lenteur sur mon minipc

[alky]

Bonjour,

 

Est ce que quelqu un saurait m aider et me dire pourquoi mon pc est fichtrement lent à demarrer ?

Je ne sais pas trop quoi faire.. je pense avoir un spyware ou qqchose dans le genre

 

Sur un pc classique j aurais fait une reinstalle bete et mechante de windows mais sur ce pc (mini pc) il n y a pas de lecteur cd, et en plus je ne connais pas les drivers a reinstaller...

 

enfin bon c est la galere quoi

 

Merci d avance si qqu un me vient en aide

 

A+

[pear]

Bonjour,

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Cliquez sur le tournevis

Dans la fenêtre qui s'ouvre, cochez tout.

Clic sur la Loupe pour lancer le scan

Au bout d'un moment ,vous pouvez avoir à Accepter Sysinternal->I agree

Postez en le rapport qui apparait en cliquant l'appareil photo.

 

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

[alky]

Rapport de ZHPDiag v1.27.101 par Nicolas Coolman, Update du 05/11/2010

Run by emmanuelle duval at 05/11/2010 17:39:33

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

MFIE: Mozilla Firefox (3.5.11)

 

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1015 MB (30% free)

System drive C: has 50 GB (69%) free of 72 GB

 

---\\ Logged in mode

Computer Name: MANUELAPTOP

User Name: emmanuelle duval

All Users Names: SUPPORT_388945a0, HelpAssistant, emmanuelle duval, ASPNET, Administrateur,

Unselected Option: None

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 72 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 63 Go of 72 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 13:00:00.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 13:00:00.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 13:00:00.) -- C:\Windows\System32\drivers\atapi.sys [96512]

 

 

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.8B0DE4B972DB725FB9D591E69CD236FB] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [159744]

[MD5.5AEE71F957654D73E0798BBC295DC5A8] - (.ASUSTeK Computer Inc. - Asus Eee PC ACPI Service.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [630784]

[MD5.9474B0F93F8C62A9D4981A4482846402] - (.ASUSTeK Computer Inc. - AsEPCMon.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe [98304]

[MD5.6E0B205042FC3AF5DE84F90F875AFFDA] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [249856]

[MD5.29C8FD8DE192B3A52E7CB7DCECE552AF] - (.ASUSTeK Computer Inc. - Eee PC Tray Utility.) -- C:\Program Files\EeePC\ACPI\AsTray.exe [118784]

[MD5.F1E858C7523F3E95286549003A700EF7] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1512744]

[MD5.EBC7AD9B35D87D2B1250E5235BBD44DA] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [712704]

[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [149280]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.33D3A0E487064D4B333452015506F054] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [17881088]

[MD5.7027F35E3AA472EC230DBCF19E4165E6] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE [200704]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.A16EA57F424885DC42827386D43FE857] - (.Teleca Sweden AB - Application Launcher.) -- C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe [598016]

[MD5.3726751A8C2C57D1013F3C8D7AAE726C] - (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\system32\igfxext.exe [163840]

[MD5.39133291CB607BDD87CFC565A4A1E7A5] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.954986F1E2A1FD7E60A169701C0C40C7] - (.Pas de propriétaire - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [397312]

[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]

[MD5.4B7A840613734F1FE0D102346640E300] - (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3037696]

[MD5.000E5D189227DE9655E6C6EFB9C3A3F8] - (.ASUSTeK Computer Inc. - Eee Super Hybrid Engine.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [376832]

[MD5.31A3B246D55ABEE317B61F4E7B9BBE24] - (.SFR & Celliance - Service Windows SFR ABCd.) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [643512]

[MD5.4A4A857713740E1564F0B7623493AF06] - (.Crawler.com - Spyware Terminator Realtime Shield Service.) -- C:\Program Files\Spyware Terminator\sp_rsser.exe [488960]

[MD5.7646CB9C5A4FF8BA647E0912A3568C41] - (.Teleca Sweden AB - Capability Manager.) -- C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe [139264]

[MD5.CBA29D7C16A56A701C0B3D7A68D84128] - (.Popwire AB - PCC Logging Service server application.) -- C:\Program Files\Fichiers communs\Teleca Shared\logger.exe [106496]

[MD5.A0C3E26DE27CE9316B6F331DB49414A0] - (.Teleca AB - Generic Device Management Executable..) -- C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe [557056]

[MD5.3C6D476D824DCD0188D4349BF7983408] - (.Teleca - Client Initiated Syncrhonization Starter.) -- C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe [389120]

[MD5.A25619C6BEB56D92E30F37E72D9C0271] - (.Teleca Sweden AB - CAPI_Worker Module.) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe [1011712]

[MD5.230EC324D37DFB594B8FF296D239423E] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [908248]

[MD5.B12A513BA70005FFF4A5B41C25349AB0] - (.Teleca Sweden AB - DbgOut MFC Application.) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe [356352]

[MD5.B65FACF92CAB16142C90EAE176FA5578] - (.Teleca AB - HTCVBTServer Module.) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe [462848]

[MD5.D83BD90AB612B832FADDFD0B0B8236F2] - (.TODO: <Company name> - TODO: <File description>.) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe [253952]

[MD5.344FE520F750EFE9831D55117F4AD696] - (.Crawler.com - Crawler Toolbar.) -- C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe [2374096]

[MD5.6DFDF0A116E92646B883AF52AE5A2B15] - (.Sun Microsystems, Inc. - Java Update Checker.) -- C:\Program Files\Java\jre6\bin\jucheck.exe [386872]

[MD5.AD3D7E95C4F3DAF0E703E3B36A95E288] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [617472]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]

 

 

---\\ Page de démarrage de Mozilla Firefox (M0)

M0 - MFSP: prefs.js [emmanuelle duval - kt0u9ycc.default] Google

 

 

---\\ Programmes d'extension pour Mozilla Firefox (M2)

M2 - MFEP: prefs.js [emmanuelle duval - kt0u9ycc.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant 1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [emmanuelle duval - kt0u9ycc.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar 2.1.1.20091029021655 (.Yahoo!.)

 

 

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8064.0206] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.1] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.'>http://www.) -- C:\Documents and Settings\emmanuelle duval\Application Data\Facebook\npfbplugin_1_0_1.dll

P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Documents and Settings\emmanuelle duval\Application Data\Facebook\npfbplugin_1_0_3.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18939 (longhorn_ie8_gdr.100616-1700)) -- C:\WINDOWS\system32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} . (.Crawler.com - Crawler Toolbar Browser Object.) -- C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} . (.Crawler.com - Crawler Toolbar Browser Object.) -- C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [AsusACPIServer] . (.ASUSTeK Computer Inc. - Asus Eee PC ACPI Service.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe

O4 - HKLM\..\Run: [AsusEPCMonitor] . (.ASUSTeK Computer Inc. - AsEPCMon.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe

O4 - HKLM\..\Run: [AsusTray] . (.ASUSTeK Computer Inc. - Eee PC Tray Utility.) -- C:\Program Files\EeePC\ACPI\AsTray.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [synAsusAcpi] . (.Synaptics Incorporated - Asus Custom Acpi Monitor Application.) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe

O4 - HKLM\..\Run: [LiveUpdate] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\RTHDCPL.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.exe

O4 - HKLM\..\Run: [Mobile Connectivity Suite] . (.Teleca Sweden AB - Application Launcher.) -- C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe

O4 - HKLM\..\Run: [spywareTerminator] . (.Crawler.com - Spyware Terminator Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Eee Docking] . (.Pas de propriétaire - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe

O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - HKCU\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-1503390583-3582739439-348373840-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-1503390583-3582739439-348373840-1006\..\Run: [Eee Docking] . (.Pas de propriétaire - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe

O4 - HKUS\S-1-5-21-1503390583-3582739439-348373840-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - HKUS\S-1-5-21-1503390583-3582739439-348373840-1006\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\ SuperHybridEngine.lnk . (.ASUSTeK Computer Inc..) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 8.lnk . (.Pas de propriétaire.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft Office PowerPoint 2007.lnk . (.Pas de propriétaire.) -- C:\WINDOWS\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\emmanuelle duval\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\emmanuelle duval\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\emmanuelle duval\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\emmanuelle duval\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Crawler Search - (.not file.) - tbr:iemenu

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - (.not file.) - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Envoyer à Bluetooth - (.not file.) - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} . (.not file.) - (.not file.)

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\favicon.ico

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{2372E8FB-30AB-465E-B7A2-3DF1AEB67F96}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{2372E8FB-30AB-465E-B7A2-3DF1AEB67F96}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{2372E8FB-30AB-465E-B7A2-3DF1AEB67F96}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O18 - Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} . (.Crawler.com - Crawler Toolbar Browser Object.) -- C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) . (.SFR & Celliance - Service Windows SFR ABCd.) - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) . (.Crawler.com - Spyware Terminator Realtime Shield Service.) - C:\Program Files\Spyware Terminator\sp_rsser.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- Rundll32 IEDKCS32.dll

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: Spyware Terminator Driver 2 (sp_rsdrv2) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\sp_rsdrv2.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ASUS USB2.0 UVC VGA WebCam - (.Sonix.) [HKLM] -- {399C37FB-08AF-493B-BFED-20FBD85EDF7F}

O42 - Logiciel: ASUSUpdate for Eee PC - (.Pas de propriétaire.) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 8.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81000000003}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Asus ACPI Driver - (.AsusTek Computer.) [HKLM] -- {19F5658D-92E8-4A08-8657-D38ABB1574B2}

O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}

O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: Choice Guard - (.Microsoft Corporation.) [HKLM] -- {8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

O42 - Logiciel: Crawler Toolbar with Web Security Guard - (.Crawler, LLC.) [HKLM] -- CToolbar_UNINSTALL

O42 - Logiciel: Data Sync - (.ASUS.) [HKLM] -- {D806E63B-0C11-4061-8DA9-1E980FB9A9EB}

O42 - Logiciel: Dolomynum (remove only) - (.Pas de propriétaire.) [HKLM] -- Dolomynum

O42 - Logiciel: Eee Docking 1.3.6.0 - (.ASUSTEK.) [HKLM] -- Eee Docking_is1

O42 - Logiciel: EeeSplendid - (.ASUS.) [HKLM] -- {6333FC29-BFE5-4024-AC78-958A1A7555D1}

O42 - Logiciel: EzMessenger - (.ASUS.) [HKLM] -- {C72CA49A-9237-4810-8449-45DA3BD26D64}

O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU] -- Facebook Plug-In

O42 - Logiciel: FileZilla Client 3.3.2.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client

O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- {47BACF74-5A07-48BD-BADB-A769550F0F5A}

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {44E54A81-9D91-4AA1-9417-80AFF134F5FF}

O42 - Logiciel: Gestionnaire de Connexion SFR 2009.07 - (.Pas de propriétaire.) [HKLM] -- Gestionnaire de Connexion SFR_is1

O42 - Logiciel: HTC Driver - (.HTC Corporation.) [HKLM] -- {6D6664A9-3342-4948-9B7E-034EFE366F0F}

O42 - Logiciel: HTC Sync - (.HTC Corporation.) [HKLM] -- {F24E832F-44B4-4AC7-AA88-8EF94B9776BC}

O42 - Logiciel: Hofmann 7.0 - (.Hofmann.) [HKLM] -- {A7C2231C-42A2-4BCA-9717-F8FF343C5B01}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {7370DF47-B4F9-4279-BFC3-3F09919F720D}

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI

O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: LiveUpdate - (.Asus.) [HKLM] -- {38E5A3B1-ADF1-47E0-8024-76310A30EB36}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Mozilla Firefox (3.5.11) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.11)

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PowerISO - (.Pas de propriétaire.) [HKLM] -- PowerISO

O42 - Logiciel: Ralink Wireless LAN - (.Ralink.) [HKLM] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB980376) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{48113C06-9BA2-4D54-A731-D1D2C5B3144A}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Skype web features - (.Skype Technologies S.A..) [HKLM] -- {541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}

O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: Spyware Terminator - (.Crawler Inc..) [HKLM] -- Spyware Terminator_is1

O42 - Logiciel: Super Hybrid Engine - (.ASUS.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E}

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: USB2.0 UVC Camera Device - (.UVCPCC.) [HKLM] -- {3FB39BED-37C8-4E60-8E02-315B8C2B07E3}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2410711) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BB5A2EB0-4515-4C6B-A618-A6F6B0AB7BAA}

O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}

O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D6A2DDE3-9D7C-412C-932A-756580D29919}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {63DC2DA0-2A6C-4C38-9249-B75395458657}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {059C042E-796A-4ACC-A81A-ECC2010BB78C}

O42 - Logiciel: Windows Live Sync - (.Microsoft Corporation.) [HKLM] -- {9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {2231CE39-B963-4B9D-823A-F412ECA637B1}

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\Adobe]

[HKCU\Software\Asus]

[HKCU\Software\Avira]

[HKCU\Software\CToolbar]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\HTC]

[HKCU\Software\Hofmann]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Macromedia]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Policies]

[HKCU\Software\PowerISO]

[HKCU\Software\Realtek]

[HKCU\Software\SFR]

[HKCU\Software\Skype]

[HKCU\Software\Spyware Terminator]

[HKCU\Software\Synaptics]

[HKCU\Software\Widcomm]

[HKCU\Software\YahooPartnerToolbar]

[HKLM\Software\ASUS]

[HKLM\Software\Adobe]

[HKLM\Software\AsusTek Computer]

[HKLM\Software\Atheros Communications Inc.]

[HKLM\Software\Atheros]

[HKLM\Software\Avira]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CToolbar]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Creative Tech]

[HKLM\Software\Digital River]

[HKLM\Software\ECAREME]

[HKLM\Software\FileZilla 3]

[HKLM\Software\Gemplus]

[HKLM\Software\HTC]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Macromedia]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\ODBC]

[HKLM\Software\Phonemonitor]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\Ralink]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SFR]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\Skype]

[HKLM\Software\Sonix]

[HKLM\Software\Spyware Terminator]

[HKLM\Software\Synaptics]

[HKLM\Software\Teleca]

[HKLM\Software\UVCPCC]

[HKLM\Software\VideoLAN]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Yahoo]

[HKLM\Software\mozilla.org]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\ASUS

O43 - CFD:Common File Directory ----D- C:\Program Files\Atheros

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications

O43 - CFD:Common File Directory ----D- C:\Program Files\Crawler

O43 - CFD:Common File Directory ----D- C:\Program Files\Dolomynum

O43 - CFD:Common File Directory ----D- C:\Program Files\EeePC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client

O43 - CFD:Common File Directory ----D- C:\Program Files\Hofmann

O43 - CFD:Common File Directory ----D- C:\Program Files\HTC

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office Suite Activation Assistant

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\Norton Internet Security

O43 - CFD:Common File Directory ----D- C:\Program Files\Orange

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\PowerISO

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne

O43 - CFD:Common File Directory ----D- C:\Program Files\SFR

O43 - CFD:Common File Directory R---D- C:\Program Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Spyware Terminator

O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\USB2.0 UVC Camera Device

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\France Telecom

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SNP2UVC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Teleca Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.78EE1200F915817C00FCFD7F4CEF1200] - 05/11/2010 - 17:33:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1747519]

O44 - LFC:[MD5.2E3AE6CC79F3EB961F69B77C563A54EB] - 05/11/2010 - 17:31:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2387149.log [12984]

O44 - LFC:[MD5.F0983B7D251FC11B1BA14542A817CAD7] - 05/11/2010 - 17:30:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2259922.log [12301]

O44 - LFC:[MD5.B7D802F0F5E10ECE4CD023939C98A810] - 05/11/2010 - 17:28:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2296011.log [10281]

O44 - LFC:[MD5.BBB7A18B7A2FCFF8DF6B3E8E48DE699F] - 05/11/2010 - 17:27:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975558.log [11267]

O44 - LFC:[MD5.8074F3E59292AFECCBD11090A0F65F07] - 05/11/2010 - 17:18:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\fsync.log [79425365]

O44 - LFC:[MD5.6B737D3C4B9FB55CC1454D5104843B4C] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2360131-IE8.log [16230]

O44 - LFC:[MD5.8205999675FDEF5E34E432874BF3655F] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log [322607]

O44 - LFC:[MD5.97229A590D5DF540CAED393291BFEB19] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log [149004]

O44 - LFC:[MD5.176EB9938655064767D162357AA7F8DA] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log [1374]

O44 - LFC:[MD5.B34F954F72F915103CAD27C9E40E3A94] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntdtcsetup.log [193577]

O44 - LFC:[MD5.5E850C52A95478086C1B158B2612E8D0] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log [458125]

O44 - LFC:[MD5.248D50D6C124B45672E5DF1757E8AE1A] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log [52141]

O44 - LFC:[MD5.446AC911749220BCA2AC27D2CCD75ADB] - 05/11/2010 - 17:14:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tsoc.log [365292]

O44 - LFC:[MD5.5F4904A9C6FEE044DB41D755E89BAC13] - 05/11/2010 - 17:14:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log [939011]

O44 - LFC:[MD5.A57E99AEA32BA37EB971D529437E9113] - 05/11/2010 - 17:14:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log [47221]

O44 - LFC:[MD5.51AADF144C5BEC37214BBF31C4A86293] - 05/11/2010 - 17:14:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [367576]

O44 - LFC:[MD5.855589BE73961B7132E45E0DDF540F0C] - 05/11/2010 - 17:14:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\updspapi.log [75356]

O44 - LFC:[MD5.C70F511102FF9E396D3D2B7D43438286] - 05/11/2010 - 17:10:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2279986.log [5103]

O44 - LFC:[MD5.C395381554F348D9ADA1D9C627AECC1C] - 05/11/2010 - 17:10:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2345886.log [5234]

O44 - LFC:[MD5.5622EAD2B392910357E2C28670AE4E6C] - 05/11/2010 - 17:09:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982132.log [4859]

O44 - LFC:[MD5.76ED7F4E01A855FDF4C9A6C40E8C7C3C] - 05/11/2010 - 17:09:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2347290.log [4754]

O44 - LFC:[MD5.C0A835E48F1FA20F9985771B67D86591] - 05/11/2010 - 17:09:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB979687.log [4643]

O44 - LFC:[MD5.7F94DF4A31C9DCE05E313D67A1C17C92] - 05/11/2010 - 17:09:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2121546.log [4525]

O44 - LFC:[MD5.073B9246BCCF4ED5034CA849683BC53F] - 05/11/2010 - 17:09:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981322.log [4404]

O44 - LFC:[MD5.250A88E7944ED37623ECF23B30A5BF67] - 05/11/2010 - 17:08:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981957.log [4814]

O44 - LFC:[MD5.8B3611AB60E007F2BCCAF31D0BD812A6] - 05/11/2010 - 17:08:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2141007.log [4228]

O44 - LFC:[MD5.E437127F3B8D1CD66852AC03EDD45D5E] - 05/11/2010 - 17:07:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2158563.log [4831]

O44 - LFC:[MD5.323611E6AAE130A991D0D45787BE1F28] - 05/11/2010 - 17:07:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [601144]

O44 - LFC:[MD5.8A9F3FD520D4691556945EB66A99915A] - 05/11/2010 - 17:07:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2360937.log [9042]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/11/2010 - 17:02:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.78EE1200F915817C00FCFD7F4CEF1200] - 05/11/2010 - 17:01:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [157]

O44 - LFC:[MD5.78EE1200F915817C00FCFD7F4CEF1200] - 05/11/2010 - 17:01:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.761DA00DC27D854EB5AA1B3EEB413725] - 05/11/2010 - 17:01:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [1158]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 05/11/2010 - 17:01:26 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.78EE1200F915817C00FCFD7F4CEF1200] - 02/11/2010 - 22:52:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32530]

 

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:[MD5.1C73F007AD9BEAE9A52BE5B213A44B56] - 02/11/2010 - 21:54:15 ---A- - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf

O45 - LFCP:[MD5.4DA3AD0ACCEA942B60479FEA6B5ECB6D] - 02/11/2010 - 21:54:27 ---A- - C:\WINDOWS\Prefetch\MSCORSVW.EXE-1BF30400.pf

O45 - LFCP:[MD5.9A674FD4B71397C0C84032F16A9DA1D4] - 02/11/2010 - 21:58:13 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4AC80441.pf

O45 - LFCP:[MD5.7C80A4596729C6B7D2B838B569FCE2C4] - 02/11/2010 - 22:52:46 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf

O45 - LFCP:[MD5.FD84BE6FFA4DF1D8DD3755211C2652FD] - 05/11/2010 - 17:02:53 ---A- - C:\WINDOWS\Prefetch\GENERIC.EXE-3338BF21.pf

O45 - LFCP:[MD5.5D11AEC0FD2EFEF0036C587633D7CB26] - 05/11/2010 - 17:02:54 ---A- - C:\WINDOWS\Prefetch\SPYWARETERMINATOR.EXE-0C0A5116.pf

O45 - LFCP:[MD5.BFA3E21CB0D1CC289ED4AB5CA33AA58E] - 05/11/2010 - 17:02:58 ---A- - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf

O45 - LFCP:[MD5.2B6F1BB9D6C723A49F63491904220B51] - 05/11/2010 - 17:03:03 ---A- - C:\WINDOWS\Prefetch\CLIENTINITIATEDSTARTER.EXE-0DC6A294.pf

O45 - LFCP:[MD5.F1D7F6264E748EB740983BD2E80E12EB] - 05/11/2010 - 17:03:04 ---A- - C:\WINDOWS\Prefetch\EPMWORKER.EXE-05100903.pf

O45 - LFCP:[MD5.805EF987F57D3916DC1660C4D3D4B99B] - 05/11/2010 - 17:03:04 ---A- - C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf

O45 - LFCP:[MD5.8AF651ACB35C0FF93A6387B3D1379550] - 05/11/2010 - 17:03:06 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf

O45 - LFCP:[MD5.B4D46F5A85EFD8DFDBCB952D4E7C04C7] - 05/11/2010 - 17:03:06 ---A- - C:\WINDOWS\Prefetch\DBGOUT.EXE-050E725D.pf

O45 - LFCP:[MD5.D69B8D6C1AF135D9713D9FD92AEF3959] - 05/11/2010 - 17:03:16 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf

O45 - LFCP:[MD5.60DE35167F58199590DDAFF334570628] - 05/11/2010 - 17:03:18 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf

O45 - LFCP:[MD5.3D3D386819E524604081B511114A847E] - 05/11/2010 - 17:03:19 ---A- - C:\WINDOWS\Prefetch\HTCVBTSERVER.EXE-171D7AD0.pf

O45 - LFCP:[MD5.41449C9A12747BC78F374302D0FBC66C] - 05/11/2010 - 17:03:29 ---A- - C:\WINDOWS\Prefetch\EEESTORAGECOMMANDER.EXE-1391D0D2.pf

O45 - LFCP:[MD5.06A02CDAA7C02449B1BE487BE28B6B0B] - 05/11/2010 - 17:03:44 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-2577D203.pf

O45 - LFCP:[MD5.8FFD750E0CAC7F3EAD7CED25E121E628] - 05/11/2010 - 17:03:48 ---A- - C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf

O45 - LFCP:[MD5.884E545C5D384F946D90877FC237118A] - 05/11/2010 - 17:03:51 ---A- - C:\WINDOWS\Prefetch\CTOOLBAR.EXE-30BB9B12.pf

O45 - LFCP:[MD5.787CD856CF0128CDFCA652117DBB7033] - 05/11/2010 - 17:04:12 ---A- - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-05ED5FD8.pf

O45 - LFCP:[MD5.377AC71DD98AE068029CCAEC041DEFF1] - 05/11/2010 - 17:05:51 ---A- - C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf

O45 - LFCP:[MD5.67E809C944A0E047E87C0A3853940700] - 05/11/2010 - 17:06:44 ---A- - C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf

O45 - LFCP:[MD5.C53A1FBF4A41AB870359515B96B859B0] - 05/11/2010 - 17:06:52 ---A- - C:\WINDOWS\Prefetch\JUCHECK.EXE-395165C8.pf

O45 - LFCP:[MD5.B562468AFE1D5E4AF685659C9EE49F9F] - 05/11/2010 - 17:07:17 ---A- - C:\WINDOWS\Prefetch\JAVAW.EXE-2DC32ABC.pf

O45 - LFCP:[MD5.223B68453580E23DDA2C13D21F9B92E2] - 05/11/2010 - 17:07:18 ---A- - C:\WINDOWS\Prefetch\JAVAWS.EXE-021AC9A9.pf

O45 - LFCP:[MD5.65CB27C619733BAEE968DACB5349665A] - 05/11/2010 - 17:08:43 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-187A1067.pf

O45 - LFCP:[MD5.C6D9FF34BC23DE0DE192AF5A509804AC] - 05/11/2010 - 17:08:54 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf

O45 - LFCP:[MD5.C89C2B681EB0A03D51FFBF8D7B002296] - 05/11/2010 - 17:08:55 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-363912A9.pf

O45 - LFCP:[MD5.7DB3D1441310CA6E764DFB0EDF6C75D5] - 05/11/2010 - 17:09:06 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C8116DA.pf

O45 - LFCP:[MD5.2D64D861762B17E9D45E80DC15F9E940] - 05/11/2010 - 17:09:17 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-16FFEC3B.pf

O45 - LFCP:[MD5.C560F92BB3FC7CB5CC48A820D26BF6CE] - 05/11/2010 - 17:09:36 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-1FC35698.pf

O45 - LFCP:[MD5.A66B32DBE97CBB03E449F4B3FD45D3CB] - 05/11/2010 - 17:09:49 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0441BC61.pf

O45 - LFCP:[MD5.CCAD25AE9BDD1D09174C926D0720A4BD] - 05/11/2010 - 17:16:44 ---A- - C:\WINDOWS\Prefetch\MSIPATCHREGFIX-X86.EXE-2ADB4CCC.pf

O45 - LFCP:[MD5.D4303BC9C6C842C438E70AD7C95375C6] - 05/11/2010 - 17:17:33 ---A- - C:\WINDOWS\Prefetch\FSYNSRVSTARTER.EXE-19ED4DC0.pf

O45 - LFCP:[MD5.2FC0AC18A1F0ACB1F20F8EDFD126D9DE] - 05/11/2010 - 17:17:57 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf

O45 - LFCP:[MD5.967D2C81507F03AE98BBACECEE9B07E5] - 05/11/2010 - 17:18:16 ---A- - C:\WINDOWS\Prefetch\AVWSC.EXE-0283F9DD.pf

O45 - LFCP:[MD5.D36DBA25D98130D2C066C33E5780F4CD] - 05/11/2010 - 17:18:30 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf

O45 - LFCP:[MD5.422082D5A50A7868EF6645B53422F787] - 05/11/2010 - 17:18:31 ---A- - C:\WINDOWS\Prefetch\MSOHTMED.EXE-0712ED38.pf

 

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

 

 

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe

O47 - AAKE:Key Export SP - "C:\Program Files\SFR\Gestionnaire de Connexion SFR\ABCd.exe" [Enabled] .(.SFR - Gestionnaire de connexion SFR.) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\ABCd.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" [Enabled] .(.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe

 

 

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

 

 

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{19d7bc66-e9ae-11de-97a2-0025d38f66f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\AutoRunCardDetector.exe

O51 - MPSK:{68339d58-ec15-11de-97ae-0025d38f66f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\Vodaphone_uninstaller.exe

O51 - MPSK:{68339d59-ec15-11de-97ae-0025d38f66f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\Vodaphone_uninstaller.exe

O51 - MPSK:{cb55fed8-eb45-11de-97a9-0025d38f66f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\Vodaphone_uninstaller.exe

O51 - MPSK:{dd5ec6f8-eb47-11de-97aa-0025d38f66f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\Vodaphone_uninstaller.exe

O51 - MPSK:{dd5ec6fb-eb47-11de-97aa-0025d38f66f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\Vodaphone_uninstaller.exe

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\MsnMsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 05/08/2008 - 13:10:12 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\Ambfilt.sys

O58 - SDL:[MD5.12415A4B61DED200FE9932B47A35FA42] - 08/04/2008 - 14:59:28 ---A- . (.ASUSTeK Computer Inc. - ASUS ACPI Device Driver.) -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 11/12/2009 - 21:38:57 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys

O58 - SDL:[MD5.C21362BB5A22CE4B40A7B475254F858C] - 11/06/2008 - 07:14:24 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth IT Manager Filter.) -- C:\WINDOWS\system32\drivers\btwsecfl.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 14/04/2008 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.4183BE439981BBC77EF2C1D66629F124] - 17/02/2009 - 16:17:56 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\system32\drivers\ewdcsc.sys

O58 - SDL:[MD5.48E66DBB523A52D6320B0DF70B7E213C] - 17/02/2009 - 16:17:56 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\drivers\ewusbfake.sys

O58 - SDL:[MD5.53F1160666435151B6FCF89D015FE620] - 17/02/2009 - 16:17:56 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys

O58 - SDL:[MD5.330A8465CA49BCA1911D6BC8A8AF18AD] - 17/02/2009 - 16:17:56 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\WINDOWS\system32\drivers\ewusbnet.sys

O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - 13:00:00 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys

O58 - SDL:[MD5.8EF427C54497C5F8A7A645990E4278C7] - 12/09/2008 - 06:32:56 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\system32\drivers\iaStor.sys

O58 - SDL:[MD5.0F68E2EC713F132FFB19E45415B09679] - 19/12/2007 - 16:32:12 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys

O58 - SDL:[MD5.6C8658587E91EA25B0FD2E71781AD228] - 02/03/2009 - 06:03:47 ---A- . (.Atheros Communications, Inc. - Atheros AR8131/AR8132 PCI-E Ethernet Controller ndis miniport d.) -- C:\WINDOWS\system32\drivers\l1c51x86.sys

O58 - SDL:[MD5.62C212678CA063DA233ED4B0B6FC9162] - 17/02/2009 - 16:17:56 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys

O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 04/01/2006 - 08:41:48 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\Monfilt.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 14/04/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 14/04/2008 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.97B59CE2CFBB0884A16DDD8F1781812B] - 10/07/2009 - 20:33:36 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2860.sys

O58 - SDL:[MD5.9037C8BD3E896D7F2803A171FDEAEEF4] - 27/04/2009 - 12:26:44 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys

O58 - SDL:[MD5.612A3D69E603DBBE5C3C1079186A0393] - 07/08/2007 - 01:15:07 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\WINDOWS\system32\drivers\scdemu.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/04/2008 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.866DDC29E885C0390493569FE4269170] - 29/12/2008 - 16:13:30 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\WINDOWS\system32\drivers\sncduvc.sys

O58 - SDL:[MD5.473F35E2A378B854731E67C377A3BEA7] - 13/03/2009 - 15:32:18 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\WINDOWS\system32\drivers\snp2uvc.sys

O58 - SDL:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 01/05/2010 - 21:28:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/05/2009 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.8E25A1DBB8527B2074AF9B682F818768] - 09/04/2009 - 14:14:28 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 14/04/2008 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.C019889035CDC1A06F2FEBC93CBB6897] - 19/11/2008 - 09:21:28 ---A- . (.GenesysLogic Technologies, Inc. - uvclf.sys.) -- C:\WINDOWS\system32\drivers\uvclf.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.5822531669848F1CB9727B9A246E3A7A] - 20/01/2009 - 11:10:36 ---A- . (.Nicomsoft Ltd. - Advanced WiFi-Manager Kernel Mode Driver.) -- C:\WINDOWS\system32\drivers\wifimanio.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.E0EE769D14128014965E03B433F5F46E] - 13/03/2009 - 22:05:26 ---A- . (.Atheros Communications, Inc. - Driver for Atheros AR5008 Wireless Network Adapter.) -- C:\WINDOWS\system32\athw.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 14/04/2008 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 31/10/2008 - 17:58:50 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys

O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 31/10/2008 - 17:58:50 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 02/11/2010 - 21:35:13 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\GE\CAPMAN-1.3.0.176-1.TXT [2097230]

O61 - LFC:Last File Created 02/11/2010 - 21:35:23 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\GE\DM-1.6.0.555-1.TXT [2097152]

O61 - LFC:Last File Created 02/11/2010 - 21:36:53 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\a6837d39.avl [1530]

O61 - LFC:Last File Created 02/11/2010 - 21:36:55 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-11-02-21-36-48.log [10396]

O61 - LFC:Last File Created 02/11/2010 - 21:56:19 -SHA- C:\Documents And Settings\emmanuelle duval\Local Settings\Historique\History.IE5\MSHist012010110220101103\index.dat [32768]

O61 - LFC:Last File Created 02/11/2010 - 21:57:13 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\default\cachesection [167219]

O61 - LFC:Last File Created 02/11/2010 - 22:00:41 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [1441]

O61 - LFC:Last File Created 02/11/2010 - 22:20:11 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\InstantHistory.xml [304]

O61 - LFC:Last File Created 02/11/2010 - 22:28:01 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\cacheData.rdf [209951]

O61 - LFC:Last File Created 02/11/2010 - 22:44:10 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\webappsstore.sqlite [9216]

O61 - LFC:Last File Created 02/11/2010 - 22:44:54 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Macromedia\Flash Player\#SharedObjects\NTV5BF5C\mail.google.com\wakeup.sol [37]

O61 - LFC:Last File Created 02/11/2010 - 22:52:21 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\bookmarkbackups\bookmarks-2010-11-02.json [14904]

O61 - LFC:Last File Created 02/11/2010 - 22:52:21 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\prefs.js [8134]

O61 - LFC:Last File Created 02/11/2010 - 22:52:22 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\cookies.sqlite [369664]

O61 - LFC:Last File Created 02/11/2010 - 22:52:22 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\cookies.sqlite-journal [115064]

O61 - LFC:Last File Created 02/11/2010 - 22:52:22 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\sessionstore.bak [155730]

O61 - LFC:Last File Created 02/11/2010 - 22:52:22 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\urlclassifier3.sqlite [33124352]

O61 - LFC:Last File Created 02/11/2010 - 22:52:48 -SH-- C:\Documents And Settings\emmanuelle duval\ntuser.ini [184]

O61 - LFC:Last File Created 05/11/2010 - 17:01:27 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 05/11/2010 - 17:01:27 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 05/11/2010 - 17:01:29 -SHA- C:\Documents And Settings\emmanuelle duval\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 05/11/2010 - 17:01:30 -SHA- C:\Documents And Settings\emmanuelle duval\Application Data\Microsoft\Credentials\S-1-5-21-1503390583-3582739439-348373840-1006\Credentials [524]

O61 - LFC:Last File Created 05/11/2010 - 17:01:30 -SHA- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1503390583-3582739439-348373840-1006\Credentials [402]

O61 - LFC:Last File Created 05/11/2010 - 17:02:37 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\avguard.log [2868922]

O61 - LFC:Last File Created 05/11/2010 - 17:02:41 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\teleca_common_log.txt [263289]

O61 - LFC:Last File Created 05/11/2010 - 17:02:42 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\Application logs\appLauncher_all_log.txt [148821]

O61 - LFC:Last File Created 05/11/2010 - 17:02:54 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\GE\CAPMAN-1.3.0.176.TXT [1902938]

O61 - LFC:Last File Created 05/11/2010 - 17:02:54 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\LOGGER.TXT [1981338]

O61 - LFC:Last File Created 05/11/2010 - 17:03:03 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\GE\DM-1.6.0.555.TXT [91316]

O61 - LFC:Last File Created 05/11/2010 - 17:03:03 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Teleca\Telecalib\Logging\GE\HookStarter-1.1.0.88.TXT [1000450]

O61 - LFC:Last File Created 05/11/2010 - 17:03:12 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\SharedFiles\SPT_38_DB_4.011.005.0000.torrent [2600]

O61 - LFC:Last File Created 05/11/2010 - 17:03:12 -S-A- C:\Documents And Settings\emmanuelle duval\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 [898]

O61 - LFC:Last File Created 05/11/2010 - 17:03:13 -S-A- C:\Documents And Settings\emmanuelle duval\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 [94]

O61 - LFC:Last File Created 05/11/2010 - 17:03:14 -S-A- C:\Documents And Settings\emmanuelle duval\Application Data\Microsoft\CryptnetUrlCache\Content\5C45AD19E3530EC4218F560AFC04C3F7 [533]

O61 - LFC:Last File Created 05/11/2010 - 17:03:14 -S-A- C:\Documents And Settings\emmanuelle duval\Application Data\Microsoft\CryptnetUrlCache\MetaData\5C45AD19E3530EC4218F560AFC04C3F7 [118]

O61 - LFC:Last File Created 05/11/2010 - 17:03:15 -S-A- C:\Documents And Settings\emmanuelle duval\Application Data\Microsoft\CryptnetUrlCache\Content\B171751C11ECDD4C0C4BC4BBF7B99FBF [44933]

O61 - LFC:Last File Created 05/11/2010 - 17:03:16 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\SharedFiles\SPT_38_DB_4.011.005.0000.ini [293]

O61 - LFC:Last File Created 05/11/2010 - 17:03:16 -S-A- C:\Documents And Settings\emmanuelle duval\Application Data\Microsoft\CryptnetUrlCache\MetaData\B171751C11ECDD4C0C4BC4BBF7B99FBF [128]

O61 - LFC:Last File Created 05/11/2010 - 17:03:21 -SHA- C:\Documents And Settings\emmanuelle duval\IETldCache\index.dat [262144]

O61 - LFC:Last File Created 05/11/2010 - 17:03:29 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates\0\update.status [12]

O61 - LFC:Last File Created 05/11/2010 - 17:03:30 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\active-update.xml [1275]

O61 - LFC:Last File Created 05/11/2010 - 17:03:31 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates.xml [7038]

O61 - LFC:Last File Created 05/11/2010 - 17:03:34 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\sched.log [509016]

O61 - LFC:Last File Created 05/11/2010 - 17:03:38 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\ApplicationHistory\EeeStorageCommander.exe.e655d1c5.ini [1076]

O61 - LFC:Last File Created 05/11/2010 - 17:03:41 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384]

O61 - LFC:Last File Created 05/11/2010 - 17:03:41 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [16384]

O61 - LFC:Last File Created 05/11/2010 - 17:04:00 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\XUL.mfl [1641550]

O61 - LFC:Last File Created 05/11/2010 - 17:04:28 ---A- C:\Documents And Settings\emmanuelle duval\Cookies\emmanuelle_duval@notifier.avira[3].txt [357]

O61 - LFC:Last File Created 05/11/2010 - 17:04:35 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\_CACHE_001_ [400188]

O61 - LFC:Last File Created 05/11/2010 - 17:04:35 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\_CACHE_002_ [196942]

O61 - LFC:Last File Created 05/11/2010 - 17:04:35 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\_CACHE_003_ [559504]

O61 - LFC:Last File Created 05/11/2010 - 17:04:41 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\_CACHE_MAP_ [276]

O61 - LFC:Last File Created 05/11/2010 - 17:04:42 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Macromedia\Flash Player\#SharedObjects\NTV5BF5C\static.pepitastore.com\DBA.sol [144]

O61 - LFC:Last File Created 05/11/2010 - 17:05:08 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\urlclassifierkey3.txt [154]

O61 - LFC:Last File Created 05/11/2010 - 17:05:13 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\C84C2D38d01 [17050]

O61 - LFC:Last File Created 05/11/2010 - 17:05:15 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\0B3D8F1Cd01 [37283]

O61 - LFC:Last File Created 05/11/2010 - 17:05:17 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\default\useropt [18]

O61 - LFC:Last File Created 05/11/2010 - 17:05:17 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\default\ybcache [25259]

O61 - LFC:Last File Created 05/11/2010 - 17:05:18 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\default\app.html [70327]

O61 - LFC:Last File Created 05/11/2010 - 17:05:20 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\default\ytoolbar.xml [61721]

O61 - LFC:Last File Created 05/11/2010 - 17:05:20 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\E0E51636d01 [69049]

O61 - LFC:Last File Created 05/11/2010 - 17:05:27 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\5F35402Ad01 [40164]

O61 - LFC:Last File Created 05/11/2010 - 17:05:32 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\1F3208D7d01 [37200]

O61 - LFC:Last File Created 05/11/2010 - 17:05:37 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\2086E388d01 [70102]

O61 - LFC:Last File Created 05/11/2010 - 17:05:38 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\51A095C7d01 [37830]

O61 - LFC:Last File Created 05/11/2010 - 17:05:46 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\95DABCD1d01 [28347]

O61 - LFC:Last File Created 05/11/2010 - 17:05:48 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\ED18898Bd01 [86805]

O61 - LFC:Last File Created 05/11/2010 - 17:05:54 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\632B41C2d01 [112465]

O61 - LFC:Last File Created 05/11/2010 - 17:06:07 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\400ED652d01 [31177]

O61 - LFC:Last File Created 05/11/2010 - 17:06:14 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\85452326d01 [76345]

O61 - LFC:Last File Created 05/11/2010 - 17:06:14 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\DB57E595d01 [108177]

O61 - LFC:Last File Created 05/11/2010 - 17:06:15 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\426EF745d01 [22169]

O61 - LFC:Last File Created 05/11/2010 - 17:06:15 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\42B1AC72d01 [18962]

O61 - LFC:Last File Created 05/11/2010 - 17:06:15 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\D26EF741d01 [22274]

O61 - LFC:Last File Created 05/11/2010 - 17:06:15 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\E2EEF2C0d01 [16750]

O61 - LFC:Last File Created 05/11/2010 - 17:06:18 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\23F65D93d01 [35143]

O61 - LFC:Last File Created 05/11/2010 - 17:06:18 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\ABF27A12d01 [20025]

O61 - LFC:Last File Created 05/11/2010 - 17:06:18 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\BF616BD8d01 [20956]

O61 - LFC:Last File Created 05/11/2010 - 17:06:20 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\14435BA9d01 [45926]

O61 - LFC:Last File Created 05/11/2010 - 17:06:28 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\24E4B791d01 [80072]

O61 - LFC:Last File Created 05/11/2010 - 17:06:29 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\0D252465d01 [22892]

O61 - LFC:Last File Created 05/11/2010 - 17:06:29 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\B8CC4006d01 [24096]

O61 - LFC:Last File Created 05/11/2010 - 17:06:29 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\F84525D9d01 [36165]

O61 - LFC:Last File Created 05/11/2010 - 17:06:30 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\default\feed [42406]

O61 - LFC:Last File Created 05/11/2010 - 17:06:33 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-app_wea.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:33 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-inac2.json [48]

O61 - LFC:Last File Created 05/11/2010 - 17:06:33 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-inac_srch.json [48]

O61 - LFC:Last File Created 05/11/2010 - 17:06:33 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-wet_new.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:33 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-wet_new6.json [48]

O61 - LFC:Last File Created 05/11/2010 - 17:06:34 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-app_ebay.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:34 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-app_hor.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:34 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-app_mov.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:35 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-app_spo.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:35 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-needroom.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:35 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-srch_dict.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:35 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\etp-srch_flk.json [49]

O61 - LFC:Last File Created 05/11/2010 - 17:06:36 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Yahoo! Inc\ytoolbar\default\mastermanifest.xml [385]

O61 - LFC:Last File Created 05/11/2010 - 17:06:46 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Temp\au-descriptor-1.6.0_22-b04.xml [7780]

O61 - LFC:Last File Created 05/11/2010 - 17:07:08 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Temp\jusched.log [444357]

O61 - LFC:Last File Created 05/11/2010 - 17:07:15 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Temp\java_install_reg.log [23081]

O61 - LFC:Last File Created 05/11/2010 - 17:07:18 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Sun\Java\Deployment\cache\6.0\32\6c34baa0-597165ce.idx [488]

O61 - LFC:Last File Created 05/11/2010 - 17:08:07 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\e6784770.avl [1536]

O61 - LFC:Last File Created 05/11/2010 - 17:08:08 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-11-05-17-03-40.log [33672]

O61 - LFC:Last File Created 05/11/2010 - 17:08:10 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\JOBS\updjob.avj [1476]

O61 - LFC:Last File Created 05/11/2010 - 17:08:25 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\EA38BEB2d01 [34285]

O61 - LFC:Last File Created 05/11/2010 - 17:08:26 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\09519773d01 [55225]

O61 - LFC:Last File Created 05/11/2010 - 17:08:26 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\9844162Ed01 [26209]

O61 - LFC:Last File Created 05/11/2010 - 17:08:59 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\EB731348d01 [23107]

O61 - LFC:Last File Created 05/11/2010 - 17:09:05 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\6890AD58d01 [144146]

O61 - LFC:Last File Created 05/11/2010 - 17:09:19 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\F6879123d01 [21286]

O61 - LFC:Last File Created 05/11/2010 - 17:10:14 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [5485]

O61 - LFC:Last File Created 05/11/2010 - 17:10:14 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [5899]

O61 - LFC:Last File Created 05/11/2010 - 17:10:55 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\45CC903Fd01 [146374]

O61 - LFC:Last File Created 05/11/2010 - 17:11:16 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\downloads.sqlite [174080]

O61 - LFC:Last File Created 05/11/2010 - 17:11:16 ---A- C:\Documents And Settings\emmanuelle duval\Mes documents\Téléchargements\ZHPDiag.exe [2233037]

O61 - LFC:Last File Created 05/11/2010 - 17:11:22 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\localstore.rdf [7473]

O61 - LFC:Last File Created 05/11/2010 - 17:11:26 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\XPC.mfl [2535910]

O61 - LFC:Last File Created 05/11/2010 - 17:12:08 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\832AED33d01 [174078]

O61 - LFC:Last File Created 05/11/2010 - 17:12:12 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\6EAABAA3d01 [166610]

O61 - LFC:Last File Created 05/11/2010 - 17:13:15 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\22380EFBd01 [88706]

O61 - LFC:Last File Created 05/11/2010 - 17:13:17 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\355FAC0Bd01 [170271]

O61 - LFC:Last File Created 05/11/2010 - 17:13:25 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\blocklist.xml [4496]

O61 - LFC:Last File Created 05/11/2010 - 17:14:25 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\B6ED0793d01 [24262]

O61 - LFC:Last File Created 05/11/2010 - 17:14:26 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\68E7744Cd01 [36010]

O61 - LFC:Last File Created 05/11/2010 - 17:14:26 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\7EDA5DC5d01 [74768]

O61 - LFC:Last File Created 05/11/2010 - 17:14:35 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\ZHP\ZHPDiag.lnk [439]

O61 - LFC:Last File Created 05/11/2010 - 17:14:42 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Spyware Terminator\BIN_STRSBW.SPT [320]

O61 - LFC:Last File Created 05/11/2010 - 17:15:42 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\C61F3B0Ed01 [105042]

O61 - LFC:Last File Created 05/11/2010 - 17:15:45 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\3E285F38d01 [132814]

O61 - LFC:Last File Created 05/11/2010 - 17:15:47 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\9785E97Dd01 [118053]

O61 - LFC:Last File Created 05/11/2010 - 17:16:50 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\C44843C7d01 [92656]

O61 - LFC:Last File Created 05/11/2010 - 17:16:53 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\Cache\116000FAd01 [145092]

O61 - LFC:Last File Created 05/11/2010 - 17:18:54 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\sessionstore.js [250598]

O61 - LFC:Last File Created 05/11/2010 - 17:20:00 --HA- C:\Documents And Settings\All Users\Application Data\Microsoft Help\Hx.hxn [382]

O61 - LFC:Last File Created 05/11/2010 - 17:20:00 --HA- C:\Documents And Settings\All Users\Application Data\Microsoft Help\nslist.hxl [6960]

O61 - LFC:Last File Created 05/11/2010 - 17:25:08 ---A- C:\Documents And Settings\Default User\Cookies\index.dat [16384]

O61 - LFC:Last File Created 05/11/2010 - 17:25:08 ---A- C:\Documents And Settings\Default User\Local Settings\Historique\History.IE5\index.dat [32768]

O61 - LFC:Last File Created 05/11/2010 - 17:26:14 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\SharedFiles\SPT_38_DB_4.011.005.0000.cab [30065396]

O61 - LFC:Last File Created 05/11/2010 - 17:28:46 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\formhistory.sqlite [122880]

O61 - LFC:Last File Created 05/11/2010 - 17:29:29 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\places.sqlite [11927552]

O61 - LFC:Last File Created 05/11/2010 - 17:33:39 ---A- C:\Documents And Settings\emmanuelle duval\Cookies\index.dat [49152]

O61 - LFC:Last File Created 05/11/2010 - 17:33:39 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Historique\History.IE5\index.dat [114688]

O61 - LFC:Last File Created 05/11/2010 - 17:33:39 -SHA- C:\Documents And Settings\emmanuelle duval\Local Settings\Historique\History.IE5\MSHist012010110520101106\index.dat [32768]

O61 - LFC:Last File Created 05/11/2010 - 17:33:56 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Spyware Terminator\info.htm [9797]

O61 - LFC:Last File Created 05/11/2010 - 17:33:56 ---A- C:\Documents And Settings\emmanuelle duval\Cookies\emmanuelle_duval@www.spywareterminator[2].txt [81]

O61 - LFC:Last File Created 05/11/2010 - 17:34:50 ---A- C:\Documents And Settings\emmanuelle duval\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates\0\update.mar [1200000]

O61 - LFC:Last File Created 05/11/2010 - 17:35:41 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Spyware Terminator\BIN_STREVIEWS.SPT [145781]

O61 - LFC:Last File Created 05/11/2010 - 17:39:00 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\EVENTDB\avevtdb.dbe [7168]

O61 - LFC:Last File Created 05/11/2010 - 17:39:15 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\BIN_STFDB.SPT [64331]

O61 - LFC:Last File Created 05/11/2010 - 17:39:29 ---A- C:\Documents And Settings\emmanuelle duval\Application Data\Mozilla\Firefox\Profiles\kt0u9ycc.default\places.sqlite-journal [0]

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS

O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32

O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC

O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP

O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - C:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - C:\Windows\system32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fltMgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fssfltr_tdi.sys - FssFltr (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV

O64 - Services: CurCS - C:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER

O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC

O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (LanmanServer) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MODEM.sys - modem (modem) .(.Pas de propriétaire - Pas de description.) - LEGACY_MODEM

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER

O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe - Office Source Engine (ose) .(.Microsoft Corporation - Office Source Engine.) - LEGACY_OSE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM

O64 - Services: CurCS - C:\WINDOWS\system32\PCAMPR5.sys - PCAMPR5 NDIS Protocol Driver (PCAMPR5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMPR5

O64 - Services: CurCS - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - C:\WINDOWS\system32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SCDEMU.sys - SCDEmu (SCDEmu) .(.Pas de propriétaire - Pas de description.) - LEGACY_SCDEMU

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE

O64 - Services: CurCS - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - SeaPort (SeaPort) .(.Microsoft Corporation - Microsoft SeaPort Search Enhancement Broker.) - LEGACY_SEAPORT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SERIAL.sys - Serial (Serial) .(.Pas de propriétaire - Pas de description.) - LEGACY_SERIAL

O64 - Services: CurCS - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe - Service SFR Gestionnaire Connexion (ServiceSFRABCD) .(.SFR & Celliance - Service Windows SFR ABCd.) - LEGACY_SERVICESFRABCD

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION

O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\sp_rsdrv2.sys - Spyware Terminator Driver 2 (sp_rsdrv2) .(.Pas de propriétaire - Pas de description.) - LEGACY_SP_RSDRV2

O64 - Services: CurCS - C:\Program Files\Spyware Terminator\sp_rsser.exe - Spyware Terminator Realtime Shield Service (sp_rssrv) .(.Crawler.com - Spyware Terminator Realtime Shield Service.) - LEGACY_SP_RSSRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP

O64 - Services: CurCS - C:\Windows\system32\Drivers\wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF Dynamic.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT

O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC

 

 

---\\ Liste des fichiers non signés (LUF) (O65)

O65 - LUF:14/04/2008 (.Pas de propriétaire - Module CompatUI.) (1, 0, 0, 1) - c:\windows\system32\compatUI.dll

O65 - LUF:16/02/2009 (. - InstallUtil.) (1, 0, 7, 0) - c:\windows\system32\csnp2uvc.dll

O65 - LUF:14/04/2008 (.Pas de propriétaire - Application dvdplay.) (1, 0, 0, 2) - c:\windows\system32\dvdplay.exe

O65 - LUF:14/04/2008 (.Pas de propriétaire - PaqSP Module.) (2, 0, 0, 0) - c:\windows\system32\paqsp.dll

O65 - LUF:11/12/2008 (. - ResourceDLL.) (1, 1, 4, 0) - c:\windows\system32\rsnp2uvc.dll

O65 - LUF:13/03/2009 (.Pas de propriétaire - UVC Camera Streaming Driver.) (2, 2, 1, 0) - c:\windows\system32\drivers\snp2uvc.sys

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - Bing

O69 - SBI: SearchScopes [HKCU] {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (Recherche Crawler) - Crawler.com

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\appmgmts.dll [0]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496]

O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77824]

O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464]

O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]

O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488]

O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040]

O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952]

O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\System32\hidserv.dll [21504]

O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768]

O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096]

O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792]

O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144]

O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808]

O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248]

O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]

O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800]

O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [249856]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]

O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176]

O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]

O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]

O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024]

O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]

O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 13/05/2009 108289 | C:\Program Files\Avira\AntiVir Desktop\sched.exe (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 21/07/2009 185089 | C:\Program Files\Avira\AntiVir Desktop\avguard.exe (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SS - | Demand 14/04/2008 225280 | C:\WINDOWS\System32\dmadmin.exe (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SR - | Auto 19/11/2009 153376 | C:\Program Files\Java\jre6\bin\jqs.exe (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe

SS - | Demand 14/04/2008 13312 | C:\WINDOWS\system32\lsass.exe (Netlogon) . (.Microsoft Corporation.) - C:\WINDOWS\system32\lsass.exe

SS - | Demand 14/04/2008 13312 | C:\WINDOWS\system32\lsass.exe (NtLmSsp) . (.Microsoft Corporation.) - C:\WINDOWS\system32\lsass.exe

SR - | Auto 14/04/2008 13312 | C:\WINDOWS\system32\lsass.exe (PolicyAgent) . (.Microsoft Corporation.) - C:\WINDOWS\system32\lsass.exe

SR - | Auto 14/04/2008 13312 | C:\WINDOWS\system32\lsass.exe (ProtectedStorage) . (.Microsoft Corporation.) - C:\WINDOWS\system32\lsass.exe

SR - | Auto 14/04/2008 13312 | C:\WINDOWS\system32\lsass.exe (SamSs) . (.Microsoft Corporation.) - C:\WINDOWS\system32\lsass.exe

SR - | Auto 19/05/2009 240512 | C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

SR - | Auto 03/07/2009 643512 | C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe (ServiceSFRABCD) . (.SFR & Celliance.) - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe

SR - | Auto 01/05/2010 488960 | C:\Program Files\Spyware Terminator\sp_rsser.exe (sp_rssrv) . (.Crawler.com.) - C:\Program Files\Spyware Terminator\sp_rsser.exe

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by emmanuelle duval at 05/11/2010 17:44:20

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys

C:\WINDOWS\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8655B030]

3 CLASSPNP[0xF75C8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000067[0x86576B28]

5 ACPI[0xF745E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-0[0x8655C028]

kernel: MBR read successfully

user & kernel MBR OK

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog

Run by emmanuelle duval at 05/11/2010 17:44:24

149 GB \\.\PhysicalDrive0 Windows XP MBR code detected

Dump file Name : C:\Program Files\ZHPDiag\MBRDump_11-05-10_17-44-24_PhysicalDrive0.bin

 

 

 

End of the scan (1212 lines in 04mn 51s)(0)

[pear]

Bonsoir,

 

Pas d'infection visible.

Voyons s'il y a quelque chose de caché:

 

Recherche de rootkit

Téléchargez RootRepeal

Désactiver les modules résidents:l'antivirus,antispyware ,Parefeu

Pour cela:

Démarrer->Exécuter->Msconfig->Démarrage : décochez les protections

Vous devez avoir les droits Administrateur

 

Installez RootRepeal , cliquez sur *Settings->Options*

Onglet "Général Cochez->Only suspicious ..

. [Driver scan] ... [Files scan] ... [Processes scan] ... [sSDT scan] (v. 1.1.0)

aucune raison de changer les paramètres standards.

 

Dans le [ File Scan ] l'option [X] [ Check for file size differences ] est celle qui permet la détection des fichiers dont la taille a été modifiée comme le fait par exemple le rootkit "Rustock.C". Il est donc fortement conseillé de ne pas la désactiver.

 

Dans le [ SSDT scan ], l'option [X] [ Check for hooked SYSENTER/INT 2E ] permet le scan des appels au système par SYSENTER ou INT 2E.

 

Choix des scans (boutons de sélection en bas, à gauche).

 

Chaque option comporte deux boutons [ Scan ] pour lancer l'analyse et [ Save Report ]qui permet d'enregistrer le rapport au format « .txt » dans le répertoire choisi (éventuellement dans le répertoire de démarrage de RootRepeal).

 

[ Report ]permet d'enchaîner plusieurs ou toutes les fonctions précédentes.

Cliquez [select scan]

Dans la fenêtre qui s'ouvre, sélectionner les options à exécuter(Cochez tout).

 

Un choix des partitions du disque est possible dans la fenêtre [select drives].

Cliquez sur Save Report

Lancez le scan,

Si RootRepeal ne trouve rien , il affichera ceci:

 

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2009/08/04 18:47

Program Version: Version 1.3.2.0

Windows Version: Windows XP SP3

==================================================

 

Drivers

-------------------

Name: rootrepeal.sys

Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys

Address: 0xEB27E000 Size: 49152 File Visible: No Signed: -

Status: -

==EOF==

 

Cliquez Save reports , cliquez sur Bureau et nommez le fichier root.txt

[alky]

Bonsoir, Désolé pour le temps de réponse...

 

Voici le rapport (merci pour l aide)

 

 

 

 

 

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2010/11/15 23:14

Program Version: Version 1.3.5.0

Windows Version: Windows XP SP3

==================================================

 

Drivers

-------------------

Name: dump_iaStor.sys

Image Path: C:\WINDOWS\System32\Drivers\dump_iaStor.sys

Address: 0xA2EED000 Size: 892928 File Visible: No Signed: -

Status: -

 

Name: rootrepeal.sys

Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys

Address: 0xA2721000 Size: 49152 File Visible: No Signed: -

Status: -

 

Hidden/Locked Files

-------------------

Path: c:\documents and settings\emmanuelle duval\local settings\application data\mozilla\firefox\profiles\kt0u9ycc.default\cache\89909901d01

Status: Size mismatch (API: 1064960, Raw: 933888)

 

SSDT

-------------------

#: 025 Function Name: NtClose

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307f88e

 

#: 037 Function Name: NtCreateFile

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307f0ec

 

#: 041 Function Name: NtCreateKey

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307edce

 

#: 050 Function Name: NtCreateSection

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa3080938

 

#: 053 Function Name: NtCreateThread

Status: Hooked by "<unknown>" at address 0xa346cd4c

 

#: 063 Function Name: NtDeleteKey

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307eed8

 

#: 065 Function Name: NtDeleteValueKey

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307efc2

 

#: 097 Function Name: NtLoadDriver

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307fbbc

 

#: 098 Function Name: NtLoadKey

Status: Hooked by "<unknown>" at address 0xa346cd6a

 

#: 116 Function Name: NtOpenFile

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307f3f4

 

#: 122 Function Name: NtOpenProcess

Status: Hooked by "<unknown>" at address 0xa346cd38

 

#: 128 Function Name: NtOpenThread

Status: Hooked by "<unknown>" at address 0xa346cd3d

 

#: 193 Function Name: NtReplaceKey

Status: Hooked by "<unknown>" at address 0xa346cd74

 

#: 204 Function Name: NtRestoreKey

Status: Hooked by "<unknown>" at address 0xa346cd6f

 

#: 224 Function Name: NtSetInformationFile

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307f526

 

#: 247 Function Name: NtSetValueKey

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307ebfc

 

#: 257 Function Name: NtTerminateProcess

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307fb04

 

#: 274 Function Name: NtWriteFile

Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xa307f70c

 

==EOF==

[pear]

Bonjour,

 

C'est propre.

Donc pas d'infection cachée.

 

Voyez si ceci peut vous aideri:

 

Désactiver l'indexation des fichiers

 

Poste de travail->clic droit sur chacune des partitions de disque dur.

Allez dans les propriétés et désactivez Autoriser l'indexation de ce disque

Cliquez sur Appliquer puis sur OK.

Une nouvelle fenêtre s’ouvrira et vous devrez sélectionner Appliquer à tous les sous-dossiers et fichiers.

 

Il faut aussi désactiver le service correspondant :

 

Pour cela, allez dans le Panneau de configuration et cliquez sur Outils d'administration

Cliquez ensuite sur Services et recherchez dans la colonne Nom > Service d'indexation

Double cliquez

Choisissez dans Type de démarrage "Désactivé"

 

Pour le supprimer définitivement:

Copiez collez dans le bloc notes.

Enregistrez sous Serv.bat, sur le bureau.

Double clic pour lancer.

@echo Suppression du Service

sc stop cisvc

sc delete cisvc

cd c:\

cd windows

cd system32

del /f /s /q C:\WINDOWS\System32\cisvc.exe

 

[/color]

Vaccination Spybot

Si ,dans Spybot S&D vous avez vacciné, allez à l'onglet "vaccination"

cliquez sur "Vaccination" dans la colonne sur la gauche :

Cliquez sur annuler (la flèche bleue) pour annuler la vaccination.

Il faut aussi savoir que Spybot utilise une technologie dépassée.

Si vous ajoutez à cela les problèmes causés par la vaccination qui ralentit le système et TeaTimer qui peut faire obstacle à une désinfection.....

 

Vérifier l'UDMA

Il se pourrait que Windows reconnaisse l'IDE principal en mode PIO au lieu Ultra DMA suite à plusieurs erreurs disque.

 

Faites ceci:

Poste de travail->votre disque ->Propriétés->Outils ->Vérifier maintenant

ou , si vous préférez:

Démarrer->Exécuter->chkdsk /f/r

Ensuite,faites une sauvegarde par sécurité, puis:

 

Poste de Travail->Propriétés->Matériel->Gestionnaire de Périphériques->

Controleur ATAPI/IDE->Controleur Ide Principal->Propriétés->Paramètres avancés

A cet endroit, vous pouvez avoir par exemple: Nvidia parallel Ata Controller au lieu de Controleur Atapi

Faites Clic droit ->propriétés->Primary Channel

Si le mode de transfert actif est Pio au lieu de Udma , clic sur onglet Pilotes->Désinstaller

Redémarrer ensuite votre machine.

 

Défragmenter:Mydefrag,PowerDefrag, AuslogicDefrag(gratuits et efficaces)

 

Alléger le démarrage

Il faut savoir que RIEN , dans Msconfig(clés 04 dans Hijackthis),n'est nécessaire au système.

Beaucoup de programmes y installent un raccourci pour qu'ils soient lancés dès le démarrage du système,

avec pour conséquence la lenteur ou le ralentissement du Démarrage.

C'est seulement par prudence,pour éviter des oublis dommageables,que l'on recommande de garder les protections qui y sont(Parefeu,1 antivirus, 1 antispyware)

et parfois la connexion.

Tout le reste sera lancé en cas de besoin.

Il n'y aura rien d'irréversible dans ce que vous allez faire.

Télécharger Startup@Ease

 

Au démarrage cliquez Begin

 

Le logiciel recherche les fichiers inutiles et vous demande de cocher votre choix:

Le programme ayant sa propre base de données de démarrages non nécessaires ,il n'y a pas à se connecter à l'internet.

Il est conseillé de lui faire confiance et cocher Yes.

D'autant que en cas de regrets,il suffira de cliquer Restore backups pour que ces démarrages sans utilité soient aussitôt restaurés

 

Un redémarrage est nécessaire pour que ce soit pris en compte.

On ne peut pas faire plus simple.

 

Ne désactivez pas le prefetch

Vider le dossier Prefetch n'a pour seule conséquence qu'un ralentissement du système (qui doit le reconstituer).

Pour qu'il fonctionne le service Planificateur de tâches doit être automatique.

Avec ou sans , la différence c'est 10 secondes(vérifié)

[alky]

"Vérifier l'UDMA

Poste de Travail->Propriétés->Matériel->Gestionnaire de Périphériques->

Controleur ATAPI/IDE->Controleur Ide Principal->Propriétés->Paramètres avancés

A cet endroit, vous pouvez avoir par exemple: Nvidia parallel Ata Controller au lieu de Controleur Atapi

Faites Clic droit ->propriétés->Primary Channel

Si le mode de transfert actif est Pio au lieu de Udma , clic sur onglet Pilotes->Désinstaller

Redémarrer ensuite votre machine."

 

--> je n ai pas le choix "parametres avancés" en cliquant droit...

 

J ai oublie de le signaler et c est peut etre cela le point principal du probleme de mon pc mais au demarrage j ai systematiquement la "verification du systeme de fichier sur D:"

 

Sinon j ai fait les autres actions et le pc a l air de mieux tourner...

 

Je vous tiens au courant

 

Merci bp

 

[alky]

hello, j ai toujours la "verification du systeme de fichier sur D:" a chaque demarrage... est ce que ca veut dire que mon pc est tout de meme malade ?

 

Merci

[pear]

Bonjour,

 

Désactiver un chkdsk récurrent au démarrage:

Tout d'abord, vérifier que le disque est en bon état:

Démarrer->Exécuter->cmd /k fsutil dirty query c:

 

Dans notre exemple,on constate que le volume C: n'est pas intègre .

Afin de solutionner ce problème, on utilise la commande CHKDSK afin de vérifier et réparer le volume.

 

Démarrer->Exécuter->Chkdsk /f/r

ou, mieux, en consode récupération:

C:\Windows>Chkdsk /p/r

 

Vous pouvez en faire un diagnostic plus approfondi avec les outils du fabricant:

Diagnostics pour Disques Durs

Au paragraphe"outils de Diagnostics pour Disques Durs"

 

Si le disque est intègre:

En invite de commande, tapez

Chkntfs /D

 

* Si ça ne marche pas:

L'utilitaire chkntfs fonctionne par modification de la valeur BootExcecute dans le Registre système.

Cette valeur se trouve dans la clé de Registre suivante :

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\Session Manager

La valeur par défaut est :

BootExecute:REG_MULTI_SZ:autocheck autochk *

Si ce n'est pas le cas, modifiez le régistre->

 

Démarrer->Exécuter->saisir regedit

 

Aller la clé HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SessionManager

Vérifier que la valeur Chaîne Multiple nommée BootExecute existe et

contient au moins la donnée de valeur autocheck autochk * correctement saisie,

avec un espace entre le k et le *et rien d'autre .

Sinon supprimer tout ce qui suit le *.

En cas d'absence de la valeur, la recréer.