[RESOLU] Infection antimalware doctor

Sebest · le 5 septembre 2010

Bonjour,

Mon pere c'est laissé berné par Antimalware Doctor et donc je suis infecté par ce satané truc.Ce qui ralenti l'ordinateur considerablement.Et il doit y avoir d'autres infections en passant.

Pouvez-vous m'indiquez la marche à suivre pour désinfecté mon pc ?

Par avance merci

Modifié le 5 septembre 2010 par Sebest

Florinator · le 5 septembre 2010

Bonjour Sebest

Mon pere c'est laissé berné par Antimalware Doctor

Rassure toi, il n'est pas le seul.

Allez on va sortir cette saloperie:

1)

Télécharge Rkill de Grinler,depuis l'un des liens ci-dessous:

Enregistre le fichier sur le bureau.
Désactive le module résident de l'antivirus et celui de l'antispyware.
Double-clique sur le fichier Rkill

Pour Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

=>Une fenêtre sur fond noir apparaitra puis disparaitra.

=>Poste moi le rapport qui s'affichera

2)

Télécharge MBAM

Installe le
Lance l'outil
Coche "Executer un examen complet"
Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
Clique sur Supprimer la sélection
Pour poster le rapport clique sur l'onglet Rapports/Log et
Sélectionne celui t'intéresse et clique sur Ouvrir
Fait copier coller et poste le rapport stp

A++

Sebest · le 5 septembre 2010

RKILL

This log file is located at D:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as Administrateur on 05/09/2010 at 21:01:27.

Services Stopped:

Processes terminated by Rkill or while it was running:

D:\Documents and Settings\Administrateur\Bureau\rkill.scr

Rkill completed on 05/09/2010 at 21:01:34.

--------------------------------------------------------------------------------------------------------------------------------------------------

MBAM

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 4551

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

05/09/2010 21:54:50

mbam-log-2010-09-05 (21-54-50).txt

Type d'examen: Examen complet (A:\|C:\|D:\|E:\|F:\|)

Elément(s) analysé(s): 260405

Temps écoulé: 36 minute(s), 26 seconde(s)

Processus mémoire infecté(s): 2

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 1

Elément(s) de données du Registre infecté(s): 2

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 8

Processus mémoire infecté(s):

D:\Documents and Settings\ROLAND\Application Data\E4D8BF60D9972B047999D933A349BD03\KB5164415.exe (Malware.Packer.Gen) -> Unloaded process successfully.

D:\Documents and Settings\intel i7\DrvGuard32.exe (Backdoor.IRCBot) -> Unloaded process successfully.

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adatadrv (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft drive guard32 (Backdoor.IRCBot) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

D:\Documents and Settings\ROLAND\Application Data\E4D8BF60D9972B047999D933A349BD03\KB5164415.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

D:\WINDOWS\system32\drivers\adatadrv.sys (Trojan.Agent) -> Quarantined and deleted successfully.

D:\Documents and Settings\ROLAND\Bureau\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

D:\Documents and Settings\ROLAND\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

D:\Documents and Settings\ROLAND\Menu Démarrer\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

D:\Documents and Settings\ROLAND\Menu Démarrer\Programmes\Démarrage\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.

D:\Documents and Settings\intel i7\DrvGuard32.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.

D:\WINDOWS\explorer.vbk (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Florinator · le 5 septembre 2010

Trés bien, on va vérifier le reste:

Télécharge ZHPDiag crée par Nicolas Coolman

Enregistre le sur ton bureau
Double clique sur l'icône
Suis les instructions à l'ecran
Clique sur pour lancer l'analyse
Clique sur pour copier le rapport
Puis colle le dans ta prochaine réponses
Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

A++

Sebest · le 5 septembre 2010

Rapport de ZHPDiag v1.26.59 par Nicolas Coolman, Update du 05/09/2010

Run by intel i7 at 05/09/2010 22:18:56

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

---\\ System Information

Platform : Microsoft Windows XP (5.1.2600) Service Pack 3

Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2047 MB (73% free)

System drive D: has 48 GB (59%) free of 81 GB

---\\ Logged in mode

Computer Name: INTEL-B2A3569E0

User Name: intel i7

All Users Names: SUPPORT_388945a0, ROLAND, intel i7, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 64 Go of 68 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 48 Go of 81 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

---\\ Processus lancés

[MD5.2E3E53A6AEF23E24F402C7855B9B1542] - (.Apple Inc. - Apple Mobile Device Service.) -- D:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144176]

[MD5.B453700B9EB83FEF29811B28DAE27D29] - (.ASUSTeK COMPUTER INC. - ASUS Keyboard Service.) -- D:\WINDOWS\ATKKBService.exe [257024]

[MD5.5AB58C337AC65837FE404462AD6265AB] - (.Apple Inc. - Bonjour Service.) -- D:\Program Files\Bonjour\mDNSResponder.exe [345376]

[MD5.09417134F248DFCEEA15C72BCC87F592] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- D:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.4571B4E5D316CA688CEDD3AB0F2563F1] - (.Pas de propriétaire - Pas de description.) -- D:\Program Files\McAfee\SiteAdvisor\McSACore.exe [206112]

[MD5.B26A3EA976E6FD5C03C65F6E5824AD7C] - (.McAfee, Inc. - McAfee Service Host.) -- D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe [271480]

[MD5.B0E1CE9ED1E5EA5642EB6602016B70CC] - (.McAfee, Inc. - McAfee Process Validation Service.) -- D:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe [141792]

[MD5.E9E110CDF6A063A5F9B841C36FB5CC95] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 162.1.) -- D:\WINDOWS\system32\nvsvc32.exe [155716]

[MD5.A9EEB7B09B898A53EC8B7063B923AC32] - (.SafeNet, Inc. - Pas de description.) -- D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992]

[MD5.FD8723219C907C7AB753C93334FA4610] - (.SafeNet, Inc - Sentinel Protection Server for SuperPro and.) -- D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592]

[MD5.861255C3ED2ACE9DF92ED10A6A174BAC] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- D:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe [170144]

[MD5.E96F9CF4F8D244FDD5181FE90826E28F] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- D:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe [188136]

[MD5.8F610078437A459948480407F4DB91EA] - (.Apple Inc. - iPodService Module (32-bit).) -- D:\Program Files\iPod\bin\iPodService.exe [540472]

[MD5.5E2F961CA018361DA942CDDA54741ED4] - (.McAfee, Inc. - McAfee Update Launcher.) -- d:\PROGRA~1\mcafee.com\agent\mcupdate.exe [746352]

[MD5.72F23A6038F099C968E55C77FC3A99EB] - (.Nicolas Coolman - Diagnostic Tool.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [548352]

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- D:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18939 (longhorn_ie8_gdr.100616-1700)) -- D:\WINDOWS\system32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- d:\progra~1\mcafee\msk\mskapbho.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- D:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20100723040455.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Interest recogniser for Freecompressor (powered by Spointer) - {a83c3565-302c-4bf8-b000-6b6f1811d892} . (.Freecompressor - Interest Recognizer for Freecompressor.) -- D:\Program Files\FreeCompressor\spointer\extensions\freecompressor_air_ie.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.Pas de propriétaire - Pas de description.) -- d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- D:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- D:\Program Files\OfferBox\OfferBoxBHO.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.Pas de propriétaire - Pas de description.) -- d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- D:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- D:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- D:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [HDAudDeck] . (.VIA Technologies, Inc. - HDeck MFC Application.) -- D:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

O4 - HKLM\..\Run: [ASUSGamerOSD] . (.ASUSTeK Computer Inc. - ASUS GamerOSD.) -- D:\Program Files\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- D:\WINDOWS\system32\NvCpl.dll

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- D:\WINDOWS\system32\NvMcTray.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\jusched.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- D:\Program Files\Canon\MyPrinter\BJMyPrt.exe

O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- D:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTime\qttask.exe

O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- D:\Program Files\McAfee.com\Agent\mcagent.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- D:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [nodenable] D:\Program Files\eset\nodenable.exe (.not file.)

O4 - HKCU\..\Run: [VistaStartMenu] . (.OrdinarySoft - Vista Start Menu program.) -- D:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-1614895754-1220945662-1606980848-1004-1614895754-1220945662-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-1614895754-1220945662-1606980848-1004-1614895754-1220945662-1606980848-1003\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTime\qttask.exe

O4 - HKUS\S-1-5-21-1614895754-1220945662-1606980848-1004-1614895754-1220945662-1606980848-1003\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- D:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe

O4 - HKUS\S-1-5-21-1614895754-1220945662-1606980848-1004-1614895754-1220945662-1606980848-1003\..\Run: [mseancwxor.tmp] D:\DOCUME~1\ROLAND\LOCALS~1\Temp\mseancwxor.tmp (.not file.)

O4 - HKUS\S-1-5-21-1614895754-1220945662-1606980848-1004-1614895754-1220945662-1606980848-1003\..\Run: [KB5164415.exe] D:\Documents and Settings\ROLAND\Application Data\E4D8BF60D9972B047999D933A349BD03\KB5164415.exe (.not file.)

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- D:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... . (.Pas de propriétaire - Pas de description.) -- D:\Program Files\Megaupload\Mega Manager\mm_file.htm

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- D:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- D:\Program Files\Messenger\msmsgs.exe

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- D:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- D:\Program Files\Bonjour\mdnsNSP.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{3DFF30BD-AC72-4EA5-A8F3-FB6F0859DB7E}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{3DFF30BD-AC72-4EA5-A8F3-FB6F0859DB7E}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{3DFF30BD-AC72-4EA5-A8F3-FB6F0859DB7E}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{3DFF30BD-AC72-4EA5-A8F3-FB6F0859DB7E}: DhcpDomain = Belkin

O17 - HKLM\System\CS1\Services\Tcpip\..\{3DFF30BD-AC72-4EA5-A8F3-FB6F0859DB7E}: DhcpDomain = Belkin

O17 - HKLM\System\CS2\Services\Tcpip\..\{3DFF30BD-AC72-4EA5-A8F3-FB6F0859DB7E}: DhcpDomain = Belkin

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.Pas de propriétaire - Pas de description.) -- d:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- D:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- D:\WINDOWS\System32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- D:\WINDOWS\System32\WgaLogon.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- D:\WINDOWS\system32\webcheck.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- D:\WINDOWS\system32\wpdshserviceobj.dll

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- D:\WINDOWS\system32\stobject.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- D:\WINDOWS\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ATK Keyboard Service (ATKKeyboardService) . (.ASUSTeK COMPUTER INC. - ASUS Keyboard Service.) - D:\WINDOWS\ATKKBService.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - D:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - D:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.Pas de propriétaire - Pas de description.) - D:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - D:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - D:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - D:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - D:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - D:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 162.1.) - D:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sentinel Keys Server (SentinelKeysServer) . (.SafeNet, Inc. - Pas de description.) - D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

O23 - Service: Sentinel Protection Server (SentinelProtectionServer) . (.SafeNet, Inc - Sentinel Protection Server for SuperPro and.) - D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\PCConfidential.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\INF\wmp.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- D:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: Enhanced Display Driver Helper Service (asuskbnt) . (.ASUSTeK COMPUTER INC. - ASUS Help driver For Keyboard Service..) - D:\Windows\system32\drivers\atkkbnt.sys

O41 - Driver: EIO (EIO) . (.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) - D:\WINDOWS\system32\drivers\EIO.sys

O41 - Driver: McAfee Inc. mfetdi2k (mfetdi2k) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - D:\Windows\system32\drivers\mfetdi2k.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: ASUS Gamer OSD - (.ASUSTeK COMPUTER INC..) [HKLM] -- {315ACD04-BCEB-478B-9B1D-5431D0E6CB11}

O42 - Logiciel: AVS Audio Converter version 6.2 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Audio Converter 6.2_is1

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}

O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {B2D328BE-45AD-4D92-96F9-2151490A203E}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {85991ED2-010C-4930-96FA-52F43C2CE98A}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Badongo - (.Badongo.) [HKLM] -- {9985ABB2-14F3-4825-B5AF-0EFB23F715CB}

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0CB9668D-F979-4F31-B8B8-67FE90F929F8}

O42 - Logiciel: BurnAware Free 2.4.7 - (.Burnaware Technologies.) [HKLM] -- BurnAware Free_is1

O42 - Logiciel: CDex - Open Source Digital Audio CD Extractor - (.Georgy Berdyshev.) [HKLM] -- CDex

O42 - Logiciel: Canon MP Navigator 2.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator 2.0

O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0

O42 - Logiciel: Canon MP450 - (.Pas de propriétaire.) [HKLM] -- {CF23AFD7-3078-4134-8823-EBF6D1FE6FAD}

O42 - Logiciel: Canon MP560 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series

O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter

O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu

O42 - Logiciel: ETKA 7.2 Final - (.Pas de propriétaire.) [HKLM] -- ETKA 7.2 Final

O42 - Logiciel: Enregistrement utilisateur de Canon MP560 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP560 series

O42 - Logiciel: FreeCompressor - (.Secure Digital Services.) [HKLM] -- {1EF93620-4B15-4DB4-B0EA-889E2F187081}

O42 - Logiciel: Hardlock Device Drivers - (.Pas de propriétaire.) [HKLM] -- Hardlock Device Drivers

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI

O42 - Logiciel: IsoBuster 2.5.5 - (.Smart Projects.) [HKLM] -- IsoBuster_is1

O42 - Logiciel: Java 6 Update 16 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF}

O42 - Logiciel: LimeWire 5.5.9 - (.Lime Wire, LLC.) [HKLM] -- LimeWire

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: McAfee Internet Security - (.McAfee, Inc..) [HKLM] -- MSC

O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {72AD53CC-CCC0-3757-8480-9EE176866A7C}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {0BD83598-C2EF-3343-847B-7D2E84599128}

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: OfferBox - (.Secure Digital Services.) [HKLM] -- {2C8574B5-6935-4FCE-860E-F4E8602378FF}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {3D9892BB-A751-4E48-ADC8-E4289956CE1D}

O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525}

O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5857EE21-03D0-482E-9620-5A30B314A2AE}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E8766951-2B6C-4022-86E8-80D2D1762B76}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB980376) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{48113C06-9BA2-4D54-A731-D1D2C5B3144A}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7E9103DA-253F-41FF-9E83-7C83806C77DA}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Sentinel Protection Installer 7.5.0 - (.SafeNet, Inc..) [HKLM] -- {A5A63519-F5C2-4F4A-849A-F28A1AB3D522}

O42 - Logiciel: Transform XP to Vista 3.1 - (.OrdinarySoft.) [HKLM] -- Transform XP to Vista_is1

O42 - Logiciel: UltraUXThemePatcher - (.Manuel Hoefs (alias Zottel).) [HKLM] -- UltraUXThemePatcher

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2279264) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}

O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}

O42 - Logiciel: VLC media player 1.1.1 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Vista Start Menu 3.31 - (.OrdinarySoft.) [HKLM] -- Vista Start Menu_is1

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {7AB3A249-FB81-416B-917A-A2A10E74C503}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ASUS]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Bitberry]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\ESET]

[HKCU\Software\FreeCompressor]

[HKCU\Software\Freeze.com]

[HKCU\Software\GNU]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MarineCat]

[HKCU\Software\McAfee]

[HKCU\Software\Megaupload]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\OfferBox]

[HKCU\Software\Ordinarysoft]

[HKCU\Software\Policies]

[HKCU\Software\Smart Projects]

[HKCU\Software\Spointer]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Winamp]

[HKCU\Software\Winferno]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKLM\Software\ADSECURITY]

[HKLM\Software\ASUSTeK COMPUTER INC.]

[HKLM\Software\ASUS]

[HKLM\Software\AUTODATA]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Aladdin Knowledge Systems]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Autodata Limited]

[HKLM\Software\BrowserChoice]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Creative Tech]

[HKLM\Software\ESET]

[HKLM\Software\FreeCompressor]

[HKLM\Software\Freeze.com]

[HKLM\Software\GEAR Software]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfee.com]

[HKLM\Software\McAfee]

[HKLM\Software\Megaupload Limited]

[HKLM\Software\Megaupload]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\OfferBox]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\RTLSetup]

[HKLM\Software\Rainbow Technologies]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Safenet Sentinel]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\SiteAdvisor]

[HKLM\Software\VIA Technologies, Inc]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volkswagen AG]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\Winferno]

[HKLM\Software\Yahoo]

[HKLM\Software\lameme]

[HKLM\Software\mozilla.org]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- D:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- D:\Program Files\Apple Software Update

O43 - CFD:Common File Directory ----D- D:\Program Files\ASUS

O43 - CFD:Common File Directory ----D- D:\Program Files\AVS4YOU

O43 - CFD:Common File Directory ----D- D:\Program Files\Badongo

O43 - CFD:Common File Directory ----D- D:\Program Files\Bonjour

O43 - CFD:Common File Directory ----D- D:\Program Files\BurnAware Free

O43 - CFD:Common File Directory ----D- D:\Program Files\Canon

O43 - CFD:Common File Directory --H-D- D:\Program Files\CanonBJ

O43 - CFD:Common File Directory ----D- D:\Program Files\CDex

O43 - CFD:Common File Directory ----D- D:\Program Files\ComPlus Applications

O43 - CFD:Common File Directory ----D- D:\Program Files\ESET

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- D:\Program Files\FreeCompressor

O43 - CFD:Common File Directory --H-D- D:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- D:\Program Files\Intel

O43 - CFD:Common File Directory ----D- D:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- D:\Program Files\iPod

O43 - CFD:Common File Directory ----D- D:\Program Files\iTunes

O43 - CFD:Common File Directory ----D- D:\Program Files\Java

O43 - CFD:Common File Directory ----D- D:\Program Files\LimeWire

O43 - CFD:Common File Directory ----D- D:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- D:\Program Files\McAfee

O43 - CFD:Common File Directory ----D- D:\Program Files\McAfee.com

O43 - CFD:Common File Directory ----D- D:\Program Files\Megaupload

O43 - CFD:Common File Directory ----D- D:\Program Files\Messenger

O43 - CFD:Common File Directory ----D- D:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- D:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD:Common File Directory ----D- D:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- D:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- D:\Program Files\Microsoft Silverlight

O43 - CFD:Common File Directory ----D- D:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- D:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- D:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- D:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- D:\Program Files\MSN

O43 - CFD:Common File Directory ----D- D:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- D:\Program Files\My Company Name

O43 - CFD:Common File Directory ----D- D:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- D:\Program Files\OfferBox

O43 - CFD:Common File Directory ----D- D:\Program Files\Online Services

O43 - CFD:Common File Directory ----D- D:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- D:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- D:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- D:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- D:\Program Files\RocketDock

O43 - CFD:Common File Directory ----D- D:\Program Files\SafeNet Sentinel

O43 - CFD:Common File Directory ----D- D:\Program Files\Services en ligne

O43 - CFD:Common File Directory ----D- D:\Program Files\Smart Projects

O43 - CFD:Common File Directory ----D- D:\Program Files\Transform XP to Vista

O43 - CFD:Common File Directory ----D- D:\Program Files\UltraUXThemePatcher

O43 - CFD:Common File Directory --H-D- D:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- D:\Program Files\VIA

O43 - CFD:Common File Directory ----D- D:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- D:\Program Files\Vista Start Menu

O43 - CFD:Common File Directory ----D- D:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- D:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- D:\Program Files\Windows Media Connect 2

O43 - CFD:Common File Directory ----D- D:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- D:\Program Files\Windows NT

O43 - CFD:Common File Directory --H-D- D:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- D:\Program Files\Winferno

O43 - CFD:Common File Directory ----D- D:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- D:\Program Files\xerox

O43 - CFD:Common File Directory ----D- D:\Program Files\Yahoo!

O43 - CFD:Common File Directory ----D- D:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\Adobe

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\Apple

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\AVSMedia

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\CANON

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\McAfee

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\SafeNet Sentinel

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory ----D- D:\Program Files\Fichiers Communs\Windows Live

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.00000000000000000000000000000000] - 05/09/2010 - 21:09:51 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\WindowsUpdate.log [2058976]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/09/2010 - 21:09:32 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\0.log [0]

O44 - LFC:[MD5.00000000000000000000000000000000] - 05/09/2010 - 21:08:50 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.00000000000000000000000000000000] - 05/09/2010 - 21:08:48 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 05/09/2010 - 21:08:32 -S-A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.00000000000000000000000000000000] - 05/09/2010 - 21:07:34 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\SchedLgU.Txt [32392]

O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 05/09/2010 - 20:15:34 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 05/09/2010 - 20:15:33 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.65DF39704BB72594C5DB9E45FD38542D] - 05/09/2010 - 20:08:57 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\wpa.dbl [2206]

O44 - LFC:[MD5.C23FC9EE782AB388F7DAAD85C2B3E016] - 05/09/2010 - 20:01:34 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\rkill.log [409]

O44 - LFC:[MD5.451BDD96DF89A6BD2EDA7B7A4D723E58] - 05/09/2010 - 19:55:29 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\ntbtlog.txt [78578]

O44 - LFC:[MD5.C4792C2BA4E32A0ECE14D2018EA1A0CE] - 05/09/2010 - 16:16:08 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\setupapi.log [92339]

O44 - LFC:[MD5.E5B8FF1F39E5933722B4A3779C3B3CC2] - 23/08/2010 - 07:37:48 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\FNTCACHE.DAT [267008]

O44 - LFC:[MD5.7D0175A65FE75C5D8482A908E808B332] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\FaxSetup.log [716970]

O44 - LFC:[MD5.4F07166794F85A0F0B5C44EC7F0EA52A] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB982214.log [13942]

O44 - LFC:[MD5.AD177EAE883013642FC7347E284BBF2B] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\MedCtrOC.log [50231]

O44 - LFC:[MD5.799518B7586939AFA82D2536FEA3A434] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\comsetup.log [251339]

O44 - LFC:[MD5.F80D4022328036741C02F165151A73B0] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\iis6.log [810010]

O44 - LFC:[MD5.E68B791173611472B5BF97E15ACFA7AE] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\imsins.log [1374]

O44 - LFC:[MD5.598E00CCC658064ED63BAFA71B832333] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\msgsocm.log [36267]

O44 - LFC:[MD5.8A281EDBF35FD64A872DFC4C486D7A73] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\netfxocm.log [126761]

O44 - LFC:[MD5.B2B7EED92D7121DE234F1FCF0C77091C] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\ntdtcsetup.log [150600]

O44 - LFC:[MD5.7012FCA90C9C3504526BD866BCDFA51C] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\ocgen.log [402516]

O44 - LFC:[MD5.D6FDC29AE21EC318AA9832EEFADF9E2A] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\ocmsn.log [40000]

O44 - LFC:[MD5.02A29945024631073178859FE7398D8D] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\tabletoc.log [36706]

O44 - LFC:[MD5.F2AD6FBB8DD59268445BDC8C5C9E2FFF] - 23/08/2010 - 07:21:56 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\tsoc.log [334249]

O44 - LFC:[MD5.D620B3D96E179473B664074190938A43] - 23/08/2010 - 07:21:55 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\msmqinst.log [227364]

O44 - LFC:[MD5.DF6EC5B91B808DEDC661840E9D8B9230] - 23/08/2010 - 07:21:49 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\imsins.BAK [1374]

O44 - LFC:[MD5.0FEC58BC2A6F21D774CC0B79EE44F092] - 23/08/2010 - 07:21:48 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB2115168.log [18203]

O44 - LFC:[MD5.99959F20B5B642F72B18DEC5C0657B72] - 23/08/2010 - 07:21:40 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB981852.log [15682]

O44 - LFC:[MD5.D66C16C9AE9A874D6420B11D11EA116C] - 23/08/2010 - 07:21:26 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB2079403.log [18592]

O44 - LFC:[MD5.106F8AE8E0EDFD567994F72962B070FF] - 23/08/2010 - 07:21:24 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\updspapi.log [88269]

O44 - LFC:[MD5.7190AA76D415054EA2838994A5AB9CE0] - 23/08/2010 - 07:20:16 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\PerfStringBackup.INI [1057160]

O44 - LFC:[MD5.0055574E0FE99C4DB6EF2046C5F87D69] - 23/08/2010 - 07:20:16 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\perfc009.dat [68156]

O44 - LFC:[MD5.F102112DA91CA191037A4A71CCF9BC46] - 23/08/2010 - 07:20:16 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\perfc00C.dat [81386]

O44 - LFC:[MD5.BBCEE078BD8B8EBCC94EA27F7A888AE9] - 23/08/2010 - 07:20:16 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\perfh009.dat [435260]

O44 - LFC:[MD5.7C058D7E9DC9B4519A903A0300F52C3A] - 23/08/2010 - 07:20:16 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\perfh00C.dat [503210]

O44 - LFC:[MD5.BDBAB04AAA0B8974418D19454B788CA4] - 23/08/2010 - 07:17:58 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB2183461-IE8.log [16451]

O44 - LFC:[MD5.F3F96F41F895EB7CA8E53F95290C072F] - 23/08/2010 - 07:17:31 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB2160329.log [12886]

O44 - LFC:[MD5.BF36D557758E953B72EF3A79A7D85A48] - 23/08/2010 - 07:17:25 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB980436.log [12232]

O44 - LFC:[MD5.BA1766E0D731C03C6DD3CBAE100FCF94] - 23/08/2010 - 07:16:06 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB981997.log [6641]

O44 - LFC:[MD5.9BCE4885701F782D70D839419A4C9EB3] - 23/08/2010 - 07:15:40 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\KB982665.log [10776]

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- D:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- D:\Program Files\Microsoft Office\Office12\OUTLOOK.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- D:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- D:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- D:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" [Disabled] .(.SafeNet, Inc - .) (.not file.) -- D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" [Disabled] .(.SafeNet, Inc. - .) (.not file.) -- D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

O47 - AAKE:Key Export SP - "D:\Program Files\LimeWire\LimeWire.exe" [Enabled] .(.Lime Wire, LLC - LimeWire.) (.not file.) -- D:\Program Files\LimeWire\LimeWire.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) (.not file.) -- D:\Program Files\Bonjour\mDNSResponder.exe

O47 - AAKE:Key Export SP - "D:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) (.not file.) -- D:\Program Files\iTunes\iTunes.exe

O47 - AAKE:Key Export SP - "D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe" [Enabled] .(.McAfee, Inc. - McAfee Service Host.) (.not file.) -- D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- D:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "D:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- D:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export DP - "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- D:\Program Files\Windows Live\Messenger\msnmsgr.exe

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- D:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- D:\WINDOWS\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- D:\WINDOWS\System32\msv1_0.dll

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- D:\WINDOWS\System32\Drivers\mfefirek.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- D:\WINDOWS\System32\Drivers\mfehidk.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- D:\WINDOWS\System32\Drivers\mfefirek.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- D:\WINDOWS\System32\Drivers\mfehidk.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- D:\WINDOWS\System32\Drivers\mfefirek.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- D:\WINDOWS\System32\Drivers\mfehidk.sys

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{43ea9feb-a196-11df-9dfb-00400510ae47}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\DrvGuard32.exe

O51 - MPSK:{4e891b02-a165-11df-9df9-00400510ae47}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\DrvGuard32.exe (.not file.)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- D:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- D:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- D:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="D:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- D:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="D:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- D:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- D:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- D:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- D:\WINDOWS\system32\digest.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 11:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- D:\WINDOWS\system32\drivers\ASACPI.sys

O58 - SDL:[MD5.2AD78087FF299D1596F0336749F84B1F] - 01/08/2007 - 04:39:28 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\drivers\ASUSHWIO.SYS

O58 - SDL:[MD5.B3B881EB81013AAC11594A5400ADA47A] - 12/07/2007 - 09:03:38 ---A- . (.ASUSTeK COMPUTER INC. - ASUS Help driver For Keyboard Service..) -- D:\WINDOWS\system32\drivers\atkkbnt.sys

O58 - SDL:[MD5.BE45142C45E28B6E39B08E7B452A0C16] - 12/07/2007 - 09:03:38 ---A- . (.ASMT - Kernel-Mode Dll.) -- D:\WINDOWS\system32\drivers\Bravo.sys

O58 - SDL:[MD5.44E4A7DDED054DD55AE995C3AED719AE] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- D:\WINDOWS\system32\drivers\cfwids.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- D:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 14/04/2008 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- D:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.0DAF3544804650526751C478AECCCE63] - 12/07/2007 - 09:03:38 ---A- . (.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) -- D:\WINDOWS\system32\drivers\EIO.sys

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- D:\WINDOWS\system32\drivers\GEARAspiWDM.sys

O58 - SDL:[MD5.9D4AD703C57F87118BFCD83787E6D82D] - 09/11/2005 - 08:44:36 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\drivers\hardlock.sys

O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - 13:00:00 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- D:\WINDOWS\system32\drivers\hdaudbus.sys

O58 - SDL:[MD5.CD32607F1CC8AC67224334AE123F7B98] - 17/03/2008 - 01:45:50 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- D:\WINDOWS\system32\drivers\igxpmp32.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.B77E959E1C50D3E3A9D9EF423BE62E09] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- D:\WINDOWS\system32\drivers\mfeapfk.sys

O58 - SDL:[MD5.E84596FCB591117F5597498A5F82AD97] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- D:\WINDOWS\system32\drivers\mfeavfk.sys

O58 - SDL:[MD5.D40CE01E2D3FE0C079CD2D6B3E4B823B] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- D:\WINDOWS\system32\drivers\mfebopk.sys

O58 - SDL:[MD5.403F171BE080DF2B7A3865F014F4D0CA] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- D:\WINDOWS\system32\drivers\mfeclnk.sys

O58 - SDL:[MD5.3962C6A9E35C4319DCDAB0497614FD69] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- D:\WINDOWS\system32\drivers\mfefirek.sys

O58 - SDL:[MD5.E7ECF7872BF8F2897AE5A696D908C2F7] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- D:\WINDOWS\system32\drivers\mfehidk.sys

O58 - SDL:[MD5.554DBBDC8C3B4F380B21269239BD29BB] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - McAfee NDIS Intermediate Driver.) -- D:\WINDOWS\system32\drivers\mfendisk.sys

O58 - SDL:[MD5.E411594AC94BAEF7F8EA991CC8F47FD1] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- D:\WINDOWS\system32\drivers\mferkdet.sys

O58 - SDL:[MD5.1BFE4C4CCF8CD2D7DEAFFB424E691196] - 31/05/2010 - 19:32:58 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- D:\WINDOWS\system32\drivers\mfetdi2k.sys

O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 14/02/2008 - 07:12:00 R--A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- D:\WINDOWS\system32\drivers\monfilt.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.F8E396F5E703D7A8F37D90F59C776268] - 23/11/2008 - 10:23:04 ---A- . (.T0r0 2008 - DongleEmulator for HASP, Sentinel, etc.) -- D:\WINDOWS\system32\drivers\NSHE.SYS

O58 - SDL:[MD5.F8BE83F0C686533170F7537E94BF411A] - 28/06/2007 - 17:43:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 162.18.) -- D:\WINDOWS\system32\drivers\nv4_mini.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 14/04/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- D:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- D:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.F0A21C62B9B835E1C96268EAAE31D239] - 07/08/2008 - 12:14:00 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- D:\WINDOWS\system32\drivers\Rtenicxp.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/04/2008 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- D:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.A2CC81C30BEF6AC9F27055490EEF6DE3] - 11/07/2008 - 06:05:00 ---A- . (.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) -- D:\WINDOWS\system32\drivers\sentinel.sys

O58 - SDL:[MD5.9DE6E60CE7FD82B4985DE5D9C22265AD] - 11/07/2008 - 06:05:00 ---A- . (.SafeNet, Inc. - Sentinel System USB Driver.) -- D:\WINDOWS\system32\drivers\SNTNLUSB.SYS

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 14/04/2008 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- D:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.4B8A9C16B6D9258ED99C512AECB8C555] - 19/04/2010 - 19:47:42 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- D:\WINDOWS\system32\drivers\usbaapl.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- D:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.51B24990850076F659D1D1DAEFBED6F1] - 25/07/2008 - 13:09:24 R--A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- D:\WINDOWS\system32\drivers\viahduaa.sys

O58 - SDL:[MD5.8643DA4A6C83DA6C10FCAB1E5AB6632D] - 12/07/2007 - 09:03:40 ---A- . (.ASUSTeK COMPUTER INC. - ASUS Video3D driver.) -- D:\WINDOWS\system32\drivers\Video3D32.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.D320732BCF5FF856120BD06855C66867] - 12/07/2007 - 09:03:42 ---A- . (.ASUSTeK Computer Inc. - ASUS Virtual Video Capture Device Driver.) -- D:\WINDOWS\system32\asusgsb.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- D:\WINDOWS\system32\ntio804.sys

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - D:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - D:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG

O64 - Services: CurCS - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Apple Mobile Device (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT

O64 - Services: CurCS - D:\WINDOWS\ATKKBService.exe - ATK Keyboard Service (ATKKeyboardService) .(.ASUSTeK COMPUTER INC. - ASUS Keyboard Service.) - LEGACY_ATKKEYBOARDSERVICE

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS

O64 - Services: CurCS - D:\Program Files\Bonjour\mDNSResponder.exe - Service Bonjour (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS

O64 - Services: CurCS - D:\Windows\system32\drivers\cfwids.sys - McAfee Inc. cfwids (cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS

O64 - Services: CurCS - D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32

O64 - Services: CurCS - D:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC

O64 - Services: CurCS - D:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP

O64 - Services: CurCS - D:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - D:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - D:\Windows\system32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE

O64 - Services: CurCS - (.not file.) - EAMON (eamon) .(.Pas de propriétaire - Pas de description.) - LEGACY_EAMON

O64 - Services: CurCS - (.not file.) - easdrv (easdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_EASDRV

O64 - Services: CurCS - D:\WINDOWS\system32\drivers\EIO.sys - EIO (EIO) .(.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) - LEGACY_EIO

O64 - Services: CurCS - (.not file.) - epfwtdir (epfwtdir) .(.Pas de propriétaire - Pas de description.) - LEGACY_EPFWTDIR

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\fltMgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR

O64 - Services: CurCS - D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC

O64 - Services: CurCS - D:\WINDOWS\system32\drivers\hardlock.sys - Hardlock (Hardlock) .(.Pas de propriétaire - Pas de description.) - LEGACY_HARDLOCK

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV

O64 - Services: CurCS - D:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER

O64 - Services: CurCS - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT

O64 - Services: CurCS - D:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\ipfltdrv.sys - Pilote de filtre de trafic IP (IpFilterDriver) .(.Microsoft Corporation - IP FILTER DRIVER.) - LEGACY_IPFILTERDRIVER

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT

O64 - Services: CurCS - D:\Program Files\iPod\bin\iPodService.exe - Service de l’iPod (iPod Service) .(.Apple Inc. - iPodService Module (32-bit).) - LEGACY_IPOD_SERVICE

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC

O64 - Services: CurCS - D:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Serveur (LanmanServer) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS

O64 - Services: CurCS - D:\Program Files\McAfee\SiteAdvisor\McSACore.exe - McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCAFEE_SITEADVISOR_SERVICE

O64 - Services: CurCS - D:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe - Service McAfee Personal Firewall (McMPFSvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCMPFSVC

O64 - Services: CurCS - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Services (mcmscsvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCMSCSVC

O64 - Services: CurCS - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee VirusScan Announcer (McNaiAnn) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCNAIANN

O64 - Services: CurCS - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Network Agent (McNASvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCNASVC

O64 - Services: CurCS - D:\Program Files\McAfee\VirusScan\mcods.exe - McAfee Scanner (McODS) .(.McAfee, Inc. - McAfee VirusScan On-Demand Scan.) - LEGACY_MCODS

O64 - Services: CurCS - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Proxy Service (McProxy) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCPROXY

O64 - Services: CurCS - D:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe - McAfee Real-time Scanner (McShield) .(.McAfee, Inc. - McAfee On-Access Scanner service.) - LEGACY_MCSHIELD

O64 - Services: CurCS - D:\Windows\system32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk (mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK

O64 - Services: CurCS - D:\Windows\system32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk (mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK

O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK01

O64 - Services: CurCS - D:\Windows\system32\drivers\mfebopk.sys - McAfee Inc. mfebopk (mfebopk) .(.McAfee, Inc. - Buffer Overflow Protection Driver.) - LEGACY_MFEBOPK

O64 - Services: CurCS - D:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe - McAfee Firewall Core Service (mfefire) .(.McAfee, Inc. - McAfee Core Firewall Service.) - LEGACY_MFEFIRE

O64 - Services: CurCS - D:\Windows\system32\drivers\mfefirek.sys - McAfee Inc. mfefirek (mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK

O64 - Services: CurCS - D:\Windows\system32\drivers\mfehidk.sys - McAfee Inc. mfehidk (mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK

O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK01

O64 - Services: CurCS - D:\Windows\system32\drivers\mferkdet.sys - McAfee Inc. mferkdet (mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET

O64 - Services: CurCS - (.not file.) - McAfee Inc. mferkdk (mferkdk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFERKDK

O64 - Services: CurCS - (.not file.) - McAfee Inc. mfesmfk (mfesmfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFESMFK

O64 - Services: CurCS - D:\Windows\system32\drivers\mfetdi2k.sys - McAfee Inc. mfetdi2k (mfetdi2k) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFETDI2K

O64 - Services: CurCS - D:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe - McAfee Validation Trust Protection Service (mfevtp) .(.McAfee, Inc. - McAfee Process Validation Service.) - LEGACY_MFEVTP

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - (.not file.) - MPFP (MPFP) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPFP

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - D:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - D:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER

O64 - Services: CurCS - D:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe - McAfee Anti-Spam Service (MSK80Service) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MSK80SERVICE

O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - D:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 162.1.) - LEGACY_NVSVC

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM

O64 - Services: CurCS - D:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT

O64 - Services: CurCS - D:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Accès à distance au Registre (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY

O64 - Services: CurCS - D:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - D:\WINDOWS\system32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP

O64 - Services: CurCS - D:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\SENTINEL.sys - Sentinel (Sentinel) .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL

O64 - Services: CurCS - D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe - Sentinel Keys Server (SentinelKeysServer) .(.SafeNet, Inc. - Pas de description.) - LEGACY_SENTINELKEYSSERVER

O64 - Services: CurCS - D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe - Sentinel Protection Server (SentinelProtectionServer) .(.SafeNet, Inc - Sentinel Protection Server for SuperPro and.) - LEGACY_SENTINELPROTECTIONSERVER

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION

O64 - Services: CurCS - D:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP

O64 - Services: CurCS - D:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_UDFS

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA

O64 - Services: CurCS - D:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - D:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME

O64 - Services: CurCS - D:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT

O64 - Services: CurCS - D:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC

O64 - Services: CurCS - D:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV

O64 - Services: CurCS - D:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {DE7A612F-A15E-455A-8D05-4A1D7CC7F9FE} - (Yahoo! Search) - Yahoo! Search - Recherche Web

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by intel i7 at 05/09/2010 22:19:20

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

kernel: MBR read successfully

user & kernel MBR OK

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- D:\WINDOWS\System32\appmgmts.dll [176640]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- D:\WINDOWS\System32\audiosrv.dll [42496]

O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- D:\WINDOWS\System32\browser.dll [77824]

O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- D:\WINDOWS\System32\cryptsvc.dll [62464]

O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- D:\WINDOWS\System32\dmserver.dll [24576]

O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- D:\WINDOWS\System32\dhcpcsvc.dll [127488]

O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- D:\WINDOWS\System32\ersvc.dll [23040]

O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- D:\WINDOWS\system32\es.dll [253952]

O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- D:\WINDOWS\System32\hidserv.dll [21504]

O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- D:\WINDOWS\System32\srvsvc.dll [96768]

O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- D:\WINDOWS\System32\wkssvc.dll [132096]

O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- D:\WINDOWS\System32\msgsvc.dll [33792]

O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- D:\WINDOWS\System32\netman.dll [198144]

O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\System32\mswsock.dll [247808]

O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- D:\WINDOWS\system32\ntmssvc.dll [438272]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- D:\WINDOWS\System32\rasauto.dll [88576]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- D:\WINDOWS\System32\rasmans.dll [186368]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- D:\WINDOWS\System32\mprdim.dll [53248]

O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- D:\WINDOWS\system32\schedsvc.dll [194560]

O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- D:\WINDOWS\System32\seclogon.dll [18944]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- D:\WINDOWS\system32\sens.dll [39424]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- D:\WINDOWS\System32\ipnathlp.dll [332800]

O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- D:\WINDOWS\system32\srsvc.dll [171520]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- D:\WINDOWS\System32\tapisrv.dll [249856]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- D:\WINDOWS\system32\trkwks.dll [90112]

O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- D:\WINDOWS\system32\w32time.dll [178176]

O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- D:\WINDOWS\System32\wzcsvc.dll [483840]

O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- D:\WINDOWS\System32\advapi32.dll [685568]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- D:\WINDOWS\system32\wbem\WMIsvc.dll [145408]

O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- D:\WINDOWS\system32\wscsvc.dll [80896]

O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- D:\WINDOWS\System32\xmlprov.dll [129024]

O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- D:\WINDOWS\System32\qagentrt.dll [293376]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- D:\WINDOWS\System32\kmsvc.dll [61440]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- D:\WINDOWS\system32\qmgr.dll [409088]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- D:\WINDOWS\system32\wuauserv.dll [6656]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]

O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- D:\WINDOWS\system32\mspmsnsv.dll [27136]

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 10/06/2010 144176 | Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 12/07/2007 257024 | ATK Keyboard Service (ATKKeyboardService) . (.ASUSTeK COMPUTER INC..) - D:\WINDOWS\ATKKBService.exe

SR - | Auto 18/05/2010 345376 | Service Bonjour (Bonjour Service) . (.Apple Inc..) - D:\Program Files\Bonjour\mDNSResponder.exe

SS - | Demand 04/04/2005 69632 | InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

SR - | Demand 15/06/2010 540472 | Service de l’iPod (iPod Service) . (.Apple Inc..) - D:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 26/09/2009 153376 | Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - D:\Program Files\Java\jre6\bin\jqs.exe

SR - | Auto 23/07/2008 206112 | McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.Pas de propriétaire.) - D:\Program Files\McAfee\SiteAdvisor\McSACore.exe

SR - | Auto 10/03/2010 271480 | Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

SR - | Auto 10/03/2010 271480 | McAfee Services (mcmscsvc) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 10/03/2010 271480 | McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 10/03/2010 271480 | McAfee Network Agent (McNASvc) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SS - | Demand 15/04/2010 364216 | McAfee Scanner (McODS) . (.McAfee, Inc..) - D:\Program Files\McAfee\VirusScan\mcods.exe

SR - | Auto 10/03/2010 271480 | McAfee Proxy Service (McProxy) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 31/05/2010 170144 | McShield (McShield) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe

SR - | Auto 31/05/2010 188136 | McAfee Firewall Core Service (mfefire) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe

SR - | Auto 31/05/2010 141792 | McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe

SR - | Auto 10/03/2010 271480 | McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc..) - D:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

SR - | Auto 28/06/2007 155716 | NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation.) - D:\WINDOWS\system32\nvsvc32.exe

SR - | Auto 11/07/2008 328992 | Sentinel Keys Server (SentinelKeysServer) . (.SafeNet, Inc..) - D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

SR - | Auto 11/07/2008 226592 | Sentinel Protection Server (SentinelProtectionServer) . (.SafeNet, Inc.) - D:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

End of the scan (997 lines in 00mn 25s)(0)

Florinator · le 5 septembre 2010

Bonsoir,

Il sagit d'une version modifiée de Windows,

Je m'arrête donc ici pour éviter différents plantage avec les outils que nous utilisons.

A++

Sebest · le 5 septembre 2010

Ok merci, tout façon anti-malware est parti.Merci

Connexion

Pas encore inscrit ?

[RESOLU] Infection antimalware doctor

Messages recommandés

Sebest

Florinator

Sebest

Florinator

Sebest

Florinator

Sebest

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer