Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

rapport zhpdiag svp

rapetou83

Par rapetou83
dans Analyses et éradication malwares

 Partager

Messages recommandés

rapetou83 Junior Member

rapetou83

Posté(e)
Posté(e) (modifié)

<RESOLU> bonjour a tous je suis tout nouveau dans ce forum et merci de m'accueillir,

voila j'ai un problème avec un cheval de Troie voici le rapport de zhpdiag merci de votre aide

 

 

Rapport de ZHPDiag v1.27.09 par Nicolas Coolman, Update du 04/11/2010

Run by mo at 01/09/2010 07:35:40

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385

MFIE: Mozilla Firefox (3.6.12)

 

---\\ System Information

Windows 7 Ultimate Edition, 32-bit (Build 7600)

Processor: x86 Family 6 Model 30 Stepping 5, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3063 MB (50% free)

System drive C: has 402 GB (86%) free of 466 GB

 

---\\ Logged in mode

Computer Name: PC

User Name: mo

All Users Names: mo, Guest, Administrator,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 402 Go of 466 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 564 Go of 931 Go)

E:\ CD-ROM drive (Free 0 Go of 4 Go)

G:\ CD-ROM drive (Not Inserted)

H:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

I:\ Hard drive, Flash drive, Thumb drive (Free 170 Go of 466 Go)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.31/10/2009 23:00:00.) -- C:\Windows\Explorer.exe [2614272]

[MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.14/07/2009 23:00:00.) -- C:\Windows\System32\Wininit.exe [96256]

[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\System32\drivers\atapi.sys [21584]

 

 

---\\ Processus lancés

[MD5.0D06000000000000000000000CEF1200] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\Explorer.EXE [2614272]

[MD5.9CA037D9931896ABDDC41A214012314E] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe [6038016]

[MD5.3D1D1D1BBE3D60DBDA44C1441A372173] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe [719688]

[MD5.D73B38AE415ED63BD89946D71D14B482] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2054360]

[MD5.8BF167D30A11F4F06FB14BC6874192B2] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1164584]

[MD5.1A759052B9DB9DC7AFA2FE279279F49E] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560]

[MD5.B4BF928DBA5E42E3329ADA9B5DBB8065] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\TurboV\TurboV.exe [5391872]

[MD5.C25FA7C105FF151783CCEFE4215E7CEE] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe [1768960]

[MD5.53A0E3AF3637C41C5F0352391D7B1145] - (.AllAnonymity - IP Hider.) -- C:\Program Files\IP Hider\IP Hider.exe [1560576]

[MD5.697E07302EC965393ABC85AD5C2C8D53] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797008]

[MD5.251F10B000F0A032D00399D706DF3BBA] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe [1778064]

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]

[MD5.17B7EE982055EE0660A3C512D07E5111] - (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [788880]

[MD5.E1AB298BAFC8ECCA8C322A29C5FDC68C] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]

[MD5.6F7ECB12B6782A2122DEBE9EC9DF2C5D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]

[MD5.03ECCA8FADBB71694A49B7D505636A9C] - (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe [89088]

[MD5.F8500F11D9BAAF31A93EBCBDB93A3F96] - (.Megaupload Limited - Mega Manager.) -- C:\Program Files\Megaupload\Mega Manager\MegaManager.exe [2052608]

[MD5.6FB2760F706B4D918EF3B401F4A71242] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [616960]

 

 

---\\ Page de démarrage de Mozilla Firefox (M0)

M0 - MFSP: prefs.js [mo - jfan4znq.default] google.fr

 

 

---\\ Programmes d'extension pour Mozilla Firefox (M2)

M2 - MFEP: prefs.js [mo - jfan4znq.default\DeviceDetection@logitech.com] [] ????????? ????????? Logitech 1.20.0.66 (.Logitech, Inc..)

M2 - MFEP: prefs.js [mo - jfan4znq.default\pbreak.br@gmail.com] [] Megaupload SX.3.2 3.2 (.PBreak.)

M2 - MFEP: prefs.js [mo - jfan4znq.default\toolbar@ask.com] [] Ask Toolbar 3.9.1.14019 (.Ask.com.)

M2 - MFEP: prefs.js [mo - jfan4znq.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration 1.1 (.Megaupload Limited.)

M2 - MFEP: prefs.js [mo - jfan4znq.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus 1.2.2 (.Wladimir Palant.)

 

 

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.3.4.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.4] - (.the VideoLAN Team - Version 1.1.4, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\mo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Pas de propriétaire - AcroIEHelper Module.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

O4 - HKLM\..\Run: [TurboV] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\TurboV\TurboV.exe

O4 - HKLM\..\Run: [Turbo Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe

O4 - HKLM\..\Run: [iPHider] . (.AllAnonymity - IP Hider.) -- C:\Program Files\IP Hider\IP Hider.exe

O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe

O4 - HKLM\..\Run: [itype] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe

O4 - HKCU\..\Run: [FreeMi UPnP Media Server] . (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\mo\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKCU\..\Run: [tcactive] . (.MooSoft Development Inc - TCActive! GUI.) -- C:\Program Files\The Cleaner\tcap.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [FreeMi UPnP Media Server] . (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe

O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\mo\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [tcactive] . (.MooSoft Development Inc - TCActive! GUI.) -- C:\Program Files\The Cleaner\tcap.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mise à jour des licences ESET.lnk . (.GuillerSoft.) -- C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\mo\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Documents And Settings\mo\Desktop\emule.lnk . (.Pas de propriétaire.) -- C:\Program Files\eMule\Incoming

O4 - Global Startup: C:\Documents And Settings\mo\Desktop\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\mo\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Users\mo\Desktop\emule.lnk . (.Pas de propriétaire.) -- C:\Program Files\eMule\Incoming

O4 - Global Startup: C:\Users\mo\Desktop\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk . (.Lavasoft.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Envoyer à OneNote - (.not file.) - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: Convertir en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la sélection en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir les liens sélectionnés en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Download Link Using Mega Manager... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe

O23 - Service: ASUS System Control Service (AsSysCtrlService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

O23 - Service: BlueSoleil Hid Service (BlueSoleil Hid Service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (.not file.)

O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: The Cleaner 2011 Helper Service (moohelp) . (.MooSoft Development LLC - MooSoft Helper Service.) - C:\Program Files\The Cleaner\mhelper.exe

O23 - Service: NMSAccessU (NMSAccessU) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (.not file.)

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MemOptimizer-02BB2F56CB964deb8996194DE7EB5275.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe

O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r85.) -- C:\Windows\system32\Macromed\Flash\Flash10k.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: AsIO (AsIO) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\AsIO.sys

O41 - Driver: ehdrv (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\system32\DRIVERS\ehdrv.sys

O41 - Driver: ElbyCDIO Driver (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - C:\Windows\system32\Drivers\ElbyCDIO.sys

O41 - Driver: ISO DVD\CD-ROM Device Driver (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: AMD DnD V1.0.19 - (.AMD.) [HKLM] -- {87BB78C4-F36D-4D93-A7C7-F80F18219848}

O42 - Logiciel: ATI AVIVO Codecs - (.ATI Technologies Inc..) [HKLM] -- {DD6E44E7-0319-2868-F1D9-07ECD2A1A94C}

O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware

O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {B194272D-1F92-46DF-99EB-8D5CE91CB4EC}

O42 - Logiciel: Adobe Acrobat 5.0 - (.Pas de propriétaire.) [HKLM] -- Adobe Acrobat 5.0

O42 - Logiciel: Adobe Acrobat 7.0 Professional - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- Adobe Acrobat 7.0 Professional - EFG

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}

O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {8D7133DE-27D2-47E5-B248-4180278D32AA}

O42 - Logiciel: CloneDVD2 - (.Elaborate Bytes.) [HKLM] -- CloneDVD2

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DeskSpace 1.5.6.3 - (.Otaku Software Pty Ltd.) [HKCU] -- DeskSpace

O42 - Logiciel: EPU-6 Engine - (.Pas de propriétaire.) [HKLM] -- {56B83336-FBC1-4C46-8613-90A9E3B440D6}

O42 - Logiciel: ESET Antivirus License Finder (MiNODLogin) - (.GuillerSoft.) [HKLM] -- MiNODLogin

O42 - Logiciel: Express Gate - (.DeviceVM, Inc..) [HKLM] -- {99AD9D6D-A456-49EE-8360-F22EE7AA1272}

O42 - Logiciel: FileZilla Client 3.3.2.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client

O42 - Logiciel: FreeMi UPnP Media Server - (.Stéphane Mitermite.) [HKLM] -- FreeMi UPnP Media Server

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM] -- {CA7D1914-153C-6FD9-4B80-9F5BF3B760E1}

O42 - Logiciel: IP Hider 4.9 - (.AllAnonymity.) [HKLM] -- IP Hider 4.9_is1

O42 - Logiciel: ImgBurn 2.3.2.0 Fr - (.Pas de propriétaire.) [HKLM] -- {75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1

O42 - Logiciel: IsoBuster 1.4 - (.Smart Projects.) [HKLM] -- IsoBuster_is1

O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: K-Lite Mega Codec Pack 5.5.1 - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: L'Encyclopédie pratique du Bricolage - (.Pas de propriétaire.) [HKLM] -- {9F58CF55-92CD-48DC-AA26-EAAF9BF1A500}

O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {7EACD74C-147F-478C-9389-F9F52EE3C88A}

O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}

O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Mozilla Firefox (3.6.12) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.12)

O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM] -- PowerISO

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {EB900AF8-CC61-4E15-871B-98D1EA3E8025}

O42 - Logiciel: Quicksys RegDefrag 2.8 - (.Pas de propriétaire.) [HKLM] -- {5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1

O42 - Logiciel: R-Studio Emergency Startup Media Creator 5.1 - (.R-Tools Technology Inc..) [HKLM] -- R-Studio Emergency Startup Media Creator 5.1NSIS

O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Scooby-Doo, Affaire n°1 - Le monstre du musée - (.Pas de propriétaire.) [HKLM] -- Scooby-Doo, Affaire n°1 - Le monstre du musée

O42 - Logiciel: Scooby-Doo, Le Secret du Sphinx - (.Pas de propriétaire.) [HKLM] -- Scooby-Doo, Le Secret du Sphinx

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB2288953) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B772E1C-7C05-42D2-839D-3EC2D39EFF22}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Sony Ericsson Media Manager 1.2 - (.Sony Ericsson.) [HKLM] -- {8CD0B297-122D-4718-9CE1-B72E796F7B21}

O42 - Logiciel: Sony Ericsson PC Suite - (.Sony Ericsson.) [HKLM] -- {2FFE93F0-BB72-4E52-8761-354D1AAA9387}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: TeraCopy 1.22 - (.Code Sector Inc..) [HKLM] -- TeraCopy_is1

O42 - Logiciel: The Cleaner 2011 - (.MooSoft Development LLC.) [HKLM] -- The Cleaner_is1

O42 - Logiciel: Turbo Key - (.Pas de propriétaire.) [HKLM] -- {B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}

O42 - Logiciel: TurboV - (.Pas de propriétaire.) [HKLM] -- {A31951C5-DCD8-4DFE-A525-CFC701F54792}

O42 - Logiciel: UltraISO Premium V9.3 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2410711) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BB5A2EB0-4515-4C6B-A618-A6F6B0AB7BAA}

O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}

O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}

O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: WinUtilities 9.81 Professional Edition - (.YL Computing, Inc.) [HKLM] -- {FC274982-5AAD-4C20-848D-4424A5043009}_is1

O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1

O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- {F3D70E4A-6F7E-8806-790E-7887E8242B20}

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {2902F983-B4C1-44BA-B85D-5C6D52E2C441}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}

O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {A498D9EB-927B-459B-85D6-DD6EF8C2C564}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AMD]

[HKCU\Software\ASProtect]

[HKCU\Software\ASUS]

[HKCU\Software\ATI]

[HKCU\Software\Adobe]

[HKCU\Software\AllAnonymity]

[HKCU\Software\AppDataLow\AskToolbarInfo]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\AskToolbar]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Ask.com]

[HKCU\Software\AutocompletePro]

[HKCU\Software\BitTorrent]

[HKCU\Software\CBS Software]

[HKCU\Software\CDDB]

[HKCU\Software\Calculador 10]

[HKCU\Software\Canneverbe Limited]

[HKCU\Software\Classes.crx]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Code Sector]

[HKCU\Software\Cookie Crumble]

[HKCU\Software\CoreVorbis]

[HKCU\Software\Cygnus Solutions]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\ESET]

[HKCU\Software\EasyBoot Systems]

[HKCU\Software\Elaborate Bytes]

[HKCU\Software\Enigma Protector]

[HKCU\Software\Flock]

[HKCU\Software\GNU]

[HKCU\Software\GSpot Appliance Corp]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\ImgBurn]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavasoft]

[HKCU\Software\Leadertech]

[HKCU\Software\LightScribe]

[HKCU\Software\Logitech]

[HKCU\Software\MONOGRAM]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaInfo]

[HKCU\Software\Megaupload]

[HKCU\Software\MooSoft Development]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\Nokia]

[HKCU\Software\ODBC]

[HKCU\Software\Otaku Software]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\PowerISO]

[HKCU\Software\R-TT]

[HKCU\Software\RealNetworks]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\SenBit]

[HKCU\Software\SlySoft]

[HKCU\Software\Smart Projects]

[HKCU\Software\Sony Creative Software]

[HKCU\Software\Sony Ericsson]

[HKCU\Software\Sysinternals]

[HKCU\Software\Toshiba]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Virtual Plastic Surgery Software - VPSS]

[HKCU\Software\Widcomm]

[HKCU\Software\WideStream]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\cybelsoft]

[HKCU\Software\eMule]

[HKCU\Software\madFlac]

[HKCU\Software\yahoo]

[HKLM\Software\AMD]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Adobe Systems]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Alcohol Soft]

[HKLM\Software\Alienware]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Audible]

[HKLM\Software\BSProductManage]

[HKLM\Software\CDDB]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\Cygnus Solutions]

[HKLM\Software\DeviceVM]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\ESET]

[HKLM\Software\EasyBoot Systems]

[HKLM\Software\Elaborate Bytes]

[HKLM\Software\FileZilla 3]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\HighCriteria]

[HKLM\Software\IPHider]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Lavasoft]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\MAXSOFT-OCRON]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Megaupload Limited]

[HKLM\Software\Megaupload]

[HKLM\Software\Micro Application]

[HKLM\Software\MimarSinan]

[HKLM\Software\Mindscape]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\ODBC]

[HKLM\Software\Policies]

[HKLM\Software\QSound Labs, Inc.]

[HKLM\Software\Quicksys]

[HKLM\Software\R-TT]

[HKLM\Software\RTLSetup]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\S3R521]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\SlySoft]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Creative Software]

[HKLM\Software\Sony Media Software]

[HKLM\Software\The Learning Company]

[HKLM\Software\Toshiba]

[HKLM\Software\Trad-FR]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\VIA Technologies, Inc]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WIDCOMM]

[HKLM\Software\WidCommUpdate]

[HKLM\Software\cybelsoft]

[HKLM\Software\mozilla.org]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft

O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update

O43 - CFD:Common File Directory ----D- C:\Program Files\Ask.com

O43 - CFD:Common File Directory ----D- C:\Program Files\ASUS

O43 - CFD:Common File Directory ----D- C:\Program Files\ATI

O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\CDBurnerXP

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\DAP

O43 - CFD:Common File Directory ----D- C:\Program Files\DeskSpace

O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX

O43 - CFD:Common File Directory ----D- C:\Program Files\DivX

O43 - CFD:Common File Directory ----D- C:\Program Files\Download Direct

O43 - CFD:Common File Directory ----D- C:\Program Files\Downloaded Installations

O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Elaborate Bytes

O43 - CFD:Common File Directory ----D- C:\Program Files\eMule

O43 - CFD:Common File Directory ----D- C:\Program Files\ESET

O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client

O43 - CFD:Common File Directory ----D- C:\Program Files\FreeMi UPnP Media Server

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\ImgBurn

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\IP Hider

O43 - CFD:Common File Directory ----D- C:\Program Files\IVT Corporation

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft

O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\Megaupload

O43 - CFD:Common File Directory ----D- C:\Program Files\Micro Application

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliPoint

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliType Pro

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Mindscape

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\PowerISO

O43 - CFD:Common File Directory ----D- C:\Program Files\Quicksys

O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- C:\Program Files\R-Studio Emergency

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\Recuva

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects

O43 - CFD:Common File Directory ----D- C:\Program Files\Sony

O43 - CFD:Common File Directory ----D- C:\Program Files\Sony Ericsson

O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD:Common File Directory ----D- C:\Program Files\TeraCopy

O43 - CFD:Common File Directory ----D- C:\Program Files\The Cleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro

O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2010

O43 - CFD:Common File Directory ----D- C:\Program Files\UltraISO

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent

O43 - CFD:Common File Directory ----D- C:\Program Files\VIA

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS

O43 - CFD:Common File Directory ----D- C:\Program Files\WIDCOMM

O43 - CFD:Common File Directory ----D- C:\Program Files\Winamax Poker

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- C:\Program Files\WinUtilities

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ATI Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\EZB Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe

O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe Systems

O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple

O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data

O43 - CFD:Common File Directory ----D- C:\ProgramData\ASUS OC Profiles

O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI

O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira

O43 - CFD:Common File Directory ----D- C:\ProgramData\Bluetooth

O43 - CFD:Common File Directory ----D- C:\ProgramData\BVRP Software

O43 - CFD:Common File Directory ----D- C:\ProgramData\Canneverbe Limited

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop

O43 - CFD:Common File Directory ----D- C:\ProgramData\DivX

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents

O43 - CFD:Common File Directory ----D- C:\ProgramData\ESET

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites

O43 - CFD:Common File Directory ----D- C:\ProgramData\Google

O43 - CFD:Common File Directory ----D- C:\ProgramData\Installations

O43 - CFD:Common File Directory ----D- C:\ProgramData\Lavasoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\LightScribe

O43 - CFD:Common File Directory ----D- C:\ProgramData\Logishrd

O43 - CFD:Common File Directory ----D- C:\ProgramData\ma-config.com

O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes

O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help

O43 - CFD:Common File Directory ----D- C:\ProgramData\moosoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero

O43 - CFD:Common File Directory ----D- C:\ProgramData\Nokia

O43 - CFD:Common File Directory ----D- C:\ProgramData\NokiaMusic

O43 - CFD:Common File Directory ----D- C:\ProgramData\OviInstallerCache

O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Suite

O43 - CFD:Common File Directory ----D- C:\ProgramData\SlySoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Sony

O43 - CFD:Common File Directory ----D- C:\ProgramData\Sony Ericsson

O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu

O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates

O43 - CFD:Common File Directory ----D- C:\ProgramData\TOSHIBA

O43 - CFD:Common File Directory ----D- C:\ProgramData\TuneUp Software

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ATI Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\EZB Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.7300000000000000000000000CEF1200] - 14/02/2705 - 08:13:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\explorer.exe [2614272]

O44 - LFC:[MD5.72AECF54AAC22B20956D08610972B5A1] - 03/11/2010 - 22:38:38 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [93360]

O44 - LFC:[MD5.713CD5267ABFB86FE90A72E384E82A38] - 03/11/2010 - 21:53:51 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\System32\drivers\Lbd.sys [64288]

O44 - LFC:[MD5.1DA93C4B323B34E38F5E7F43D9C65788] - 03/11/2010 - 21:52:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\lsdelete.exe [15880]

O44 - LFC:[MD5.03FB7D95E32F9975615840F4B7516765] - 03/11/2010 - 18:40:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [188446]

O44 - LFC:[MD5.6BF6EA91B1FE4DA6BFF7771D6C165A5A] - 31/10/2010 - 22:47:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\msnfix.txt [189]

O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 31/10/2010 - 15:14:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagerr.xml [1908]

O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 31/10/2010 - 15:14:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagwrn.xml [1908]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/11/2010 - 09:14:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.01015964991C16E31F869ECBCFAAAFEE] - 28/10/2010 - 19:52:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\_WKERNEL.SYL [101]

O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 23/10/2010 - 17:35:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\pùÊ [20]

O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 23/10/2010 - 17:18:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\¸ù’ [20]

O44 - LFC:[MD5.9FFE5D1BB29E37D74897DABFCD087530] - 23/10/2010 - 06:49:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [410040]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2010 - 06:27:32 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Msft_Kernel_point32_01009.Wdf [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2010 - 06:26:03 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01009.Wdf [0]

O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 20/10/2010 - 06:01:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\(ô‡ [20]

O44 - LFC:[MD5.4CC27406C0045974AE6D805475B5DA1B] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.dll [258048]

O44 - LFC:[MD5.B79D3D6A4E9E2CD739660E2AD9734D58] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.exe [2740224]

O44 - LFC:[MD5.D2C0FC5DD6EA00505A8846A1675F2EC9] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\RegisterLSP.exe [471040]

O44 - LFC:[MD5.2A41794807AC53FCE19AF0EF2900525A] - 16/10/2010 - 13:08:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\VistaInfo32.dll [73728]

O44 - LFC:[MD5.2C5977F4FCC7F67E51954F292E909369] - 09/10/2010 - 18:41:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\tmp_docprotector.ini [524]

O44 - LFC:[MD5.B3C51A5995751A48AA8DE4B82BE9C83E] - 07/10/2010 - 18:15:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Ascd_log.ini [33994]

O44 - LFC:[MD5.70509087597627A322EA5882512958EC] - 07/10/2010 - 18:12:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setup.iss [670]

O44 - LFC:[MD5.212F87EE837B4E35E43A93BBFC44E7A7] - 07/10/2010 - 18:11:57 R--A- . (.Pas de propriétaire - AsIO DLL.) -- C:\Windows\System32\AsIO.dll [24576]

O44 - LFC:[MD5.2B4E66FAC6503494A2C6F32BB6AB3826] - 07/10/2010 - 18:11:57 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsIO.sys [12400]

O44 - LFC:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 07/10/2010 - 18:11:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsInsHelp32.sys [10216]

O44 - LFC:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 07/10/2010 - 18:11:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsInsHelp64.sys [11832]

O44 - LFC:[MD5.802B396DA15FA19B9E61A79FE72AFA7A] - 07/10/2010 - 18:03:29 ---A- . (.QSound Labs, Inc. - Pas de description.) -- C:\Windows\System32\nQPropPageExt.dll [76288]

O44 - LFC:[MD5.2D22147613929641BDB2A35A4CB36C2D] - 07/10/2010 - 18:03:29 ---A- . (.QSound Labs, Inc. - nQ APO.) -- C:\Windows\System32\nQAPO.dll [71680]

O44 - LFC:[MD5.C7C2A6B64608FF71B87CAB42375D6F1B] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - DTS Surround Sensation Control Page.) -- C:\Windows\System32\Dts2PropPageExt.dll [75776]

O44 - LFC:[MD5.A6CAB31A6CFCD41E5213A924B2413EF1] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\viahduaa.sys [1067008]

O44 - LFC:[MD5.BA9CD6445E1A0A4535D7E49333FB674E] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP Component.) -- C:\Windows\System32\VIASysFx.dll [491008]

O44 - LFC:[MD5.0F2279ED94156039E6F947F8D408555B] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP UI component.) -- C:\Windows\System32\VIAPropPageExt.dll [856064]

O44 - LFC:[MD5.09A3B9A29F8239ACEB3526238735E97A] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies,Inc. - VIA APO for MicArray Applications..) -- C:\Windows\System32\ViaMicArrayPropPageExt.dll [68608]

O44 - LFC:[MD5.5E25D0897393859D30EB86F63CAC9C30] - 07/10/2010 - 18:03:29 ---A- . (.Windows ® Codename Longhorn DDK provider - DTS2 APO.) -- C:\Windows\System32\Dts2APO.dll [211456]

O44 - LFC:[MD5.663E670F8E335FAE30F462546F278B32] - 07/10/2010 - 18:03:29 ---A- . (.Windows ® Codename Longhorn DDK provider - ViaMicArray APO.) -- C:\Windows\System32\ViaMicArrayAPO.dll [181248]

O44 - LFC:[MD5.4F1B4CCA1572C6B67311FD86476375CD] - 07/10/2010 - 18:01:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Ascd_tmp.ini [22682]

O44 - LFC:[MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - 07/10/2010 - 18:01:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Language_trs.ini [1769]

O44 - LFC:[MD5.93723774872D9FB903266A46ED1E0BC2] - 21/09/2010 - 13:03:14 ---A- . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.DLL [208768]

O44 - LFC:[MD5.D7EF348243211296F0A7E38AC96EAB2A] - 01/09/2010 - 06:23:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PCProxyOff.ini [16]

O44 - LFC:[MD5.BE8BA33597CE967BF07E268CA115CE19] - 01/09/2010 - 06:23:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.ini [1952]

O44 - LFC:[MD5.AADFD9E4C32C9EFF933A64A5FE9D7F78] - 01/09/2010 - 06:17:03 --H-- . (.Pas de propriétaire - Pas de description.) -- C:\dvmexp.idx [177]

O44 - LFC:[MD5.44B6E7FF5850BB9688168266FD203585] - 01/09/2010 - 06:14:21 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20768]

O44 - LFC:[MD5.44B6E7FF5850BB9688168266FD203585] - 01/09/2010 - 06:14:21 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20768]

O44 - LFC:[MD5.C756130463679FD9DAA95AB5CB7CC481] - 01/09/2010 - 06:06:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [560]

O44 - LFC:[MD5.BEED3ACBB68180DE52D95C78A3454898] - 01/09/2010 - 06:06:55 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.2900000000000000000000000CEF1200] - 01/09/2010 - 06:05:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1326343]

O44 - LFC:[MD5.0AF7946AD9B2E82058C6421EEC960FCF] - 11/08/2010 - 16:18:17 ---A- . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll [197632]

O44 - LFC:[MD5.17A4BE67FB6B9219A802F39C263AC8AC] - 11/08/2010 - 16:18:17 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [82944]

O44 - LFC:[MD5.2B2D0010FE955BAA4726B5086313D1A1] - 10/08/2010 - 04:15:58 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\Windows\System32\QuickTime.qts [69632]

O44 - LFC:[MD5.36948F7FEFB02B8817E7F81633AB4121] - 10/08/2010 - 04:15:58 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\Windows\System32\QuickTimeVR.qtx [94208]

O44 - LFC:[MD5.B9C2EB1291BACAF8D979D7DF06D1E4EE] - 07/08/2010 - 15:38:20 ---A- . (.Neil Banfield - Animation Core.) -- C:\Windows\System32\anim.dll [33968]

O44 - LFC:[MD5.CF295F9A323B1EC8B196E598636E78E4] - 07/08/2010 - 15:38:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\shfolder.inf [439]

O44 - LFC:[MD5.4BAF561A4819F0EDF96C6FD903A5694F] - 07/08/2010 - 15:38:20 ---A- . (.Stardock Corporation - WindowBlinds : DirectSkin.) -- C:\Windows\System32\wbocx.ocx [544768]

O44 - LFC:[MD5.7BDB3B1F1303F0370D7E4CE82AD73D37] - 07/08/2010 - 15:38:20 ---A- . (.Stardock.Net, Inc - WindowBlinds Helper DLL.) -- C:\Windows\System32\wbhelp2.dll [56496]

O44 - LFC:[MD5.8E6BF8E8B78BA958B30B0C0E83C86C87] - 04/08/2010 - 01:21:44 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [6096384]

O44 - LFC:[MD5.C20B3F98C05A85590645377135C8AC6F] - 04/08/2010 - 00:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atiapfxx.blb [71096]

O44 - LFC:[MD5.B4CAEDA66D83498CB5876BD02CF07D52] - 04/08/2010 - 00:55:02 ---A- . (.Advanced Micro Devices, Inc. - atiapfxx Application.) -- C:\Windows\System32\atiapfxx.exe [143360]

O44 - LFC:[MD5.84759F7436CCF37552621B2846FE1744] - 04/08/2010 - 00:54:52 ---A- . (.ATI Technologies Inc. - aticfx32.dll.) -- C:\Windows\System32\aticfx32.dll [519680]

O44 - LFC:[MD5.9E3019AF0CD29367B6CFCEE074672F4A] - 04/08/2010 - 00:52:06 ---A- . (.Advanced Micro Devices, Inc. - Graphics DEM.) -- C:\Windows\System32\ATIDEMGX.dll [450560]

O44 - LFC:[MD5.89A79E165D6BB2E9848882B2C03AB2F5] - 04/08/2010 - 00:51:38 ---A- . (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [380928]

O44 - LFC:[MD5.2A6C17DCF9138DE28CE141794484B128] - 04/08/2010 - 00:51:12 ---A- . (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [176128]

O44 - LFC:[MD5.B06E97F66D49682685858041F26C0E84] - 04/08/2010 - 00:50:08 ---A- . (.AMD - TMM Clone Control Module.) -- C:\Windows\System32\atitmmxx.dll [159744]

O44 - LFC:[MD5.4BE7F9FDBCFC375FC8CC02CABC4ADCA8] - 04/08/2010 - 00:49:52 ---A- . (.ATI Technologies, Inc. - ATI Desktop CWDDEDI DLL.) -- C:\Windows\System32\atipdlxx.dll [356352]

O44 - LFC:[MD5.41285186D6647DBD57A04BC603FE2891] - 04/08/2010 - 00:49:50 ---A- . (.Advanced Micro Devices, Inc. - ATI OpenGL driver.) -- C:\Windows\System32\atioglxx.dll [15845888]

O44 - LFC:[MD5.1CF0F811EF5AEB46F9239BF249B3654A] - 04/08/2010 - 00:49:42 ---A- . (.ATI Technologies, Inc. - ATI Driver Interface DLL.) -- C:\Windows\System32\Oemdspif.dll [278528]

O44 - LFC:[MD5.D9227881A32415B36E152EBCA3BCBCE6] - 04/08/2010 - 00:49:36 ---A- . (.AMD - Multi-language DPPE DLL.) -- C:\Windows\System32\atimuixx.dll [11776]

O44 - LFC:[MD5.FAE6C8E11AF14655E40BB171BB677D63] - 04/08/2010 - 00:49:28 ---A- . (.ATI Technologies, Inc. - ati2edxx.) -- C:\Windows\System32\ati2edxx.dll [43520]

O44 - LFC:[MD5.22F8EFCA8E4CACD3FA90CDB323992F50] - 04/08/2010 - 00:46:34 ---A- . (.ATI Technologies Inc. - atidxx32.dll.) -- C:\Windows\System32\atidxx32.dll [3899392]

O44 - LFC:[MD5.DC5B876E02BCEEDCC4F0667C5A2BA583] - 04/08/2010 - 00:28:28 ---A- . (.ATI Technologies Inc. - atiumdag.dll.) -- C:\Windows\System32\atiumdag.dll [4021760]

O44 - LFC:[MD5.B3B1E8C978EF8BBCBAA8B8D523B37A09] - 04/08/2010 - 00:26:02 ---A- . (.Advanced Micro Devices Inc. - ATI CAL runtime.) -- C:\Windows\System32\aticalrt.dll [46080]

O44 - LFC:[MD5.6B4B88F6BDF5664FB1B65F35CB922194] - 04/08/2010 - 00:25:52 ---A- . (.Advanced Micro Devices Inc. - ATI CAL compiler runtime.) -- C:\Windows\System32\aticalcl.dll [44032]

O44 - LFC:[MD5.ED9DACC7A4B3CA1EFB9DAC71BAAB902E] - 04/08/2010 - 00:24:36 ---A- . (.Advanced Micro Devices Inc. - ATI CAL DD.) -- C:\Windows\System32\aticaldd.dll [4341248]

O44 - LFC:[MD5.EDDDD74EE748FA00C666A77314B51B8D] - 04/08/2010 - 00:23:44 ---A- . (.AMD - CoInstaller DLL.) -- C:\Windows\System32\coinst.dll [65536]

O44 - LFC:[MD5.3E7E840BF361ECE88662E8C7A5E529C5] - 04/08/2010 - 00:21:40 ---A- . (.Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) -- C:\Windows\System32\atiumdva.dll [3324416]

O44 - LFC:[MD5.FD929ADE0294D068D0263FD2958DFAA2] - 04/08/2010 - 00:21:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atiumdva.cap [523968]

O44 - LFC:[MD5.AE76C0223C0BAFBADAED79969C08CCE4] - 04/08/2010 - 00:16:08 ---A- . (.Advanced Micro Devices, Inc. - ADL.) -- C:\Windows\System32\atiadlxx.dll [241664]

O44 - LFC:[MD5.90BA86D735B42505DB5E5001BC0C927C] - 04/08/2010 - 00:15:56 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atiglpxx.dll [12800]

O44 - LFC:[MD5.D13DE37DEBE2DAF982AFBBEDA4EB8CEF] - 04/08/2010 - 00:15:50 ---A- . (.Advanced Micro Devices, Inc. - atigktxx.dll.) -- C:\Windows\System32\atigktxx.dll [16896]

O44 - LFC:[MD5.31DE9B1CEAA9E25B141232F7F1443239] - 04/08/2010 - 00:15:30 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [214016]

O44 - LFC:[MD5.71BFF0E03957F59A50A87C0CD40F3E1A] - 04/08/2010 - 00:15:04 ---A- . (.Advanced Micro Devices, Inc. - atiuxpag.dll.) -- C:\Windows\System32\atiuxpag.dll [30208]

O44 - LFC:[MD5.0AE1AE9D94540F2201C841835A94A9BB] - 04/08/2010 - 00:14:50 ---A- . (.Advanced Micro Devices, Inc. - atiu9pag.dll.) -- C:\Windows\System32\atiu9pag.dll [27648]

O44 - LFC:[MD5.4517B8DD31854C85E18E6AE9402C5574] - 04/08/2010 - 00:14:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atitmpxx.dll [23040]

O44 - LFC:[MD5.3C6565BF11A6DF8069E067AB14C04CC7] - 04/08/2010 - 00:14:14 ---A- . (.ATI Technologies Inc. - eRecord Message Resource File.) -- C:\Windows\System32\drivers\ati2erec.dll [53248]

O44 - LFC:[MD5.57026A11BE27683B7C4D11DB25F5A18F] - 04/08/2010 - 00:09:24 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\System32\amdpcom32.dll [52736]

O44 - LFC:[MD5.57026A11BE27683B7C4D11DB25F5A18F] - 04/08/2010 - 00:09:24 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\System32\atimpc32.dll [52736]

 

 

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

 

 

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{9c913428-268a-11df-9683-002618f2e45c}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\LaunchU3.exe

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll

O52 - TDSD: \Drivers32\"VIDC.YV12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm

O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm

O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 7.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

O53 - SMSR:HKLM\...\startupreg\IntelliPoint [Key] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe

O53 - SMSR:HKLM\...\startupreg\ITSecMng [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe

O53 - SMSR:HKLM\...\startupreg\itype [Key] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe

O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O53 - SMSR:HKLM\...\startupreg\Malwarebytes' Anti-Malware [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O53 - SMSR:HKLM\...\startupreg\PC Suite Tray [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O53 - SMSR:HKLM\...\startupreg\updateMgr [Key] . (.Adobe Systems Incorporated - Adobe Update Manager.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoActiveDesktop"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys

O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys

O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys

O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys

O58 - SDL:[MD5.F0B673589B3D371008A1539F9AE13EF4] - 08/12/2009 - 16:06:09 ---A- . (.SlySoft, Inc. - AnyDVD Filter Driver.) -- C:\Windows\system32\drivers\AnyDVD.sys

O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.CBE71C122434805CB73FFB6619F60598] - 16/07/2009 - 04:36:30 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys

O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 04/01/2008 - 12:34:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsInsHelp32.sys

O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 04/01/2008 - 12:34:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsInsHelp64.sys

O58 - SDL:[MD5.2B4E66FAC6503494A2C6F32BB6AB3826] - 17/12/2007 - 10:14:06 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsIO.sys

O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\ASUSHWIO.SYS

O58 - SDL:[MD5.40A07E6916AC098E31A9E39AC202B8A1] - 30/09/2009 - 15:33:56 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys

O58 - SDL:[MD5.8E6BF8E8B78BA958B30B0C0E83C86C87] - 04/08/2010 - 01:21:44 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys

O58 - SDL:[MD5.31DE9B1CEAA9E25B141232F7F1443239] - 04/08/2010 - 00:15:30 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 05/03/2010 - 19:40:01 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.0F249BE872F618AABA8D641E81AA3D21] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btaudio.sys

O58 - SDL:[MD5.CE441CCD98C5ECB10CB12FCAF97322EC] - 08/01/2009 - 23:39:36 ---A- . (.IVT Corporation. - Bluetooth HID BUS Driver.) -- C:\Windows\system32\drivers\BtHidBus.sys

O58 - SDL:[MD5.D84166D41A05F66D9084039427E5025B] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Bus Enumerator.) -- C:\Windows\system32\drivers\btkrnl.sys

O58 - SDL:[MD5.D3C277A51EF9E2EC972D6221F99C0B6D] - 07/12/2008 - 12:44:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\btnetBus.sys

O58 - SDL:[MD5.07F0A66CFA550B13AD0674AE09E3CBA0] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth BTPORT Driver for Windows 2000.) -- C:\Windows\system32\drivers\btport.sys

O58 - SDL:[MD5.B1D350F3F13CF340FCE93912D2BA1EBF] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth LAN Access Server Driver.) -- C:\Windows\system32\drivers\btwdndis.sys

O58 - SDL:[MD5.1BCC81071C25C34DE0621FFD8C4F925E] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Virtual HID Minidriver.) -- C:\Windows\system32\drivers\btwhid.sys

O58 - SDL:[MD5.A01FD9851406DE0870C23759E2F7B6EA] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Driver for Bluetooth USB Devices.) -- C:\Windows\system32\drivers\btwusb.sys

O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys

O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys

O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.AF82DC664E3D8E2CBA3B95E68F6448A7] - 16/11/2009 - 08:56:12 ---A- . (.ESET - Amon monitor.) -- C:\Windows\system32\drivers\eamon.sys

O58 - SDL:[MD5.686A799C1BF1B18941994DAF9F45DB06] - 16/11/2009 - 09:03:36 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\system32\drivers\ehdrv.sys

O58 - SDL:[MD5.76CAD4F1291990FC47824B845032E997] - 26/09/2009 - 18:57:34 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\system32\drivers\ElbyCDIO.sys

O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.8700EADC8BDFA27D948FCC43EE0AE434] - 18/12/2009 - 15:02:26 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\drivers\epfwwfpr.sys

O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys

O58 - SDL:[MD5.007AEA2E06E7CEF7372E40C277163959] - 11/07/2010 - 16:07:24 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver Filter.) -- C:\Windows\system32\drivers\ggflt.sys

O58 - SDL:[MD5.C73DE35960CA75C5AB4AE636B127C64E] - 11/07/2010 - 16:07:24 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver.) -- C:\Windows\system32\drivers\ggsemc.sys

O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys

O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys

O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.71E1FC547CC488D5CD7BF0860C96F5AF] - 02/07/2008 - 14:58:48 ---A- . (.IVT Corporation. - IVT Bluetooth Bus Device Driver.) -- C:\Windows\system32\drivers\IvtBtBus.sys

O58 - SDL:[MD5.151D8C22A57025D0619D9ED452A4F1FF] - 18/03/2010 - 10:00:56 ---A- . (.Logitech, Inc. - Logitech PS2 Keyboard Filter Driver..) -- C:\Windows\system32\drivers\L8042Kbd.sys

O58 - SDL:[MD5.732AFC2D2643916CFA135130D2ADBC20] - 18/03/2010 - 10:01:04 ---A- . (.Logitech, Inc. - Logitech PS/2 Mouse Filter Driver..) -- C:\Windows\system32\drivers\L8042mou.Sys

O58 - SDL:[MD5.713CD5267ABFB86FE90A72E384E82A38] - 23/09/2009 - 13:55:23 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys

O58 - SDL:[MD5.B68309F25C5787385DA842EB5B496958] - 18/03/2010 - 10:01:52 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys

O58 - SDL:[MD5.63D3B1D3CD267FCC186A0146B80D453B] - 18/03/2010 - 10:02:08 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys

O58 - SDL:[MD5.46F0396649101C27968089D127395980] - 18/03/2010 - 10:02:24 ---A- . (.Logitech, Inc. - Logitech Filter Driver for Mouse Class..) -- C:\Windows\system32\drivers\LMouKE.Sys

O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 12/07/2010 - 16:44:30 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\system32\drivers\LNonPnP.sys

O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys

O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys

O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys

O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.E205C313417DA6FA7AFE85912A310A65] - 16/02/2007 - 01:56:49 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\Windows\system32\drivers\RegKill.sys

O58 - SDL:[MD5.D5EDE44CA85899E0478208C8413C1C31] - 23/06/2010 - 08:10:54 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys

O58 - SDL:[MD5.7B7A157D6CC1EB77BC43E2AA23DAE600] - 19/04/2010 - 15:55:40 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys

O58 - SDL:[MD5.594FF5620661D1386475406E78CB6F2F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 Driver.) -- C:\Windows\system32\drivers\s0017bus.sys

O58 - SDL:[MD5.3FA76516F21FC7CF04689834B2B7325E] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017cm.sys

O58 - SDL:[MD5.3FA76516F21FC7CF04689834B2B7325E] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017cmnt.sys

O58 - SDL:[MD5.5B1078D9E27DF63656C39449492AE3E9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation (WDM class reg.) -- C:\Windows\system32\drivers\s0017cr.sys

O58 - SDL:[MD5.7258F550419D543BC5C8E80C578A5D54] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\s0017mdfl.sys

O58 - SDL:[MD5.1DE4F6607FEB17A15DBD4F1B139E6D2F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\s0017mdm.sys

O58 - SDL:[MD5.9814E6BACC06D2526CD52981C7EEEDF0] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\s0017mgmt.sys

O58 - SDL:[MD5.2C62CD58225973F26682CD4F783DDEDE] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation (NDIS 5 Minipo.) -- C:\Windows\system32\drivers\s0017nd5.sys

O58 - SDL:[MD5.F87C3422E84B2FB1B43E0A26247AD5A5] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC OBEX Interface Device Driver.) -- C:\Windows\system32\drivers\s0017obex.sys

O58 - SDL:[MD5.DF5E7360A0AFA5956BF75DA683D0679F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation.) -- C:\Windows\system32\drivers\s0017unic.sys

O58 - SDL:[MD5.985E0A43CF844A573FF254C847AD0BA9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017wh.sys

O58 - SDL:[MD5.985E0A43CF844A573FF254C847AD0BA9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017whnt.sys

O58 - SDL:[MD5.1C5C2CB892553D2CF3F45A4BB323FCD6] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 Driver.) -- C:\Windows\system32\drivers\s1018bus.sys

O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cm.sys

O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cmnt.sys

O58 - SDL:[MD5.38F5EA219593F19B6B3A1B9C169E3B61] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\s1018mdfl.sys

O58 - SDL:[MD5.666AF6B64FC7DF92D3CA4819EA91631D] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\s1018mdm.sys

O58 - SDL:[MD5.F4CEDA6E2DDFF2AF8BD745615A7CA9C0] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\s1018mgmt.sys

O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018wh.sys

O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018whnt.sys

O58 - SDL:[MD5.72AECF54AAC22B20956D08610972B5A1] - 03/11/2010 - 22:38:38 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys

O58 - SDL:[MD5.16B1ABE7F3E35F21DAC57592B6C5D464] - 09/11/2009 - 04:21:18 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.E5B56569A9F79B70314FEDE6C953641E] - 11/07/2010 - 16:08:28 ---A- . (.Sony Ericsson Mobile Communications - seehcri Driver.) -- C:\Windows\system32\drivers\seehcri.sys

O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys

O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 12:48:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\StarOpen.sys

O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys

O58 - SDL:[MD5.2C15B4856F929AC7DD144044D8334B54] - 25/03/2008 - 12:54:02 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys

O58 - SDL:[MD5.6750328AB04AE5FAF01403A575D66978] - 06/10/2008 - 16:56:38 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys

O58 - SDL:[MD5.45A0FD8D566E7C44B2FC340CBD6672D0] - 03/03/2009 - 14:42:56 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys

O58 - SDL:[MD5.C281D231BA7BC7955D39EA9E21374EFF] - 19/02/2009 - 15:20:10 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys

O58 - SDL:[MD5.592CD9C8AB08EF02EA53905D30FB157E] - 05/03/2009 - 10:03:16 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys

O58 - SDL:[MD5.0F3FD4F55175CAEDDCE9EFD6C5CA45D3] - 12/03/2009 - 10:33:08 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys

O58 - SDL:[MD5.5C4DDC4C3596DDB742E5BADEEE914EA0] - 03/03/2009 - 14:43:58 ---A- . (.TOSHIBA Corporation - Bluetooth Audio Driver (WDM).) -- C:\Windows\system32\drivers\TosRfSnd.sys

O58 - SDL:[MD5.8688938B6D2A7EC8037A8B3AE1ADCE2B] - 10/03/2009 - 15:31:52 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys

O58 - SDL:[MD5.A6CAB31A6CFCD41E5213A924B2413EF1] - 10/07/2009 - 04:04:42 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\viahduaa.sys

O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys

O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys

O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\giveio.sys

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 24/09/2006 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\Windows\system32\speedfan.sys

O58 - SDL:[MD5.58997182304759F46902A62128D44D5C] - 16/12/2009 - 22:29:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\WinVd32.sys

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

 

 

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=1000 (Application Error) - (.Megaupload Limited - Mega Manager.) -- C:\Program Files\Megaupload\Mega Manager\MegaManager.exe

O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - Pas de description.) -- C:\Windows\Explorer.EXE

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe

O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\vlc.exe

O66 - EventLog: ID=1000 (Application Error) - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\mo\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.cbid", "QC");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}"'>http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.first-launch-url", "http://g.msn.com/5mefr_fr/11");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.fresh-install", false);

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.l", "dis");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.last-config-req", "1288811956305");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.locale", "fr_FR");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.o", "102408");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.options-lang", "fr");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.options-locale", "UK");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.qsrc", "2871");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.r", "2");

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.search-suggestions-enabled", true);

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {AE7F6473-3AA7-4289-8D63-8BF32144F511} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {E9ED43AD-DA41-4cdc-8FE9-D8C5B8443976} - (SpeedBit Search) - SpeedBit Search

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [168448]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [591360]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [667136]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473088]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [285184]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [241664]

O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [30024]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [543232]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1912832]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [589312]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [497152]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [46592]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [114688]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [49664]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [162816]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [743424]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [71168]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [99328]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [168960]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102400]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [37376]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Demand 29/11/2009 69632 | C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

SR - | Auto 04/08/2010 176128 | C:\Windows\system32\atiesrxx.exe (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 02/04/2009 90112 | C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (AsSysCtrlService) . (.Pas de propriétaire.) - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

SS - | Auto 02/04/2009 0 | C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (BlueSoleil Hid Service) . (.Pas de propriétaire.) - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

SR - | Auto 11/11/2006 266295 | C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

SS - | Demand 16/11/2009 20680 | C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

SR - | Auto 16/11/2009 735960 | C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

SS - | Auto 24/02/2010 135664 | C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 23/12/2009 182768 | C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Demand 03/11/2010 1181328 | C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Ad-Aware Service) . (.Lavasoft.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

SR - | Auto 20/11/2009 73728 | C:\Program Files\Common Files\LightScribe\LSSrvc.exe (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

SS - | Demand 12/09/2010 251248 | C:\Program Files\ma-config.com\maconfservice.exe (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe

SR - | Auto 29/04/2010 304464 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

SS - | Auto 16/03/2010 813056 | C:\Program Files\The Cleaner\mhelper.exe (moohelp) . (.MooSoft Development LLC.) - C:\Program Files\The Cleaner\mhelper.exe

SS - | Disabled 23/09/2009 935208 | C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

SR - | Auto 06/09/2009 71096 | C:\Program Files\CDBurnerXP\NMSAccessU.exe (NMSAccessU) . (.Pas de propriétaire.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

SR - | Auto 30/04/2009 90112 | C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (OMSI download service) . (.Pas de propriétaire.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

SR - | Demand 26/01/2010 2740224 | C:\Windows\system32\PrivacyProvider.exe (PrivacyProvider) . (.Pas de propriétaire.) - C:\Windows\system32\PrivacyProvider.exe

SS - | Auto 26/01/2010 0 | C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWindServiceAE) . (.Pas de propriétaire.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

SS - | Demand 26/01/2010 0 | C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp.Defrag) . (.Pas de propriétaire.) - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

SR - | Auto 20/04/2010 1050440 | C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by mo at 01/09/2010 07:36:50

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

1 ntkrnlpa!IofCallDriver[0x83075458] -> \Device\Harddisk0\DR0[0x86634030]

3 CLASSPNP[0x8B77F59E] -> ntkrnlpa!IofCallDriver[0x83075458] -> [0x864E2918]

5 ACPI[0x8B2BB3B2] -> ntkrnlpa!IofCallDriver[0x83075458] -> \Device\Ide\IdeDeviceP2T0L0-2[0x864D5030]

kernel: MBR read successfully

user & kernel MBR OK

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog

Run by mo at 01/09/2010 07:36:54

Dump file Name : C:\Program Files\ZHPDiag\MBRDump_09-01-10_07-36-54_PhysicalDrive0.bin

 

 

---\\ Infection BT - BHO/Toolbar (Possible)

O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}

[HKCU\Software\Ask.com]

O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");

 

 

 

End of the scan (1254 lines in 01mn 13s)(0)

Modifié par rapetou83

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

1) Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

 

Ad-Remover : Telechargement

 

Ferme toutes les applications ouvertes pour l'installer.

 

Sous Vista/7: Désactiver provisoirement l'UAC comme expliqué ICI

 

Sous XP: Double-clique, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur Scanner.

 

Ad-Remover1.jpg

 

Le rapport se trouve aussi sous C:\Ad-Report.

Copie/colle-le dans ta réponse stp.

 

-----------------------------------------------------------------------------------------------

 

2) Double-clique pour XP, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône Ad-R placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur Nettoyer.

 

Le bureau va disparaitre, c'est normal!

 

Le rapport se trouve aussi sous C:\Ad-Report Clean.

Copie/colle-le dans ta réponse stp.

 

Réactiver l'UAC de Vista/7. (Si Vista/7 bien sûr!).

 

La page d'accueil sera peut-être changée; il suffit de remettre sa page habituelle via les options internet.

 

 

*** Poste les deux rapports stp.

 

@++

rapetou83 Junior Member

rapetou83

Posté(e)
  • Auteur
Posté(e) (modifié)

bonsoir et merci apollo de ton aide voici déjà le premier rapport

======= REPORT FROM AD-REMOVER 2.0.0.2,B | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 25/10/10 at 11:40

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill

 

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 16:52:17 on 01/09/2010, Normal boot

 

Microsoft Windows 7 Édition Intégrale (X86)

mo@PC (System manufacturer System Product Name)

 

============== SEARCH ==============

 

 

File found: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder found: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\extensions\toolbar@ask.com

Folder found: C:\Program Files\Ask.com

Folder found: C:\Users\mo\AppData\LocalLow\AskToolbar

 

-- File opened: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --

Line found: user_pref("extensions.asktb.cbid", "QC");

Line found: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}...

Line found: user_pref("extensions.asktb.first-launch-url", "hxxp://g.msn.com/5mefr_fr/11");

Line found: user_pref("extensions.asktb.fresh-install", false);

Line found: user_pref("extensions.asktb.l", "dis");

Line found: user_pref("extensions.asktb.last-config-req", "1288811956305");

Line found: user_pref("extensions.asktb.locale", "fr_FR");

Line found: user_pref("extensions.asktb.o", "102408");

Line found: user_pref("extensions.asktb.options-lang", "fr");

Line found: user_pref("extensions.asktb.options-locale", "UK");

Line found: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

Line found: user_pref("extensions.asktb.qsrc", "2871");

Line found: user_pref("extensions.asktb.r", "2");

Line found: user_pref("extensions.asktb.search-suggestions-enabled", true);

Line found: user_pref("extensions.enabledItems", "DeviceDetection@logitech.com:1.20.0.66,{d10d0bf8-f5b5-c8b4-a8b...

-- File closed --

 

 

Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key found: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO

Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1

Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key found: HKCU\Software\Ask.com

Key found: HKCU\Software\AppDataLow\AskToolbarInfo

Key found: HKCU\Software\AppDataLow\Software\AskToolbar

Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key found: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

** Mozilla Firefox Version [3.6.12 (fr)] **

 

-- C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --

browser.download.dir, C:\\Users\\mo\\Documents\\Downloads

browser.download.lastDir, C:\\Users\\mo\\Desktop

browser.startup.homepage, google.fr

browser.startup.homepage_override.mstone, rv:1.9.2.12

keyword.URL, hxxp://search.speedbit.com/searchresults.asp?src=default&q=

 

========================================

 

** Internet Explorer Version [8.0.7600.16385] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Do404Search: 0x01000000

Enable Browser Extensions: YES

Local Page: C:\Windows\system32\blank.htm

Show_ToolBar: yes

Start Page: hxxp://www.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157

Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\System32\blank.htm

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: hxxp://search.speedbit.com/tab/

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)

C:\Program Files\Ad-Remover\Backup: 1 File(s)

 

C:\Ad-Report-SCAN[1].txt - 01/09/2010 (5230 Byte(s))

 

End at: 16:52:49, 01/09/2010

 

============== E.O.F ==============

 

 

ET VOICI LE SECOND RAPPORT

 

 

 

======= REPORT FROM AD-REMOVER 2.0.0.2,B | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 25/10/10 at 11:40

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 18:12:31 on 01/09/2010, Normal boot

 

Microsoft Windows 7 Édition Intégrale (X86)

mo@PC (System manufacturer System Product Name)

 

============== ACTION(S) ==============

 

 

File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar

Folder deleted: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\extensions\toolbar@ask.com

Folder deleted: C:\Program Files\Ask.com

Folder deleted: C:\Users\mo\AppData\LocalLow\AskToolbar

 

(!) -- Temporary files deleted.

 

 

-- File opened: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --

Line deleted:

Line deleted:

Line deleted: user_pref("extensions.asktb.cbid", "QC");

Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}...

Line deleted: user_pref("extensions.asktb.first-launch-url", "hxxp://g.msn.com/5mefr_fr/11");

Line deleted: user_pref("extensions.asktb.fresh-install", false);

Line deleted: user_pref("extensions.asktb.l", "dis");

Line deleted: user_pref("extensions.asktb.last-config-req", "1288811956305");

Line deleted: user_pref("extensions.asktb.locale", "fr_FR");

Line deleted: user_pref("extensions.asktb.o", "102408");

Line deleted: user_pref("extensions.asktb.options-lang", "fr");

Line deleted: user_pref("extensions.asktb.options-locale", "UK");

Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

Line deleted: user_pref("extensions.asktb.qsrc", "2871");

Line deleted: user_pref("extensions.asktb.r", "2");

Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true);

Line deleted: user_pref("extensions.enabledItems", "DeviceDetection@logitech.com:1.20.0.66,{d10d0bf8-f5b5-c8b4-a8b...

-- File closed --

 

 

Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key deleted: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO

Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1

Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key deleted: HKCU\Software\Ask.com

Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo

Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar

Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

** Mozilla Firefox Version [3.6.12 (fr)] **

 

-- C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --

browser.download.dir, C:\\Users\\mo\\Documents\\Downloads

browser.download.lastDir, C:\\Users\\mo\\Desktop

browser.startup.homepage, google.fr

browser.startup.homepage_override.mstone, rv:1.9.2.12

keyword.URL, hxxp://search.speedbit.com/searchresults.asp?src=default&q=

 

========================================

 

** Internet Explorer Version [8.0.7600.16385] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: YES

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\System32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 165 File(s)

C:\Program Files\Ad-Remover\Backup: 16 File(s)

 

C:\Ad-Report-CLEAN[1].txt - 01/09/2010 (5673 Byte(s))

C:\Ad-Report-SCAN[1].txt - 01/09/2010 (5359 Byte(s))

 

End at: 18:13:20, 01/09/2010

 

============== E.O.F ==============

Modifié par rapetou83
Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Re,

 

Préfère faire un nouveau post car si tu édites, je ne reçois pas de notification email. ;)

 

Désinstalle Ad-Remover par son interface.

 

Rends toi sur ce lien : Virus Total

  • Clique sur le bouton Parcourir...
  • Parcours tes dossiers jusque à ce fichier, si tu le trouves :

  • C:\Windows\System32\Wininit.exe
     

     

 

  • Clique sur Envoyer le fichier, et si VirusTotal dit que le fichier a déjà été analysé, clique sur le bouton Reanalyse le fichier maintenant.
  • Laisse le site travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. Dans ce cas, il te faudra patienter sans réactualiser la page.
  • Lorsque l'analyse est terminée copie le lien qui se trouve dans la barre de navigateur et colle-le dans ta réponse stp.

 

*** Fais-en de même avec ce fichier-ci: C:\Windows\Explorer.exe

 

@++

  • Upvote 1
Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

ComboFix ne doit pas être utilisé comme un outil de diagnostic, il ne doit être employé que sur demande expresse d'un conseiller formé à cet outil et sous son contrôle. Cet outil peut être dangereux!

 

Désactiver les protections (antivirus, firewall, antispyware).

Si vous ne savez pas comment faire, reportez-vous à cet article.

 

Connecter les supports amovibles (clé usb et autres) avant de procéder.

 

TUTO Officiel

 

Fais un clic droit ICI

  • Dans le menu qui se déroule, choisis "Enregistrer la cible du lien sous" (si tu utilises Firefox) et "Enregistrer la cible sous" (si tu utilises Internet Explorer)
  • Une fenêtre va s'ouvrir: dans le champs Nom du fichier (en bas ), tape ceci plop
     
    exemple: comborenomm2.jpg
     
  • On va enregistrer ce fichier sur le Bureau: pour cela, sur le panneau de gauche, clique sur le Bureau.
     
  • Clique enfin sur le bouton Enregistrer en bas de page à droite.
  • Assure toi que tous les programmes sont fermés avant de lancer le fix!
  • Fait un double clique sur plop.
  • attention.gifSi la console de récupération n'est pas installée sur un XP, ComboFix va proposer de l'installer: Accepte!
     
    consolerestaucf.jpg
     
  • Clique sur Oui au message de Limitation de Garantie qui s'affiche.
  • Il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sure: accepte!
  • Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
  • Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message.

 

Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.

 

NB: Si malgré tout, tu ne parviens pas à réparer la connexion, lis ce sujet stp.

 

Si le message: "Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression".

apparaissait, redémarrer le pc.

 

sshot-1-9.jpg

 

@++

  • Upvote 1
rapetou83 Junior Member

rapetou83

Posté(e)
  • Auteur
Posté(e)

bonsoir apollo voici le fichier demandé

 

ComboFix 10-11-05.01 - mo 05/11/2010 17:48:28.1.4 - x86

Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1033.18.3063.1718 [GMT 1:00]

Lancé depuis: c:\users\mo\Desktop\plop.exe

.

ADS - Windows: deleted 48 bytes in 1 streams.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\programdata\hpe255C.dll

c:\programdata\hpeB0E7.dll

c:\users\mo\AppData\Roaming\.#

c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F58.###

c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F68.###

c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F78.###

c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F58.###

c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F68.###

c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F78.###

c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F58.###

c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F68.###

c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F78.###

c:\windows\system32\sqlite3.dll

 

Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée

Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

 

Une copie infectée de c:\windows\System32\wininit.exe a été trouvée et désinfectée

Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 

Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée

Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-10-05 au 2010-11-05 ))))))))))))))))))))))))))))))))))))

.

 

2010-11-05 16:52 . 2010-11-05 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-11-03 21:38 . 2010-11-03 21:38 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-11-03 21:21 . 2010-11-04 06:00 -------- d-----w- c:\programdata\moosoft

2010-11-03 20:53 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

2010-11-03 19:24 . 2010-11-03 21:57 -------- d-----w- c:\program files\The Cleaner

2010-11-03 19:24 . 2010-11-03 21:05 -------- d-----w- c:\users\mo\AppData\Roaming\thecleaner

2010-11-03 19:00 . 2010-11-03 19:00 -------- dc-h--w- c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

2010-11-03 18:59 . 2010-11-03 20:53 -------- d-----w- c:\programdata\Lavasoft

2010-11-03 18:59 . 2010-11-03 18:59 -------- d-----w- c:\program files\Lavasoft

2010-10-30 16:39 . 2009-07-14 01:15 315904 ----a-w- c:\windows\system32\Difx9199.rra

2010-10-29 15:12 . 2010-10-30 17:38 -------- d-----w- c:\users\mo\AppData\Roaming\383023B6067A2A20D66DC58422C29201

2010-10-27 05:19 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll

2010-10-27 05:19 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll

2010-10-27 05:19 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax

2010-10-27 05:19 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2010-10-27 05:18 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2010-10-26 18:49 . 2010-10-26 18:49 -------- d-----w- c:\program files\Winamax Poker

2010-10-23 16:38 . 2010-10-23 16:38 -------- d-----w- c:\windows\fr

2010-10-23 16:37 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2010-10-23 16:31 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll

2010-10-23 16:31 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2010-10-23 16:07 . 2010-10-23 18:45 -------- d-----w- c:\users\mo\AppData\Roaming\Windows Live Writer

2010-10-23 16:07 . 2010-10-23 16:07 -------- d-----w- c:\users\mo\AppData\Local\Windows Live Writer

2010-10-22 14:30 . 2010-10-22 14:30 -------- d-----w- c:\program files\Microsoft IntelliType Pro

2010-10-21 05:27 . 2010-10-21 05:27 -------- d-----w- c:\program files\Microsoft IntelliPoint

2010-10-21 05:19 . 2010-10-21 05:19 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\9907f17e1cb70df10\InstallManager_WLE_WLE.exe

2010-10-21 05:19 . 2010-10-21 05:19 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\9831b5a51cb70df0f\MeshBetaRemover.exe

2010-10-21 05:19 . 2010-10-21 05:19 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\DSETUP.dll

2010-10-21 05:19 . 2010-10-21 05:19 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\DXSETUP.exe

2010-10-21 05:19 . 2010-10-21 05:19 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\dsetup32.dll

2010-10-21 05:19 . 2010-10-21 05:19 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\DSETUP.dll

2010-10-21 05:19 . 2010-10-21 05:19 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\DXSETUP.exe

2010-10-21 05:19 . 2010-10-21 05:19 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\dsetup32.dll

2010-10-21 05:19 . 2010-09-01 05:51 -------- d-----w- c:\users\mo\AppData\Local\Windows Live

2010-10-21 05:19 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL

2010-10-21 05:19 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll

2010-10-21 05:19 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll

2010-10-20 05:07 . 2010-10-23 16:37 -------- d-----w- c:\program files\Windows Live

2010-10-16 17:01 . 2010-01-26 08:24 471040 ----a-w- c:\windows\system32\RegisterLSP.exe

2010-10-16 17:01 . 2010-01-26 08:23 258048 ----a-w- c:\windows\system32\PrivacyProvider.dll

2010-10-16 17:01 . 2010-01-26 08:22 2740224 ----a-w- c:\windows\system32\PrivacyProvider.exe

2010-10-16 12:08 . 2010-10-16 12:08 8704 ----a-w- c:\windows\system32\SpOrder.dll

2010-10-16 12:08 . 2010-10-16 12:08 73728 ----a-w- c:\windows\system32\VistaInfo32.dll

2010-10-16 12:08 . 2010-10-16 17:01 -------- d-----w- c:\program files\IP Hider

2010-10-15 18:05 . 2010-10-15 18:05 73216 ----a-w- c:\windows\ST6UNST.EXE

2010-10-15 18:05 . 2010-10-15 18:05 253952 ------w- c:\windows\Setup1.exe

2010-10-13 05:12 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll

2010-10-07 17:17 . 2010-10-07 17:17 -------- d-----w- c:\programdata\ASUS OC Profiles

2010-10-07 17:15 . 2010-10-07 17:15 -------- d-----w- C:\temp

2010-10-07 17:15 . 2010-10-07 17:15 -------- d-----w- C:\dvmexp

2010-10-07 17:14 . 2010-10-09 07:43 -------- d-----w- C:\ASUS.000

2010-10-07 17:14 . 2010-10-07 17:14 -------- d-----w- C:\ASUS.SYS

2010-10-07 17:13 . 2010-10-07 17:13 -------- d-----w- c:\program files\Downloaded Installations

2010-10-07 17:11 . 2007-12-17 09:14 12400 ----a-r- c:\windows\system32\drivers\AsIO.sys

2010-10-07 17:11 . 2006-01-10 08:50 24576 ----a-r- c:\windows\system32\AsIO.dll

2010-10-07 17:11 . 2010-10-07 17:12 -------- d-----w- c:\program files\ASUS

2010-10-07 17:11 . 2008-01-04 11:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys

2010-10-07 17:11 . 2008-01-04 11:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys

2010-10-07 17:11 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2010-10-07 17:11 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll

2010-10-07 17:11 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2010-10-07 17:11 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2010-10-07 17:11 . 2009-07-14 01:15 315904 ----a-w- c:\windows\system32\Difx8fdf.rra

2010-10-07 17:03 . 2010-10-07 17:04 -------- d-----w- c:\windows\AsusInstAll

2010-10-07 17:03 . 2009-07-10 05:48 856064 ----a-w- c:\windows\system32\VIAPropPageExt.dll

2010-10-07 17:03 . 2009-07-10 03:04 1067008 ----a-w- c:\windows\system32\drivers\viahduaa.sys

2010-10-07 17:03 . 2009-07-06 01:58 491008 ----a-w- c:\windows\system32\VIASysFx.dll

2010-10-07 17:03 . 2009-06-01 02:10 211456 ----a-w- c:\windows\system32\Dts2APO.dll

2010-10-07 17:03 . 2009-03-04 08:42 75776 ----a-w- c:\windows\system32\Dts2PropPageExt.dll

2010-10-07 17:03 . 2009-01-19 13:30 68608 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll

2010-10-07 17:03 . 2009-01-19 13:29 181248 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll

2010-10-07 17:03 . 2007-12-04 03:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll

2010-10-07 17:03 . 2007-12-04 03:28 71680 ----a-w- c:\windows\system32\nQAPO.dll

2010-10-07 17:03 . 2010-10-07 17:03 -------- d-----w- c:\program files\VIA

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-11-03 20:52 . 2010-09-01 05:09 15880 ----a-w- c:\windows\system32\lsdelete.exe

2010-10-19 09:41 . 2009-11-29 12:22 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-07 23:21 . 2010-09-02 05:05 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A1D2DDB-1ABF-41FB-B88A-449C36DEAC41}\mpengine.dll

2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll

2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR

2010-09-21 12:03 . 2010-09-21 12:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL

2010-08-21 05:32 . 2010-09-15 07:02 316928 ----a-w- c:\windows\system32\spoolsv.exe

2010-08-10 03:15 . 2010-08-10 03:15 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-08-10 03:15 . 2010-08-10 03:15 69632 ----a-w- c:\windows\system32\QuickTime.qts

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"FreeMi UPnP Media Server"="c:\program files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe" [2010-09-17 89088]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-22 39408]

"Google Update"="c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-26 135664]

"tcactive"="c:\program files\The Cleaner\tcap.exe" [2010-03-29 2951680]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]

"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-24 1474560]

"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872]

"Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-05-25 1768960]

"IPHider"="c:\program files\IP Hider\IP Hider.exe" [2010-02-26 1560576]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 1797008]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Mise … jour des licences ESET.lnk - c:\program files\ESET\MiNODLogin\MiNODLogin.exe [2010-10-18 125952]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]

backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]

backup=c:\windows\pss\BTTray.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Acrobat.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk

backup=c:\windows\pss\Lancement rapide d'Adobe Acrobat.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]

backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mise à jour des licences ESET.lnk]

backup=c:\windows\pss\Mise à jour des licences ESET.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]

2004-12-14 01:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2010-09-01 06:39 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

2010-07-21 14:53 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]

2010-07-21 15:08 1778064 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

2010-04-29 13:39 437584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2009-12-22 23:44 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

2004-11-22 07:18 307200 ----a-r- c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Google Update"="c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

"updateMgr"=c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

 

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 135664]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]

R2 moohelp;The Cleaner 2011 Helper Service;c:\program files\The Cleaner\mhelper.exe [2010-03-16 813056]

R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-07-11 13224]

R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248]

R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-03 1181328]

R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]

R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]

R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]

R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]

R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]

R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]

R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]

R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]

R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]

R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]

R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]

R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]

S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-01-07 20744]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-09-23 64288]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-03 176128]

S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]

S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-12-18 95896]

S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-03 214016]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-07 44432]

S3 PrivacyProvider;PrivacyProvider;c:\windows\system32\PrivacyProvider.exe [2010-01-26 2740224]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-04-19 189784]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]

S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-07-11 27632]

 

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-11-20 13:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Contenu du dossier 'Tâches planifiées'

 

2010-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 18:53]

 

2010-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 18:53]

 

2010-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000Core.job

- c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-26 13:14]

 

2010-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000UA.job

- c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-26 13:14]

.

.

------- Examen supplémentaire -------

.

IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir les liens sélectionnés en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

LSP: c:\windows\system32\PrivacyProvider.dll

Trusted Zone: secuser.com

FF - ProfilePath - c:\users\mo\AppData\Roaming\Mozilla\Firefox\Profiles\jfan4znq.default\

FF - prefs.js: browser.startup.homepage - google.fr

FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=

FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: c:\users\mo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\users\mo\AppData\Roaming\Mozilla\Firefox\Profiles\jfan4znq.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll

 

---- PARAMETRES FIREFOX ----

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - ORPHELINS SUPPRIMES - - - -

 

MSConfigStartUp-ITSecMng - c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe

MSConfigStartUp-Kernel and Hardware Abstraction Layer - KHALMNPR.EXE

MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

AddRemove-Scooby-Doo, Le Secret du Sphinx - c:\program files\Mindscape\Scooby-Doo

 

 

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'Explorer.exe'(116)

c:\windows\system32\btncopy.dll

c:\program files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

c:\program files\Megaupload\Mega Manager\MegaIEMn.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\windows\system32\AUDIODG.EXE

c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

c:\windows\system32\atieclxx.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\CDBurnerXP\NMSAccessU.exe

c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\taskhost.exe

c:\program files\ASUS\Six Engine\SixEngine.exe

c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conhost.exe

c:\windows\system32\sppsvc.exe

.

**************************************************************************

.

Heure de fin: 2010-11-05 17:56:47 - La machine a redémarré

ComboFix-quarantined-files.txt 2010-11-05 16:56

 

Avant-CF: 427 299 778 560 octets libres

Après-CF: 427 288 875 008 octets libres

 

- - End Of File - - 2C1F2D3E94DD7236AE2444F13AF4EF0C

 

 

merci de ton aide :serviteur:

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Minute papillon :lol:

 

Il vaut mieux faire quelques vérifications supplémentaires. Tu as en outre des applications à mettre à jour car faillibles en l'état.

 

ComboFix a confirmé mes doutes sur les deux fichiers qui n'ont pu être analysés par virus total. (ce qui est un signe).

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

 

Pour les systèmes 64 Bits: Télécharger RSIT 64 Bits

 

  • Double-clique sur RSIT.exe afin de lancer RSIT. Pour XP
     
    Important :
    * Sous Vista : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
     
    * Sous Windows 7 : Il faut mettre le fichier RSIT.exe sur le bureau, faire un clic droit dessus et dans Propriétés, onglet Compatibilité, cocher la case "Exécuter ce programme en mode compatibilité pour" et dans le menu choisir Vista SP2 et la case dans Niveau de privilège.
    Valide par Appliquer.
     
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

 

>>>Héberge les rapports RSIT ici: Cijoint.fr - Service gratuit de dépôt de fichiers et me donner les liens pour que je puisse les consulter.

 

Pour l'instant, il vaut mieux procéder de la sorte pour ne pas planter le sujet du forum.

N'héberge les fichiers que lorsqu'on le demande stp, sinon poste-les en clair. Merci.

 

@++

  • Upvote 1

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...