLan]

[HKLM\Software\SOFTWARE]

[HKLM\Software\SRS Labs]

[HKLM\Software\Skype]

[HKLM\Software\Sony Ericsson]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\Sys Modules]

[HKLM\Software\TOSHIBA]

[HKLM\Software\Toshiba Tempo]

[HKLM\Software\Ulead Systems]

[HKLM\Software\VideoLAN]

[HKLM\Software\WOW6432Node]

[HKLM\Software\Waves Audio]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Yahoo]

[HKLM\Software\mozilla.org]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\2.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites

O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Remover

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\AVS4YOU

O43 - CFD:Common File Directory ----D- C:\Program Files\Camera Assistant Software for Toshiba

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine

O43 - CFD:Common File Directory ----D- C:\Program Files\Cisco Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\directx

O43 - CFD:Common File Directory ----D- C:\Program Files\DivX

O43 - CFD:Common File Directory ----D- C:\Program Files\DivX Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Enigma Software Group

O43 - CFD:Common File Directory ----D- C:\Program Files\Feneris

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Fluendo

O43 - CFD:Common File Directory ----D- C:\Program Files\Free Video Converter

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\JRE

O43 - CFD:Common File Directory ----D- C:\Program Files\ltmoh

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee Security Scan

O43 - CFD:Common File Directory ----D- C:\Program Files\MGI

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ---AD- C:\Program Files\NBC Direct

O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD:Common File Directory ----D- C:\Program Files\Pando Networks

O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre

O43 - CFD:Common File Directory ----D- C:\Program Files\Picasa2

O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory R---D- C:\Program Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics

O43 - CFD:Common File Directory ----D- C:\Program Files\TOSHIBA

O43 - CFD:Common File Directory ----D- C:\Program Files\Toshiba TEMPRO

O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro

O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoConverter

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Components

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Toshiba Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ulead Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data

O43 - CFD:Common File Directory ----D- C:\ProgramData\Ashtons Family Resort

O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira

O43 - CFD:Common File Directory ----D- C:\ProgramData\AVS4YOU

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau

O43 - CFD:Common File Directory ----D- C:\ProgramData\CasualForge

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites

O43 - CFD:Common File Directory ----D- C:\ProgramData\GameHouse

O43 - CFD:Common File Directory ----D- C:\ProgramData\Google

O43 - CFD:Common File Directory ----D- C:\ProgramData\Intenium

O43 - CFD:Common File Directory ----D- C:\ProgramData\IsolatedStorage

O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes

O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee

O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee Security Scan

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles

O43 - CFD:Common File Directory ----D- C:\ProgramData\NBC Direct

O43 - CFD:Common File Directory ----D- C:\ProgramData\Norton

O43 - CFD:Common File Directory ----D- C:\ProgramData\NortonInstaller

O43 - CFD:Common File Directory ----D- C:\ProgramData\PlayFirst

O43 - CFD:Common File Directory ----D- C:\ProgramData\PlayfulAge

O43 - CFD:Common File Directory ----D- C:\ProgramData\PMB Files

O43 - CFD:Common File Directory ----D- C:\ProgramData\QuickTime

O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu

O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates

O43 - CFD:Common File Directory ----D- C:\ProgramData\Toshiba

O43 - CFD:Common File Directory ----D- C:\ProgramData\ToshibaEurope

O43 - CFD:Common File Directory ----D- C:\ProgramData\Ulead Systems

O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch

O43 - CFD:Common File Directory ----D- C:\ProgramData\Zylom

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Toshiba Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ulead Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.87823C4974B0BDA30AF32ECD6A6458B9] - 28/08/2010 - 18:03:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1495948]

O44 - LFC:[MD5.3E91A8F3191953A1CB8359A5AEFA2B54] - 28/08/2010 - 18:03:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [103460]

O44 - LFC:[MD5.D754E34167C65795CADB0211357A1F50] - 28/08/2010 - 18:03:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [126042]

O44 - LFC:[MD5.5149911254C464B7C1AD6A5C3BD93BCB] - 28/08/2010 - 18:03:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [595386]

O44 - LFC:[MD5.2F0049BD7067734ED6956AC3E974FF25] - 28/08/2010 - 18:03:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [678056]

O44 - LFC:[MD5.532285031FADC4E23196FF59F4D907E3] - 28/08/2010 - 17:59:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [419880]

O44 - LFC:[MD5.4507753A779E51C660B941C92FC78D1B] - 28/08/2010 - 17:58:39 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 28/08/2010 - 17:06:31 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 28/08/2010 - 17:06:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.E96D136A1980DB65173DD0F726DD1EF9] - 28/08/2010 - 16:35:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [346]

O44 - LFC:[MD5.52D580E07C43E265BD86E6EA31836433] - 28/08/2010 - 15:50:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [3216]

O44 - LFC:[MD5.52D580E07C43E265BD86E6EA31836433] - 28/08/2010 - 15:50:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [3216]

O44 - LFC:[MD5.5BFD0671FC4E247850DAA832FAF7525E] - 28/08/2010 - 15:50:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [39979]

O44 - LFC:[MD5.57BF2F6454C05E9055B80B2E8ACBDFEE] - 28/08/2010 - 00:26:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [342136]

O44 - LFC:[MD5.37B0EC7BBDE637B997DCEDB071F64C89] - 27/08/2010 - 23:11:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [2693]

O44 - LFC:[MD5.52ADCCC0C6206832E5F764A5CDAEE4C1] - 27/08/2010 - 22:32:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[2].txt [2754]

O44 - LFC:[MD5.F80B2B68002ADB19673B086DA1EEDD4F] - 27/08/2010 - 21:35:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\QTFont.for [1409]

O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 27/08/2010 - 21:35:09 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\QTFont.qfn [54156]

O44 - LFC:[MD5.33FDAC83E1537521A56AC55F4E1C822B] - 27/08/2010 - 21:22:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [6847]

O44 - LFC:[MD5.0BA29E7DAF836AB1D9AA69164DC78560] - 23/08/2010 - 16:46:52 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [81920]

 

 

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{3f060693-6bc6-11df-b27a-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoGEt.eXE (.not file.)

O51 - MPSK:{729310f7-ea2a-11de-ba83-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe winrun.vbs (.not file.)

O51 - MPSK:{d41793f8-3327-11df-b52d-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- ba.exe (.not file.)

O51 - MPSK:{e5e3c9a9-5c36-11df-8baa-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- wyskq6lt.exe (.not file.)

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.CE91B158FA490CF4C4D487A4130F4660] - 28/11/2006 - 15:11:00 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2009 - 11:19:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 05/10/2006 - 03:42:42 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys

O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 05/10/2006 - 03:42:42 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys

O58 - SDL:[MD5.B5ECADF7708960F1818C7FA015F4C239] - 18/01/2007 - 18:28:02 ---A- . (.Cisco Systems, Inc. - Cisco Systems VPN Adapter.) -- C:\Windows\system32\drivers\CVirtA.sys

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.B5AA5AA5AC327BD7C1AEC0C58F0C1144] - 16/11/2008 - 18:39:44 ---A- . (.Deterministic Networks, Inc. - Deterministic Network Enhancer.) -- C:\Windows\system32\drivers\dne2000.sys

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.CBC22823628544735625B280665E434E] - 20/11/2006 - 13:11:14 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 32-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys

O58 - SDL:[MD5.DB0CC620B27A928D968C1A1E9CD9CB87] - 15/04/2008 - 17:53:44 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.6FB1858D1F0923D122B0331865695041] - 12/06/2008 - 17:43:16 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys

O58 - SDL:[MD5.53D606019BB0F0C6B3E6EC9D2E0F7622] - 11/05/2005 - 12:12:11 ---A- . (.MCCI - Sony Ericsson 600i Driver.) -- C:\Windows\system32\drivers\k600bus.sys

O58 - SDL:[MD5.72315EFA8E1013FD70709FD16E995AF0] - 11/05/2005 - 12:12:12 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\k600cm.sys

O58 - SDL:[MD5.72315EFA8E1013FD70709FD16E995AF0] - 11/05/2005 - 12:12:12 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\k600cmnt.sys

O58 - SDL:[MD5.C0D81F66557847BBB7F5B9980BC2EA2E] - 11/05/2005 - 12:12:14 ---A- . (.MCCI - Sony Ericsson 600i USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\k600mdfl.sys

O58 - SDL:[MD5.646900B2921BAD4757B427D2D328EC96] - 11/05/2005 - 12:12:14 ---A- . (.MCCI - Sony Ericsson 600i USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\k600mdm.sys

O58 - SDL:[MD5.3990320CFEF38B038C012029257E2300] - 11/05/2005 - 12:12:17 ---A- . (.MCCI - Sony Ericsson 600i USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\k600mgmt.sys

O58 - SDL:[MD5.1578CB8176D08CC4D3DBE094C62FC236] - 11/05/2005 - 12:12:17 ---A- . (.MCCI - Sony Ericsson 600i USB WMC OBEX Interface Device Driver.) -- C:\Windows\system32\drivers\k600obex.sys

O58 - SDL:[MD5.CF2684B3684A2983F95A94F5F84DE6C3] - 11/05/2005 - 12:12:23 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\k600wh.sys

O58 - SDL:[MD5.CF2684B3684A2983F95A94F5F84DE6C3] - 11/05/2005 - 12:12:23 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\k600whnt.sys

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.B9CBD3DEA7CA02868621173BF7A2AF9F] - 09/04/2008 - 17:00:04 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys

O58 - SDL:[MD5.B71D269B9AB5417963E986126C12B9FC] - 26/12/2007 - 09:20:32 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\rtl8187B.sys

O58 - SDL:[MD5.7157E70A90CCE49DEB8885D23A073A39] - 15/04/2008 - 09:05:08 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys

O58 - SDL:[MD5.0D60B8C10A2C5E8DD620B3FDEB1CDA64] - 23/04/2007 - 10:50:50 ---A- . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) -- C:\Windows\system32\drivers\RtlProt.sys

O58 - SDL:[MD5.9FF7D9CF3A5F296613588B0E8DB83AFE] - 02/04/2008 - 16:26:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/05/2009 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.55F6E55CC2430CA8713387106FA79817] - 06/12/2007 - 17:12:48 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys

O58 - SDL:[MD5.1825BCEB47BF41C5A9F0E44DE82FC27A] - 18/10/2006 - 10:50:04 ---A- . (.TOSHIBA Corporation. - Toshiba ODD Writing Driver For x86..) -- C:\Windows\system32\drivers\tdcmdpst.sys

O58 - SDL:[MD5.4399A9BF7D8F49991A07FD86590A1619] - 18/07/2008 - 18:52:16 ---A- . (.TOSHIBA Corporation - tos_sps2.) -- C:\Windows\system32\drivers\tos_sps32.sys

O58 - SDL:[MD5.792A8B80F8188ABA4B2BE271583F3E46] - 09/11/2007 - 14:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys

O58 - SDL:[MD5.8C5094A8AB24DE7496C7C19942F2DF04] - 17/12/2007 - 11:45:20 ---A- . (.Chicony Electronics Co., Ltd. - UVCFTR_S.sys.) -- C:\Windows\system32\drivers\UVCFTR_S.SYS

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.)

O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)

O63 - Logiciel: RSIT - (.random/random.)

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR

O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP

O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI

O64 - Services: CurCS - C:\Windows\system32\drivers\atapi.sys - IDE Channel (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\system32\drivers\ecache.sys - ReadyBoost Caching Driver (Ecache) .(.Microsoft Corporation - Special Memory Device Cache.) - LEGACY_ECACHE

O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_IPFILTERDRIVER

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - IP Network Address Translator (IPNAT) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\irda.sys - Protocole IrDA (irda) .(.Microsoft Corporation - IRDA Protocol Driver.) - LEGACY_IRDA

O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - (.not file.) - MPFP (MPFP) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPFP

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\drivers\msahci.sys - msahci (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\pciide.sys - pciide (pciide) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE

O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rtlprot.sys - Realtke RtlProt WLAN Utility Protocol Driver (RtlProt) .(.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - LEGACY_RTLPROT

O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {0F21CC88-B586-43A2-B505-F6D03E6FC823} [DefaultScope] - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {105E99FF-8B9A-4492-B155-06194B9056D2} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=Lf-QfRueB25LmqY5BL0ztMpTToU?q={searchTerms}

O69 - SBI: SearchScopes [HKCU] {7EE050EE-806F-4EA5-9CF6-47CA3C72C2DB} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {b41306c6-96d0-442a-bcc4-b0f621e82ce9} - (Fissa) - Fissa search

O69 - SBI: SearchScopes [HKCU] {EA90BAE3-85C8-4907-82E4-D63EE9BF7B9E} - (Yahoo! Search) - Yahoo! Search - Recherche Web

 

 

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by mélodie at 28/08/2010 21:34:26

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

kernel: MBR read successfully

user & kernel MBR OK

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [122880]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [574464]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438272]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [314368]

O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) -- C:\Windows\System32\irmon.dll [17920]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [260608]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [448512]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758272]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [190464]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153600]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [161792]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [596992]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Auto 05/10/2006 9216 | Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe

SS - | Auto 13/05/2009 108289 | Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SS - | Auto 21/07/2009 185089 | Avira AntiVir Guard (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SS - | Auto 17/04/2008 40960 | ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

SS - | Demand 15/06/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

SS - | Auto 30/10/2009 133104 | Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 06/07/2009 182768 | Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 04/04/2005 69632 | InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

SS - | Demand 24/04/2008 73728 | SmartFaceVWatchSrv (SmartFaceVWatchSrv) . (.Toshiba.) - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe

SS - | Auto 24/04/2008 99720 | Notebook Performance Tuning Service (TempoMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

SS - | Auto 18/07/2008 83312 | TOSHIBA Navi Support Service (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

SS - | Auto 21/11/2007 129632 | TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SS - | Auto 17/01/2008 431456 | TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SS - | Auto 06/02/2008 126976 | TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

SS - | Auto 23/08/2006 49152 | Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

 

---\\ Infection BT - BHO/Toolbar (Possible)

O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB}

 

 

 

End of the scan (999 lines in 01mn 07s)(0)

Florinator Extrem Member

Florinator

Posté(e)
Posté(e)

2ème fois:

 

Tu as dû récupérer quelques fonctionnalités?

 

 

 

1

 

  • Copie ces lignes ci dessous:

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522
O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB}   
[HKCU\Software\wnxmal]  
O51 - MPSK:{3f060693-6bc6-11df-b27a-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoGEt.eXE (.not file.)  
O51 - MPSK:{729310f7-ea2a-11de-ba83-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe winrun.vbs (.not file.)       
O51 - MPSK:{d41793f8-3327-11df-b52d-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- ba.exe (.not file.)  
O51 - MPSK:{e5e3c9a9-5c36-11df-8baa-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- wyskq6lt.exe (.not file.)

 

 

  • Ouvre ZHPDiag, puis clique sur l'icône PanelZHPFix.jpg
    Si l'icône n'apparait pas, relance un scan avec ZHPDiag, à la fin du scan elle apparaitra
  • Clique successivement sur l'icône PanelHelper.jpg,pour effacer le rapport qui s'est affiché
  • Clique ensuite sur malette-cachee.jpg pour coller la sélection
  • Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre
  • Clique sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.
  • Clique sur "Tous" puis sur "Nettoyer".
    Si on te demande de redémarrer l'ordi pour achever le nettoyage, fais le immmédiatement.
  • Copie/colle le rapport dans ton prochain post.

 

Remarque:Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPFixReport.txt

 

 

 

 

2

 

 

Télécharge ceci

 

  • Branche tout tes supports externes Disque dur/Clé USB etc (ne les ouvres pas!!)
  • Exécute le fichier
  • Poste moi le rapport stp

 

Laisse tes supports branchés ,tels qui le seront pour le scan, important pour la suite de la suppression si besoin

 

A++

fred0222 Junior Member

fred0222

Posté(e)
  • Auteur
Posté(e)

je suis toujours en mode sans echec donc je ne sais pas si j'ai récupéré des fonctionnaités

voici le rapport apres ZHPdiag :

Rapport de ZHPFix v1.12.3140 par Nicolas Coolman, Update du 27/08/2010

Fichier d'export Registre :

Run by mélodie at 28/08/2010 21:56:25

Web site : ZHPFix Fix de rapport

Contact : nicolascoolman@yahoo.fr

 

========== Clé(s) du Registre ==========

HKCU\Software\wnxmal => Clé absente

O51 - MPSK:{3f060693-6bc6-11df-b27a-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoGEt.eXE (.not file.) => Clé absente

O51 - MPSK:{729310f7-ea2a-11de-ba83-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe winrun.vbs (.not file.) => Clé absente

O51 - MPSK:{d41793f8-3327-11df-b52d-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- ba.exe (.not file.) => Clé absente

O51 - MPSK:{e5e3c9a9-5c36-11df-8baa-001e3381c9c6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- wyskq6lt.exe (.not file.) => Clé absente

 

========== Elément(s) de donnée du Registre ==========

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522 => Donnée supprimée avec succès

 

========== Fichier(s) ==========

c:\windows\system32\rundll32.exe shell32.dll => Supprimé et mis en quarantaine

ba.exe => Supprimé et mis en quarantaine

wyskq6lt.exe => Supprimé et mis en quarantaine

 

========== Logiciel(s) ==========

O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB} => Logiciel supprimé avec succès

 

 

========== Récapitulatif ==========

5 : Clé(s) du Registre

1 : Elément(s) de donnée du Registre

3 : Fichier(s)

1 : Logiciel(s)

 

 

End of the scan

il n'y a pas de supports externes branchés mais voici le rapport

 

 

C: - Fixe - Fichier Autorun.inf absent !

E: - Fixe - Fichier Autorun.inf absent !

F: - CD/DVD - Lecteur non prêt

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...