Analyse complète

[oneill76]

Bonsoir .

 

TOut d'abord bonne et heureuse année 2011 plein d'amour d'argent de travail et de santé.

pour moi la santé ne sera pas de refus apres de gros soucis pendant plusieurs mois ce qui a fait que je n'ai pu suivre le dernier SUjet que j'ai ouvert il y a plusieurs mois.

 

 

JE reviens donc avec mes problemes ^^ je m'en passerai

 

J'ai sur les bras un ordinateur capricieux qui plante m'ouvre des fenêtres de pub tant qu'il en veut , se met en mode veille tout seul sans parler de multiple freeze a me jeter par la fenêtre.

DE plus Je n'ai plus moyen de réactiver le PAReFEU ni en automatique ni en manuelle

 

 

VOici pour commencer le rapport HIJACKthis.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:19:45, on 06/01/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18999)

Boot mode: Normal

 

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Hp\QuickPlay\QPService.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\OrangeHSS\Systray\SystrayApp.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Microsoft LifeChat\LifeChat.exe

C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe

C:\Users\nicolas alexis\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Users\nicolas alexis\Desktop\HiJackThis(3).exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.cherche.us/keyword/%s

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Foozir.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (file missing)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [systrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"

O4 - HKLM\..\Run: [WindowsLivePhone] C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe /AutoRun

O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Program Files\ClickPotatoLite\bin\10.0.622.0\ClickPotatoLiteSA.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\nicolas alexis\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MediaPlayerXv] C:\Users\nicolas alexis\AppData\Roaming\Help\svchost.exe

O4 - HKCU\..\Run: [WindowsLivePhone] "C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe" /AutoRun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Recherche avec cherche.us - C:\Users\nicolas alexis\scriptjava.html

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.622.0\ClickPotatoLiteSABHO.dll (file missing)

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O15 - Trusted Zone: *.chat-land.org

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdeserv.exe

O23 - Service: lxde_device - - C:\Windows\system32\lxdecoms.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 9470 bytes

 

 

MErci PAr avance au Gentil Super Heros qui va une fois de plus sauvé mes petites fesses de la dépression ^^.

[pear]

Bonjour,

 

Je n'ai encore jamais de "fesses en dépression" mais je vais essayer de vous aider.

 

Téléchargez AD-Remover sur le bureau

 

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Nettoyer

 

Il y aura 2 rapports à poster après Scanner et Nettoyer

 

Pour désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

 

 

 

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

 

Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Clic sur la Loupe pour lancer le scan

 

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

[oneill76]

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 03/01/11 à 14:20

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix

 

C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 22:49:17 le 06/01/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)

nicolas alexis@PC-DE-NICOLASAL (Hewlett-Packard HP PAVILION DV2970EF)

 

============== RECHERCHE ==============

 

 

Fichier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk

Fichier trouvé: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\searchplugins\askcom.xml

Fichier trouvé: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\searchplugins\cherche.xml

Dossier trouvé: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\conduit

Fichier trouvé: C:\Users\nicolas alexis\scriptjava.html

Fichier trouvé: C:\Users\nicolas alexis\tmp1.7

Dossier trouvé: C:\Program Files\Ask.com

Dossier trouvé: C:\Users\nicolas alexis\AppData\Roaming\OfferBox

 

-- Fichier ouvert: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\Prefs.js --

Ligne trouvée: user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...

Ligne trouvée: user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243...

Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");

Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");

Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");

Ligne trouvée: user_pref("browser.search.selectedEngine", "Ask.com");

-- Fichier Fermé --

 

 

Clé trouvée: HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé trouvée: HKLM\Software\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}

Clé trouvée: HKLM\Software\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}

Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}

Clé trouvée: HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé trouvée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}

Clé trouvée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}

Clé trouvée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}

Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}

Clé trouvée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}

Clé trouvée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}

Clé trouvée: HKLM\Software\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}

Clé trouvée: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}

Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAx.Info

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAx.Info.1

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1

Clé trouvée: HKLM\Software\Classes\MenuButtonIE.ButtonIE

Clé trouvée: HKLM\Software\Classes\MenuButtonIE.ButtonIE.1

Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer

Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1

Clé trouvée: HKLM\Software\Classes\AppID\MenuButtonIE.DLL

Clé trouvée: HKLM\Software\OfferBox

Clé trouvée: HKLM\Software\ClickPotatoLite

Clé trouvée: HKCU\Software\SpiderMessenger

Clé trouvée: HKCU\Software\OfferBox

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox

Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox

Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec cherche.us

 

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|clickpotatolite@clickpotatolite.com

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ClickPotatoLiteSA

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== SCAN ADDITIONNEL ==============

 

** Mozilla Firefox Version [3.6.13 (fr)] **

 

-- C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\Prefs.js --

browser.download.lastDir, C:\\Users\\nicolas alexis\\Desktop

browser.search.defaultenginename, Ask.com

browser.search.selectedEngine, Ask.com

browser.startup.homepage, google.Fr

browser.startup.homepage_override.mstone, rv:1.9.2.13

 

========================================

 

** Internet Explorer Version [8.0.6001.18999] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://www.cherche.us

Default_Search_URL: hxxp://www.cherche.us/keyword/

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://www.cherche.us

Search Page: hxxp://www.cherche.us

Show_ToolBar: yes

Start Page: hxxp://www.cherche.us

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\System32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://www.foozir.com/

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 28 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 13/10/2010 (5831 Octet(s))

C:\Ad-Report-SCAN[1].txt - 13/10/2010 (5599 Octet(s))

C:\Ad-Report-SCAN[2].txt - 06/01/2011 (7444 Octet(s))

 

Fin à: 22:50:18, 06/01/2011

 

============== E.O.F ==============

 

 

 

__________________________________________________________________________________________________

 

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 03/01/11 à 14:20

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 22:51:13 le 06/01/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)

nicolas alexis@PC-DE-NICOLASAL (Hewlett-Packard HP PAVILION DV2970EF)

 

============== ACTION(S) ==============

 

 

Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk

Fichier supprimé: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\searchplugins\askcom.xml

Fichier supprimé: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\searchplugins\cherche.xml

Dossier supprimé: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\conduit

Fichier supprimé: C:\Users\nicolas alexis\scriptjava.html

Fichier supprimé: C:\Users\nicolas alexis\tmp1.7

Dossier supprimé: C:\Program Files\Ask.com

Dossier supprimé: C:\Users\nicolas alexis\AppData\Roaming\OfferBox

 

(!) -- Fichiers temporaires supprimés.

 

 

-- Fichier ouvert: C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\Prefs.js --

-- Fichier Fermé --

 

 

Clé supprimée: HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé supprimée: HKLM\Software\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}

Clé supprimée: HKLM\Software\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}

Clé supprimée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}

Clé supprimée: HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé supprimée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

Clé supprimée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}

Clé supprimée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}

Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}

Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}

Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}

Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}

Clé supprimée: HKLM\Software\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}

Clé supprimée: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}

Clé supprimée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAx.Info

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAx.Info.1

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1

Clé supprimée: HKLM\Software\Classes\MenuButtonIE.ButtonIE

Clé supprimée: HKLM\Software\Classes\MenuButtonIE.ButtonIE.1

Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer

Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1

Clé supprimée: HKLM\Software\Classes\AppID\MenuButtonIE.DLL

Clé supprimée: HKLM\Software\OfferBox

Clé supprimée: HKLM\Software\ClickPotatoLite

Clé supprimée: HKCU\Software\SpiderMessenger

Clé supprimée: HKCU\Software\OfferBox

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox

Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox

Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec cherche.us

 

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|clickpotatolite@clickpotatolite.com

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ClickPotatoLiteSA

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== SCAN ADDITIONNEL ==============

 

** Mozilla Firefox Version [3.6.13 (fr)] **

 

-- C:\Users\nicolas alexis\AppData\Roaming\Mozilla\FireFox\Profiles\8mgqlmkr.default\Prefs.js --

browser.download.lastDir, C:\\Users\\nicolas alexis\\Desktop

browser.search.defaultenginename, Ask.com

browser.search.selectedEngine, Ask.com

browser.startup.homepage, google.Fr

browser.startup.homepage_override.mstone, rv:1.9.2.13

 

========================================

 

** Internet Explorer Version [8.0.6001.18999] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\System32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 35 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 33 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 13/10/2010 (5831 Octet(s))

C:\Ad-Report-CLEAN[2].txt - 06/01/2011 (7078 Octet(s))

C:\Ad-Report-SCAN[1].txt - 13/10/2010 (5599 Octet(s))

C:\Ad-Report-SCAN[2].txt - 06/01/2011 (7573 Octet(s))

 

Fin à: 22:52:31, 06/01/2011

 

============== E.O.F ==============

Modifié le 6 janvier 2011 par oneill76

[oneill76]

Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010

Run by nicolas alexis at 06/01/2011 22:58:41

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18999

MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

GCIE: Google Chrome v8.0.552.224

 

---\\ System Information

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3069 MB (46% free)

System drive C: has 90 GB (31%) free of 287 GB

 

---\\ Logged in mode

Computer Name: PC-DE-NICOLASAL

User Name: nicolas alexis

All Users Names: nicolas alexis, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 90 Go of 287 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 11 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]

[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]

 

 

---\\ Processus lancés

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.4B555106290BD117334E9A08761C035A] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\rundll32.exe [44544]

[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]

[MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]

[MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544]

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)

M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\YPlayer@yummy.net

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll

P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.0.254.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

P2 - FPN: [HKLM] [@veoh.com/VeohTVPlugin] - (.Veoh Networks - NPVeohTVPlugin.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll

P2 - FPN: [HKLM] [@veoh.com/VeohWebPlayer] - (.Veoh - Veoh Web Video Player Browser Plugin.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.5] - (.the VideoLAN Team - Version 1.1.5, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll (.not file.)

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\nicolas alexis\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

M0 - MFSP: prefs.js [nicolas alexis - 8mgqlmkr.default] google.Fr

M2 - MFEP: prefs.js [nicolas alexis - 8mgqlmkr.default\{7b13ec3e-999a-4b70-b9cb-2617b8323822}] [] Zynga Toolbar v2.7.1.3 (.Conduit Ltd..)

M2 - MFEP: prefs.js [nicolas alexis - 8mgqlmkr.default\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}] [] iMacros for Firefox v7.0.3.0 (.iMacros Team, iOpus Software GmbH.)

M2 - MFEP: prefs.js [nicolas alexis - 8mgqlmkr.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.8.20100408.6 (.Aaron Boodman; http://youngpup.net/.)

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G0 - GCSP: Preference [user Data\Default] Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video

G2 - GCE: Preference [user Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.3182.77 (Activé)

G2 - GCE: Preference [user Data\Default] [njneehkdlobpllhkldmhhephffnniaec] "state": 1 v.G0 - GCSP: Preference [user Data\Default][HomePage] Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video (Activé)

 

 

---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} . (.Veoh Networks Inc - Veoh Video Finder.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [QPService] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [WAWifiMessage] . (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [systrayORAHSS] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [LifeChat] . (.Microsoft Corporation - LifeChat.exe.) -- C:\Program Files\Microsoft LifeChat\LifeChat.exe

O4 - HKLM\..\Run: [WindowsLivePhone] . (.Microsoft Corporation - Windows Live Device Manager Executable.) -- C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nicolas alexis\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MediaPlayerXv] C:\Users\nicolas alexis\AppData\Roaming\Help\svchost.exe (.not file.)

O4 - HKCU\..\Run: [WindowsLivePhone] . (.Microsoft Corporation - Windows Live Device Manager Executable.) -- C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe

O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-3927338426-3503636070-3307974538-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nicolas alexis\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-21-3927338426-3503636070-3307974538-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-21-3927338426-3503636070-3307974538-1000\..\Run: [MediaPlayerXv] C:\Users\nicolas alexis\AppData\Roaming\Help\svchost.exe (.not file.)

O4 - HKUS\S-1-5-21-3927338426-3503636070-3307974538-1000\..\Run: [WindowsLivePhone] . (.Microsoft Corporation - Windows Live Device Manager Executable.) -- C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe

O4 - HKUS\S-1-5-21-3927338426-3503636070-3307974538-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-21-3927338426-3503636070-3307974538-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk . (.Lime Wire, LLC.) -- C:\Program Files\LimeWire\LimeWire.exe

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\nicolas alexis\Desktop\adsl TV.lnk . (.adsl TV / FM.) -- C:\Program Files\adslTV\adsltv.exe

O4 - Global Startup: C:\Documents And Settings\nicolas alexis\Desktop\BD Gest' 7.lnk . (.BD Gest 7.) -- C:\BDGest7\BDGest.exe

O4 - Global Startup: C:\Documents And Settings\nicolas alexis\Desktop\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\nicolas alexis\Desktop\adsl TV.lnk . (.adsl TV / FM.) -- C:\Program Files\adslTV\adsltv.exe

O4 - Global Startup: C:\Users\nicolas alexis\Desktop\BD Gest' 7.lnk . (.BD Gest 7.) -- C:\BDGest7\BDGest.exe

O4 - Global Startup: C:\Users\nicolas alexis\Desktop\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\fsquirt.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\calc.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CD Label Designer.lnk . (.Dataland Software.) -- C:\Program Files\CD Label Designer\CDLabDesigner.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DOC - Raccourci.lnk . (.Pas de propriétaire.) -- C:\Users\nicolas alexis\Desktop\DOC

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Users\nicolas alexis\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\notepad.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoFiltre Studio.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre Studio\pf-studio.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\scrabbleproB.lnk . (.Pas de propriétaire.) -- C:\Program Files\scrabbleproB1.1\scrabblepro.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Start SpeedSim.lnk . (.SpeedSim Developers.) -- C:\Program Files\SpeedSim\SpeedSim.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UltraMixer.lnk . (.UltraMixer Digital Audio Solutions.) -- C:\Program Files\UltraMixer\UltraMixer.exe

O4 - Global Startup: C:\Users\nicolas alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

 

 

---\\ Site dans la Zone de confiance d'Internet Explorer (O15)

O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org

O15 - Trusted Zone: [HKCU\...\Domains\www] *.chat-land.org

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} () - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{F83CDABA-D43C-437F-ADA9-69AD2BEE5E56}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{F83CDABA-D43C-437F-ADA9-69AD2BEE5E56}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{F83CDABA-D43C-437F-ADA9-69AD2BEE5E56}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{F83CDABA-D43C-437F-ADA9-69AD2BEE5E56}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: (hpqwmiex) . (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: (lxdeCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdeserv.exe

O23 - Service: (lxde_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxdecoms.exe

O23 - Service: (NMSAccess) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 257.2.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: (PnkBstrA) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\PnkBstrA.exe

O23 - Service: (QPCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: (QPSched) . (.Pas de propriétaire - CLSched Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Desktop General: BackupWallPaper - .(.Pas de propriétaire - Pas de description.) - C:\Users\Public\Pictures\Sample Pictures\Autumn Leaves.jpg

O24 - Desktop General: WallPaper - .(.Pas de propriétaire - Pas de description.) - C:\Users\Public\Pictures\Sample Pictures\Autumn Leaves.jpg

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - "C:\Program Files\Microsoft Office\Office12\WINWORD.exe (.not file.)

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3927338426-3503636070-3307974538-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3927338426-3503636070-3307974538-1000UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Install_NSS.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{B6785230-04AC-4480-A14F-41EF3D7C9065}.job

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskUserS-1-5-21-3927338426-3503636070-3307974538-1000Core] (.Google Inc..) -- C:\Users\nicolas alexis\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskUserS-1-5-21-3927338426-3503636070-3307974538-1000UA] (.Google Inc..) -- C:\Users\nicolas alexis\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [install_NSS] (.Pas de propriétaire.) -- C:\Users\NICOLA~1\AppData\Local\Temp\NSSstub.exe (.not file.)

[MD5.6FBBB73BE9FB38389AB73F38828A9CAC] [APT] [{5A72CB8F-5E44-44D5-BADF-499FA74FF600}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe

O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll

O40 - ASIC: Adobe Shockwave Director 10.4 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\swdir.dll

O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Windows Mail\WinMail.exe

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\Windows\system32\Macromed\Flash\Flash9f.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (eeCtrl) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (.not file.)

O41 - Driver: (IDSvix86) . (.Microsoft Corporation - Pilote de port i8042.) - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090318.001\IDSvix86.sys (.not file.)

O41 - Driver: (SPBBCDrv) . (.Microsoft Corporation - SMB Transport driver.) - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (.not file.)

O41 - Driver: (SRTSP) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\Drivers\SRTSP.sys (.not file.)

O41 - Driver: (SRTSPX) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\Drivers\SRTSPX.sys (.not file.)

O41 - Driver: (SymIM) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\SymIMv.sys (.not file.)

O41 - Driver: (SYMTDI) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\Drivers\SYMTDI.sys (.not file.)

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

O42 - Logiciel: AGEIA PhysX v7.09.13 - (.AGEIA Technologies, Inc..) [HKLM] -- {45235788-142C-44BE-8A4D-DDE9A84492E5}

O42 - Logiciel: ALZip - (.ESTsoft Corp..) [HKLM] -- ALZip_is1

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader 8.1.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81300000003}

O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}

O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: BD Gest' 7.0.5.5 - (.Philippe Magneron.) [HKLM] -- bdgest7_is1

O42 - Logiciel: CCleaner (remove only) - (.Pas de propriétaire.) [HKLM] -- CCleaner

O42 - Logiciel: CD Label Designer - (.Dataland Software.) [HKLM] -- CD Label Designer_is1

O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1

O42 - Logiciel: Call of Duty® 2 - (.Activision.) [HKLM] -- InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}

O42 - Logiciel: Call of Duty® 4 - Modern Warfare - (.Activision.) [HKLM] -- InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}

O42 - Logiciel: Call of Duty® 4 - Modern Warfare 1.6 Patch - (.Pas de propriétaire.) [HKLM] -- InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}

O42 - Logiciel: Call of Duty® 4 - Modern Warfare 1.7 Patch - (.Pas de propriétaire.) [HKLM] -- InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}

O42 - Logiciel: Camfrog Video Chat 5.5 - (.Camshare LC.) [HKLM] -- Camfrog 5.5

O42 - Logiciel: Command & Conquer 4™ Le Crépuscule du Tiberium - (.Electronic Arts.) [HKLM] -- {82696435-8572-4D8B-A230-D1AA567D0F0F}

O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}

O42 - Logiciel: EA Download Manager - (.Electronic Arts, Inc..) [HKLM] -- EADM

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}

O42 - Logiciel: Gestionnaire de périphériques de Windows Live - (.Microsoft Corporation.) [HKLM] -- {6530EB5E-F2BE-45D3-906B-E4AFFF2D1588}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_HERMOSA_HSF

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {BD0E2B92-3814-46F0-893B-4612EA010C7E}

O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F}

O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {9885A11E-60E4-417C-B58B-8B31B21C0B8A}

O42 - Logiciel: HP Help and Support - (.Hewlett-Packard.) [HKLM] -- {31216452-5540-4C96-B754-94890A63D5AB}

O42 - Logiciel: HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 - (.HP.) [HKLM] -- {03D1988F-469F-4843-8E6E-E5FE9D17889D}

O42 - Logiciel: HP Quick Launch Buttons 6.30 E1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}

O42 - Logiciel: HP QuickPlay 3.6 - (.Pas de propriétaire.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}

O42 - Logiciel: HP QuickTouch 1.00 C4 - (.Hewlett-Packard.) [HKLM] -- {7DC4A410-9986-4329-9E5D-687B2C42CA39}

O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {b02df929-29a7-4fd2-9a70-81a644b635f7}

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}

O42 - Logiciel: HP User Guides 0090 - (.Nom de votre société.) [HKLM] -- {B53620C0-3A83-4F50-A7AB-175DB64C1CE3}

O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {CBAE4F50-9FC9-4557-AB36-9826DF3C103C}

O42 - Logiciel: Half-Life 2 - (.Valve.) [HKLM] -- Steam App 220

O42 - Logiciel: Half-Life 2: Episode One - (.Valve.) [HKLM] -- Steam App 380

O42 - Logiciel: Half-Life 2: Episode Two - (.Valve.) [HKLM] -- Steam App 420

O42 - Logiciel: Half-Life 2: Lost Coast - (.Valve.) [HKLM] -- Steam App 340

O42 - Logiciel: Hauppauge MCE XP/Vista Software Encoder (2.0.25149) - (.Hauppauge Computer Works, Inc..) [HKLM] -- Hauppauge MCE2005 Software Encoder

O42 - Logiciel: Hewlett-Packard Active Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}

O42 - Logiciel: Hewlett-Packard Asset Agent for Health Check - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Java 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}

O42 - Logiciel: Java 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020}

O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: La Bataille pour la Terre du Milieu™ II - (.Pas de propriétaire.) [HKLM] -- {2A9F95AB-65A3-432c-8631-B8BC5BF7477A}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: League of Legends - (.Pas de propriétaire.) [HKLM] -- League of Legends_is1

O42 - Logiciel: Left 4 Dead 2 - (.Valve.) [HKLM] -- Steam App 550

O42 - Logiciel: Left 4 Dead 2 Add-on Support - (.Valve.) [HKLM] -- Steam App 564

O42 - Logiciel: Lexmark 4800 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark 4800 Series

O42 - Logiciel: LimeWire 5.5.16 - (.Lime Wire, LLC.) [HKLM] -- LimeWire

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver

O42 - Logiciel: Medal of Honor débarquement allié - (.Pas de propriétaire.) [HKLM] -- {0DEA94ED-915A-4834-A87E-388D012C8E02}

O42 - Logiciel: Messenger Plus! 3 - (.Pas de propriétaire.) [HKLM] -- MsgPlus! Plugin

O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft LifeChat - (.Microsoft.) [HKLM] -- {66039B36-96AE-40D1-8A32-071F7A61B738}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: Mumble and Murmur - (.Mumble.) [HKLM] -- Mumble

O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: Navigateur Orange - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.Browser

O42 - Logiciel: NetWaiting - (.BVRP Software, Inc.) [HKLM] -- {3F92ABBB-6BBF-11D5-B229-002078017FBF}

O42 - Logiciel: Norton Security Scan (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- NSSSetup.{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}

O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- {E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}

O42 - Logiciel: OGSConverter - (.OGSTeam.) [HKCU] -- OGSConverter

O42 - Logiciel: Orange - Logiciels Internet - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre

O42 - Logiciel: PhotoFiltre Studio - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre Studio

O42 - Logiciel: Power Defrag - (.Pas de propriétaire.) [HKLM] -- Power Defrag

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM] -- PunkBusterSvc

O42 - Logiciel: QuickPlay SlingPlayer 0.4.6 - (.SlingMedia.) [HKLM] -- SlingMedia.QPSlingPlayer_is1

O42 - Logiciel: R.U.S.E. Beta - (.Ubisoft.) [HKLM] -- Steam App 33310

O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB2288953) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B772E1C-7C05-42D2-839D-3EC2D39EFF22}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785-5212F297A9D9}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: Solutions de télécopie Lexmark - (.Pas de propriétaire.) [HKLM] -- Lexmark Fax Solutions

O42 - Logiciel: Source SDK - (.Valve.) [HKLM] -- Steam App 211

O42 - Logiciel: Source SDK Base - (.Valve.) [HKLM] -- Steam App 215

O42 - Logiciel: SpeedSim - (.Pas de propriétaire.) [HKLM] -- SpeedSim

O42 - Logiciel: Steam - (.Valve.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}

O42 - Logiciel: Stronghold - (.Pas de propriétaire.) [HKLM] -- {C917BA70-28A3-4C74-B163-41FD8C8E1A5A}

O42 - Logiciel: Stronghold 2 - (.Firefly Studios.) [HKLM] -- {16D2C649-CBA8-44EE-B730-12584667D487}

O42 - Logiciel: Stronghold Crusader - (.Pas de propriétaire.) [HKLM] -- {8C3727F2-8E37-49E4-820C-03B1677F53B6}

O42 - Logiciel: Sweet Home 3D - (.eTeks.) [HKCU] -- Sweet Home 3D

O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab

O42 - Logiciel: Team Fortress 2 - (.Valve.) [HKLM] -- Steam App 440

O42 - Logiciel: Team Fortress 2 Dedicated Server - (.Valve.) [HKLM] -- Steam App 310

O42 - Logiciel: TeamSpeak 2 RC2 - (.Dominating Bytes Design.) [HKLM] -- Teamspeak 2 RC2_is1

O42 - Logiciel: Touch Pad Driver - (.Pas de propriétaire.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}

O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM] -- {888F1505-C2B3-4FDE-835D-36353EBD4754}

O42 - Logiciel: UltraMixer 2.3.7.1 - (.UltraMixer Digital Audio Solutions.) [HKLM] -- {32E2F180-247C-4077-B06A-20F9868568E0}_is1

O42 - Logiciel: Uniblue RegistryBooster 2010 - (.Uniblue Systems Ltd.) [HKLM] -- {E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2466076) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{EE71630C-C756-4343-B620-DB5958609E3D}

O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}

O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Veoh Web Player Beta - (.Veoh Networks, Inc..) [HKLM] -- Veoh Web Player Beta

O42 - Logiciel: Virtual DJ - Atomix Productions - (.Pas de propriétaire.) [HKLM] -- Virtual DJ - Atomix Productions

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Xvid 1.2.1 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1

O42 - Logiciel: adsl TV - (.adsl TV / FM.) [HKLM] -- {3AFDD2C6-8663-46B5-B195-6CEB00D44768}

O42 - Logiciel: scrabbleproB 1.1.2 - (.scrabblepro.) [HKLM] -- scrabbleproB_is1

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\2015]

[HKCU\Software\ABBYY]

[HKCU\Software\ALWIL Software]

[HKCU\Software\Adobe]

[HKCU\Software\Alps]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\DivXNetworks]

[HKCU\Software\AppDataLow\Software\Exent]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Audacity]

[HKCU\Software\Avira]

[HKCU\Software\Avnex]

[HKCU\Software\BD Gest 7]

[HKCU\Software\Binary Noise]

[HKCU\Software\Bugsplat]

[HKCU\Software\Camfrog]

[HKCU\Software\Canneverbe Limited]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Conexant]

[HKCU\Software\CyberLink]

[HKCU\Software\Dataland Software]

[HKCU\Software\Digital Reality]

[HKCU\Software\Digital River]

[HKCU\Software\DivXNetworks]

[HKCU\Software\Electronic Arts]

[HKCU\Software\EstSoft]

[HKCU\Software\Exent]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GameSpy]

[HKCU\Software\Google]

[HKCU\Software\HP Guide]

[HKCU\Software\Headlight]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\Hot-TV]

[HKCU\Software\IGA]

[HKCU\Software\IM Providers]

[HKCU\Software\INCAInternet]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavalys]

[HKCU\Software\LexmarkFax]

[HKCU\Software\LexmarkInkjet]

[HKCU\Software\LightScribe]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MGS]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\MainConcept (Muvee)]

[HKCU\Software\MainConceptMCE]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Marseillesoft]

[HKCU\Software\Mayhem Studios]

[HKCU\Software\MediaPlayerX]

[HKCU\Software\Micro Application]

[HKCU\Software\MimarSinan]

[HKCU\Software\Moyea]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Mumble]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\Nival Online]

[HKCU\Software\ODBC]

[HKCU\Software\Orange]

[HKCU\Software\PTP]

[HKCU\Software\Parisprog]

[HKCU\Software\Patchou]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\RECISIO]

[HKCU\Software\Rapl]

[HKCU\Software\ReflexiveArcade]

[HKCU\Software\SecuROM]

[HKCU\Software\Skype]

[HKCU\Software\Symantec]

[HKCU\Software\Sysinternals]

[HKCU\Software\Trolltech]

[HKCU\Software\Ubisoft]

[HKCU\Software\Unlimited Possibilities]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Valve]

[HKCU\Software\Veoh]

[HKCU\Software\VirtualDJ]

[HKCU\Software\Widcomm]

[HKCU\Software\Wizou]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\bdgest7]

[HKCU\Software\ej-technologies]

[HKCU\Software\iMacros]

[HKCU\Software\mIRC]

[HKCU\Software\vanBasco]

[HKLM\Software\ABBYY]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ALWIL Software]

[HKLM\Software\Activision]

[HKLM\Software\Adobe]

[HKLM\Software\Alps]

[HKLM\Software\America Online]

[HKLM\Software\Applied Networking]

[HKLM\Software\Aureal]

[HKLM\Software\Avira]

[HKLM\Software\Avnex]

[HKLM\Software\BVRP Software, Inc]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CDNetworks]

[HKLM\Software\CXT]

[HKLM\Software\Canneverbe Limited]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conexant Systems Inc ]

[HKLM\Software\Conexant]

[HKLM\Software\Contrôle Parental]

[HKLM\Software\CyberLink]

[HKLM\Software\Debug]

[HKLM\Software\Destineer]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EA GAMES]

[HKLM\Software\Electronic Arts]

[HKLM\Software\Enigma Software Productions]

[HKLM\Software\EstSoft]

[HKLM\Software\Even Balance]

[HKLM\Software\Exent]

[HKLM\Software\FRANCE TELECOM]

[HKLM\Software\FaxManPorts]

[HKLM\Software\Firefly Studios]

[HKLM\Software\Google]

[HKLM\Software\HPQ]

[HKLM\Software\HP]

[HKLM\Software\Hauppauge]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\K2]

[HKLM\Software\Kantaris]

[HKLM\Software\Khronos]

[HKLM\Software\LexmarkInkjet]

[HKLM\Software\Lexmark]

[HKLM\Software\LightScribe]

[HKLM\Software\Macromedia]

[HKLM\Software\MainConceptMCE]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Marvell]

[HKLM\Software\MimarSinan]

[HKLM\Software\Moyea]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Mpath]

[HKLM\Software\NOS]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\OldTimer Tools]

[HKLM\Software\PTECH]

[HKLM\Software\Patchou]

[HKLM\Software\PocketSoft]

[HKLM\Software\Policies]

[HKLM\Software\RECISIO]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Riot Games]

[HKLM\Software\SECURITOO]

[HKLM\Software\SegaSoft]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\SymDebug]

[HKLM\Software\Symantec]

[HKLM\Software\Thomson]

[HKLM\Software\TrendMicro]

[HKLM\Software\Trolltech]

[HKLM\Software\Ubisoft]

[HKLM\Software\Uniblue]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\VirtualDJ]

[HKLM\Software\VirtualVillagers]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\WholeSecurity]

[HKLM\Software\Widcomm]

[HKLM\Software\WildTangent]

[HKLM\Software\Windows]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Yuan High-Tech]

[HKLM\Software\Yummy Interactive, Inc.]

[HKLM\Software\ej-technologies]

[HKLM\Software\id]

[HKLM\Software\leagueoflegends]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

[HKLM\Software\nFlavor]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD: 06/12/2008 - 20:00:38 ----D- C:\Program Files\Abbyy FineReader 6.0 Sprint

O43 - CFD: 29/05/2010 - 12:14:18 ----D- C:\Program Files\Activision

O43 - CFD: 06/01/2011 - 22:55:36 ----D- C:\Program Files\Ad-Remover

O43 - CFD: 30/12/2008 - 00:45:04 ----D- C:\Program Files\Adobe

O43 - CFD: 02/01/2011 - 02:09:24 ----D- C:\Program Files\adslTV

O43 - CFD: 16/01/2010 - 22:07:22 ----D- C:\Program Files\AGEIA Technologies

O43 - CFD: 29/12/2009 - 22:41:48 ----D- C:\Program Files\Anuman Interactive

O43 - CFD: 30/07/2008 - 10:48:42 ----D- C:\Program Files\Apoint2K

O43 - CFD: 01/10/2009 - 21:11:46 ----D- C:\Program Files\Avira

O43 - CFD: 17/09/2008 - 18:57:02 ----D- C:\Program Files\BFG

O43 - CFD: 14/09/2008 - 22:40:50 ----D- C:\Program Files\Camfrog

O43 - CFD: 07/09/2008 - 19:09:48 ----D- C:\Program Files\CCleaner

O43 - CFD: 23/07/2010 - 21:42:04 ----D- C:\Program Files\CD Label Designer

O43 - CFD: 21/09/2010 - 08:13:18 ----D- C:\Program Files\CDBurnerXP

O43 - CFD: 04/07/2010 - 17:58:56 ----D- C:\Program Files\Common Files

O43 - CFD: 25/10/2010 - 22:21:58 ----D- C:\Program Files\CONEXANT

O43 - CFD: 30/07/2008 - 11:05:50 ----D- C:\Program Files\CyberLink

O43 - CFD: 23/12/2009 - 00:00:26 ----D- C:\Program Files\DivX

O43 - CFD: 05/01/2011 - 01:46:12 ----D- C:\Program Files\Doom 3

O43 - CFD: 02/07/2010 - 23:52:30 ----D- C:\Program Files\EA GAMES

O43 - CFD: 29/12/2010 - 01:52:54 ----D- C:\Program Files\Electronic Arts

O43 - CFD: 26/11/2008 - 16:58:52 ----D- C:\Program Files\ESTsoft

O43 - CFD: 02/09/2008 - 18:25:48 -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 27/12/2010 - 23:10:00 ----D- C:\Program Files\FireFly Studios

O43 - CFD: 05/01/2011 - 23:30:48 ----D- C:\Program Files\Google

O43 - CFD: 21/03/2009 - 05:04:38 ----D- C:\Program Files\gPotato.eu

O43 - CFD: 15/10/2008 - 23:21:38 ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 09/09/2008 - 20:37:30 ----D- C:\Program Files\Hp

O43 - CFD: 30/07/2008 - 11:08:28 ----D- C:\Program Files\HP Games

O43 - CFD: 02/09/2008 - 18:30:38 ----D- C:\Program Files\HPQ

O43 - CFD: 06/01/2011 - 00:02:54 --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 30/07/2008 - 10:51:28 ----D- C:\Program Files\Intel

O43 - CFD: 17/12/2010 - 03:25:30 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 02/09/2008 - 20:35:00 ----D- C:\Program Files\Inventel

O43 - CFD: 25/03/2009 - 02:14:04 ----D- C:\Program Files\Java

O43 - CFD: 02/01/2011 - 01:35:36 ----D- C:\Program Files\League of Legends

O43 - CFD: 06/12/2008 - 20:02:06 ----D- C:\Program Files\Lexmark 4800 Series

O43 - CFD: 06/12/2008 - 20:01:52 ----D- C:\Program Files\Lexmark Fax Solutions

O43 - CFD: 20/11/2010 - 23:19:14 ----D- C:\Program Files\LimeWire

O43 - CFD: 18/01/2010 - 21:14:58 ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 15/09/2008 - 01:55:56 ----D- C:\Program Files\ManyCam 2.2

O43 - CFD: 30/07/2008 - 10:51:20 ----D- C:\Program Files\Marvell

O43 - CFD: 03/06/2010 - 21:42:20 ----D- C:\Program Files\Messenger Plus! Live

O43 - CFD: 09/01/2009 - 15:38:28 ----D- C:\Program Files\MessengerPlus! 3

O43 - CFD: 06/01/2011 - 00:07:44 ----D- C:\Program Files\Micro Application

O43 - CFD: 23/09/2009 - 18:43:10 ----D- C:\Program Files\Microsoft

O43 - CFD: 20/09/2008 - 15:26:56 ----D- C:\Program Files\Microsoft Games

O43 - CFD: 04/04/2010 - 01:38:24 ----D- C:\Program Files\Microsoft LifeChat

O43 - CFD: 04/07/2010 - 17:59:00 ----D- C:\Program Files\Microsoft Office

O43 - CFD: 30/09/2010 - 20:55:46 ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 25/10/2010 - 22:40:04 ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 04/07/2010 - 17:58:58 ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 04/07/2010 - 17:54:58 ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 17/12/2010 - 03:09:42 ----D- C:\Program Files\Microsoft Works

O43 - CFD: 18/10/2010 - 07:40:18 ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 16/08/2010 - 20:45:48 ----D- C:\Program Files\Movie Maker

O43 - CFD: 10/12/2010 - 21:11:38 ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 04/07/2010 - 17:59:20 ----D- C:\Program Files\MSBuild

O43 - CFD: 03/09/2008 - 01:10:28 ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 02/11/2008 - 20:59:48 ----D- C:\Program Files\Mumble

O43 - CFD: 16/01/2010 - 13:22:58 ----D- C:\Program Files\Navilog1

O43 - CFD: 05/01/2011 - 23:54:48 ----D- C:\Program Files\Neffy

O43 - CFD: 30/07/2008 - 10:49:34 ----D- C:\Program Files\NetWaiting

O43 - CFD: 06/02/2010 - 21:30:04 ----D- C:\Program Files\Nobilis

O43 - CFD: 15/07/2009 - 00:47:22 ----D- C:\Program Files\Norton Security Scan

O43 - CFD: 04/12/2009 - 18:51:30 ----D- C:\Program Files\NortonInstaller

O43 - CFD: 16/06/2010 - 00:12:44 ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 02/09/2008 - 20:51:34 ----D- C:\Program Files\OrangeHSS

O43 - CFD: 08/12/2008 - 03:47:56 ----D- C:\Program Files\PhotoFiltre

O43 - CFD: 01/10/2008 - 21:25:32 ----D- C:\Program Files\PhotoFiltre Studio

O43 - CFD: 17/07/2009 - 22:16:06 ----D- C:\Program Files\Player Metaboli

O43 - CFD: 17/07/2009 - 16:18:36 ----D- C:\Program Files\Power Defrag

O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 12/09/2008 - 14:30:48 ----D- C:\Program Files\Rockstar Games

O43 - CFD: 05/06/2009 - 15:27:12 ----D- C:\Program Files\scrabbleproB

O43 - CFD: 19/09/2010 - 12:37:28 ----D- C:\Program Files\scrabbleproB1.1

O43 - CFD: 30/07/2008 - 11:08:40 ----D- C:\Program Files\Services en ligne

O43 - CFD: 06/01/2011 - 00:04:20 R---D- C:\Program Files\Skype

O43 - CFD: 15/10/2008 - 23:16:38 ----D- C:\Program Files\SP39373

O43 - CFD: 02/07/2010 - 20:52:20 ----D- C:\Program Files\SpeedSim

O43 - CFD: 06/01/2011 - 00:03:40 ----D- C:\Program Files\Steam

O43 - CFD: 15/06/2010 - 22:56:56 ----D- C:\Program Files\SystemRequirementsLab

O43 - CFD: 22/07/2009 - 13:42:22 ----D- C:\Program Files\Teamspeak2_RC2

O43 - CFD: 17/07/2009 - 17:02:00 ----D- C:\Program Files\TeamViewer

O43 - CFD: 06/01/2011 - 00:02:54 ----D- C:\Program Files\Ubisoft

O43 - CFD: 14/03/2009 - 01:16:50 ----D- C:\Program Files\UltraMixer

O43 - CFD: 21/09/2010 - 08:13:54 ----D- C:\Program Files\Uniblue

O43 - CFD: 02/11/2006 - 14:01:56 --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 02/12/2008 - 04:01:06 ----D- C:\Program Files\Veoh Networks

O43 - CFD: 04/09/2008 - 15:04:44 ----D- C:\Program Files\VideoLAN

O43 - CFD: 04/04/2009 - 21:32:56 ----D- C:\Program Files\VirtualDJ

O43 - CFD: 30/07/2008 - 10:52:48 ----D- C:\Program Files\WIDCOMM

O43 - CFD: 02/10/2009 - 22:13:46 ----D- C:\Program Files\Windows Calendar

O43 - CFD: 02/10/2009 - 22:13:44 ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 02/10/2009 - 22:13:32 ----D- C:\Program Files\Windows Defender

O43 - CFD: 02/10/2009 - 22:13:42 ----D- C:\Program Files\Windows Journal

O43 - CFD: 25/10/2010 - 22:41:42 ----D- C:\Program Files\Windows Live

O43 - CFD: 25/10/2010 - 22:37:54 ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 17/12/2010 - 03:25:32 ----D- C:\Program Files\Windows Mail

O43 - CFD: 15/10/2010 - 02:29:06 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 02/09/2008 - 18:25:48 ----D- C:\Program Files\Windows NT

O43 - CFD: 02/10/2009 - 22:13:40 ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 28/11/2009 - 04:38:36 ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 02/10/2009 - 22:13:44 ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 30/07/2008 - 10:46:50 ----D- C:\Program Files\WinTV

O43 - CFD: 11/10/2008 - 20:14:04 ----D- C:\Program Files\Wyzo

O43 - CFD: 23/11/2010 - 00:37:12 ----D- C:\Program Files\Xvid

O43 - CFD: 06/01/2011 - 22:58:48 ----D- C:\Program Files\ZHPDiag

O43 - CFD: 30/12/2008 - 00:45:26 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 09/05/2010 - 21:29:40 ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD: 04/07/2010 - 17:58:56 ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 04/12/2009 - 01:55:40 ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD: 02/09/2008 - 20:47:12 ----D- C:\Program Files\Common Files\France Telecom

O43 - CFD: 21/03/2009 - 05:35:46 ----D- C:\Program Files\Common Files\INCA Shared

O43 - CFD: 06/03/2008 - 22:55:26 ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 06/03/2008 - 23:01:24 ----D- C:\Program Files\Common Files\Java

O43 - CFD: 02/09/2008 - 18:30:36 ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD: 25/10/2010 - 22:38:02 ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 25/11/2010 - 00:07:46 ----D- C:\Program Files\Common Files\Steam

O43 - CFD: 10/08/2009 - 22:04:46 ----D- C:\Program Files\Common Files\SWF Studio

O43 - CFD: 07/09/2009 - 22:09:48 ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 07/07/2010 - 02:02:54 ----D- C:\Program Files\Common Files\System

O43 - CFD: 21/03/2009 - 13:30:10 ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 02/09/2008 - 23:00:16 -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 16/01/2010 - 22:07:06 ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 09/05/2010 - 21:26:20 ----D- C:\ProgramData\Adobe

O43 - CFD: 20/09/2008 - 16:33:30 ----D- C:\ProgramData\Age of Empires 3

O43 - CFD: 01/10/2009 - 21:38:22 ----D- C:\ProgramData\AOL

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Application Data

O43 - CFD: 01/10/2009 - 21:11:46 ----D- C:\ProgramData\Avira

O43 - CFD: 02/09/2008 - 18:25:48 -SH-D- C:\ProgramData\Bureau

O43 - CFD: 21/09/2010 - 08:13:28 ----D- C:\ProgramData\Canneverbe Limited

O43 - CFD: 12/09/2008 - 19:24:46 ----D- C:\ProgramData\CyberLink

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Desktop

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Documents

O43 - CFD: 31/12/2010 - 01:01:22 ----D- C:\ProgramData\Electronic Arts

O43 - CFD: 05/01/2011 - 23:28:26 ----D- C:\ProgramData\eMule

O43 - CFD: 26/11/2008 - 16:58:58 ----D- C:\ProgramData\ESTsoft

O43 - CFD: 02/09/2008 - 18:25:48 -SH-D- C:\ProgramData\Favoris

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Favorites

O43 - CFD: 06/12/2008 - 20:00:56 ----D- C:\ProgramData\FaxCtr

O43 - CFD: 02/09/2008 - 18:41:44 ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 03/09/2008 - 00:56:58 ----D- C:\ProgramData\LightScribe

O43 - CFD: 04/01/2011 - 22:51:20 ----D- C:\ProgramData\Lx_cats

O43 - CFD: 02/01/2009 - 22:00:40 ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 02/09/2008 - 18:25:48 -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 21/01/2010 - 22:55:16 ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 25/10/2010 - 22:18:18 -S--D- C:\ProgramData\Microsoft

O43 - CFD: 17/12/2010 - 03:10:12 ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 02/09/2008 - 18:25:48 -SH-D- C:\ProgramData\Modèles

O43 - CFD: 06/03/2008 - 22:28:50 ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 04/12/2009 - 18:51:30 ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 21/07/2010 - 21:11:36 ----D- C:\ProgramData\NOS

O43 - CFD: 16/06/2010 - 00:15:18 ----D- C:\ProgramData\NVIDIA

O43 - CFD: 16/06/2010 - 00:11:50 ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 18/11/2009 - 23:44:38 ----D- C:\ProgramData\PassMark

O43 - CFD: 10/07/2009 - 21:14:48 ----D- C:\ProgramData\Player Metaboli

O43 - CFD: 22/07/2010 - 22:46:48 ----D- C:\ProgramData\Skype

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 07/09/2009 - 19:23:48 ----D- C:\ProgramData\Symantec

O43 - CFD: 09/12/2008 - 02:30:34 ----D- C:\ProgramData\Symantec Temporary Files

O43 - CFD: 18/11/2009 - 23:46:14 ---AD- C:\ProgramData\TEMP

O43 - CFD: 02/11/2006 - 14:02:06 -SH-D- C:\ProgramData\Templates

O43 - CFD: 17/09/2008 - 01:53:56 ----D- C:\ProgramData\WildTangent

O43 - CFD: 23/03/2009 - 17:31:36 ----D- C:\ProgramData\WindowsSearch

O43 - CFD: 31/10/2008 - 13:56:26 ----D- C:\ProgramData\WLInstaller

O43 - CFD: 30/12/2008 - 00:45:26 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 09/05/2010 - 21:29:40 ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD: 04/07/2010 - 17:58:56 ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 04/12/2009 - 01:55:40 ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD: 02/09/2008 - 20:47:12 ----D- C:\Program Files\Common Files\France Telecom

O43 - CFD: 21/03/2009 - 05:35:46 ----D- C:\Program Files\Common Files\INCA Shared

O43 - CFD: 06/03/2008 - 22:55:26 ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 06/03/2008 - 23:01:24 ----D- C:\Program Files\Common Files\Java

O43 - CFD: 02/09/2008 - 18:30:36 ----D- C:\Program Files\Common Files\LightScribe

O43 - CFD: 25/10/2010 - 22:38:02 ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 25/11/2010 - 00:07:46 ----D- C:\Program Files\Common Files\Steam

O43 - CFD: 10/08/2009 - 22:04:46 ----D- C:\Program Files\Common Files\SWF Studio

O43 - CFD: 07/09/2009 - 22:09:48 ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 07/07/2010 - 02:02:54 ----D- C:\Program Files\Common Files\System

O43 - CFD: 21/03/2009 - 13:30:10 ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 02/09/2008 - 23:00:16 -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 16/01/2010 - 22:07:06 ----D- C:\Program Files\Common Files\Wise Installation Wizard

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.2CEE12005489627600FCFD7F00EF1200] - 06/01/2011 - 22:58:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [2085874]

O44 - LFC:[MD5.D81374DFBAF6132D77821682CB7BF6C8] - 06/01/2011 - 22:20:26 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2011 - 00:04:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2011 - 00:04:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.975D6945F562905252C53570B379DBA3] - 05/01/2011 - 23:57:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [1532]

O44 - LFC:[MD5.24D4E1F8FD53F3C972381CECC5818BE9] - 17/12/2010 - 03:28:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [437680]

O44 - LFC:[MD5.EFA645847B66BF9FBD7DB06B4EBC80D6] - 16/12/2010 - 23:04:08 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [292352]

O44 - LFC:[MD5.87C5B568279AD7D311C22CB6CB5BBC21] - 16/12/2010 - 23:04:07 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]

 

 

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

 

 

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{434fa7bf-d493-11de-ae4d-00218664f867}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\MSS12\MSS.exe (.not file.)

O51 - MPSK:{cec2a749-3bb5-11de-b3dc-00218664f867}\Shell\AutoRun\command - Clé orpheline

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]

O58 - SDL:[MD5.B49A709F65BF3BEAA2B03F8EC139D568] - 18/04/2007 - 13:03:26 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys [141312]

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]

O58 - SDL:[MD5.72BC628AF75C4C3250F2A3BAC260265A] - 29/12/2009 - 22:58:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\atksgt.sys [278728]

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 22:30:13 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [56816]

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys [96104]

O58 - SDL:[MD5.CF6A67C90951E3E763D2135DEDE44B85] - 02/11/2006 - 08:30:53 ---A- . (.Broadcom Corporation - BCM 802.11g Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [464384]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.99AEEA7CEFDFC6E4151A8F620D682088] - 18/09/2007 - 14:12:28 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [80424]

O58 - SDL:[MD5.195872E48A7FB01F8BC9B800F70F4054] - 18/09/2007 - 14:12:28 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [80936]

O58 - SDL:[MD5.0724E7D6C9B6A289EDDDA33FA8176E80] - 18/09/2007 - 14:12:28 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [16168]

O58 - SDL:[MD5.4487DA7BD384CAAFA0C620B19FEA540A] - 01/10/2007 - 16:35:52 ---A- . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\CHDART.sys [183352]

O58 - SDL:[MD5.B6E7991E3D6146C04C85CD31AF22A381] - 04/03/2008 - 01:32:00 ---A- . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\CHDRT32.sys [188416]

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]

O58 - SDL:[MD5.7929A161F9951D173CA9900FE7067391] - 14/06/2009 - 14:24:56 ---A- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\system32\drivers\hamachi.sys [25280]

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]

O58 - SDL:[MD5.35956140E686D53BF676CF0C778880FC] - 18/06/2007 - 16:12:04 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys [16768]

O58 - SDL:[MD5.115C0933B3ED51DFBEC4449348C8065B] - 11/07/2007 - 09:30:22 ---A- . (.Hewlett-Packard Development Company, L.P. - HP Remote Control HID Device.) -- C:\Windows\system32\drivers\HpqRemHid.sys [7168]

O58 - SDL:[MD5.A2882945CC4B6E3E4E9E825590438888] - 01/11/2007 - 07:47:54 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [208896]

O58 - SDL:[MD5.0ACD399F5DB3DF1B58903CF4949AB5A8] - 01/11/2007 - 07:47:08 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504]

O58 - SDL:[MD5.CC267848CB3508E72762BE65734E764D] - 01/11/2007 - 07:51:26 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [985600]

O58 - SDL:[MD5.2358C53F30CB9DCD1D3843C4E2F299B2] - 13/07/2007 - 06:35:02 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [305176]

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.4127E8B6DDB4090E815C1F8852C277D3] - 29/12/2009 - 22:58:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\lirsgt.sys [25416]

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]

O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [19160]

O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 19/06/2006 - 00:26:58 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672]

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.25ACCCFC33DD448B9D3037C5E439E830] - 28/06/2007 - 16:09:56 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw4v32.sys [2222080]

O58 - SDL:[MD5.8DE67BD902095A13329FD82C85A1FA09] - 17/11/2008 - 14:40:22 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys [3668480]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.01544D3E8B6C8C490F57317AD5E4E9FF] - 08/06/2010 - 00:57:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 257.21.) -- C:\Windows\system32\drivers\nvlddmkm.sys [10888168]

O58 - SDL:[MD5.1657F3FBD9061526C14FF37E79306F98] - 02/11/2006 - 08:30:56 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm60x32.sys [429056]

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]

O58 - SDL:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 28/11/2006 - 20:46:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\system32\drivers\PCAMp50.sys [28224]

O58 - SDL:[MD5.1961590AA191B6B7DCF18A6A693AF7B8] - 28/11/2006 - 20:46:20 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\system32\drivers\PCASp50.sys [27072]

O58 - SDL:[MD5.8BB94087CEF0256F5EAD973D7524BF58] - 02/06/2010 - 02:37:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\PnkBstrK.sys [22328]

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.C35CA13D3627EBD9DD12A23CE781BC3D] - 08/08/2007 - 19:42:08 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\system32\drivers\rimmptsk.sys [45568]

O58 - SDL:[MD5.C398BCA91216755B098679A8DA8A2300] - 30/07/2007 - 09:42:58 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\system32\drivers\rimsptsk.sys [43008]

O58 - SDL:[MD5.2A2554CB24506E0A0508FC395C4A1B42] - 30/07/2007 - 10:54:02 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\system32\drivers\rixdptsk.sys [38400]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.B7018644E132A8DFB12ED90106E06739] - 03/02/2009 - 16:36:58 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\system32\drivers\sfdrv01.sys [59000]

O58 - SDL:[MD5.BFCD2450DC6EEDA02AEDC6D289CCF037] - 03/02/2009 - 16:39:23 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\system32\drivers\sfdrv01a.sys [63096]

O58 - SDL:[MD5.DAAD4C099EBF5094D32C373AC1AC0F3C] - 14/06/2006 - 15:56:56 ---A- . (.Protection Technology (StarForce) - FrontLine Helper Driver.) -- C:\Windows\system32\drivers\sfhlp02.sys [13680]

O58 - SDL:[MD5.755C933969A81D119106097AA466715D] - 03/02/2009 - 16:45:07 ---A- . (.Protection Technology (StarForce) - FrontLine Synchronization Driver.) -- C:\Windows\system32\drivers\sfsync04.sys [59520]

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 02/10/2009 - 22:09:46 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]

O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 13:48:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\StarOpen.sys [7168]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]

O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704]

O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:23:23 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336]

O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648]

O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 18/10/2007 - 05:36:54 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704]

O58 - SDL:[MD5.04E268ADFC81964C49DC0C082D520F7E] - 06/12/2007 - 08:51:00 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk60x86.sys [298496]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 30/12/2004 - 22:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\system32\npptNT2.sys [4682]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS [34672]

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR

O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP

O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\atksgt.sys - atksgt (atksgt) .(.Pas de propriétaire - Pas de description.) - LEGACY_ATKSGT

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Users\NICOLA~1\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\System32\certprop.dll (CertPropSvc) .(.Microsoft Corporation - Service de propagation de certificats de ca.) - LEGACY_CERTPROPSVC

O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_CO_MON

O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - (.not file.) - dump_wmimmc (dump_wmimmc) .(.Pas de propriétaire - Pas de description.) - LEGACY_DUMP_WMIMMC

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL

O64 - Services: CurCS - C:\Windows\ehome\ehsched.exe (ehSched) .(.Microsoft Corporation - Service de planification Windows Media Cent.) - LEGACY_EHSCHED

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10733 (EraserUtilDrv10733) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10733

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10822 (EraserUtilDrv10822) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10822

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10910 (EraserUtilDrv10910) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10910

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10920 (EraserUtilDrv10920) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10920

O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRVI7

O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\System32\hidserv.dll (hidserv) .(.Microsoft Corporation - Service HID.) - LEGACY_HIDSERV

O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll (idsvc) .(.Microsoft Corporation - Bibliothèque des ressources de l’installate.) - LEGACY_IDSVC

O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(.Pas de propriétaire - Pas de description.) - LEGACY_IDSVIX86

O64 - Services: CurCS - C:\Windows\system32\iphlpsvc.dll (iphlpsvc) .(.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - LEGACY_IPHLPSVC

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(.Pas de propriétaire - Pas de description.) - LEGACY_LIRSGT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\lmhsvc.dll (lmhosts) .(.Microsoft Corporation - DLL des services de transport NetBIOS sur T.) - LEGACY_LMHOSTS

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\System32\drivers\msahci.sys - msahci (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\qagentrt.dll (napagent) .(.Microsoft Corporation - Exécution du service Agent de quarantaine.) - LEGACY_NAPAGENT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP

O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\system32\p2psvc.dll (p2pimsvc) .(.Microsoft Corporation - Services pair à pair.) - LEGACY_P2PIMSVC

O64 - Services: CurCS - C:\Windows\system32\p2psvc.dll (p2psvc) .(.Microsoft Corporation - Services pair à pair.) - LEGACY_P2PSVC

O64 - Services: CurCS - C:\Windows\System32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50

O64 - Services: CurCS - C:\Windows\System32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\p2psvc.dll (PNRPsvc) .(.Microsoft Corporation - Services pair à pair.) - LEGACY_PNRPSVC

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\qwave.dll (QWAVE) .(.Microsoft Corporation - Windows.) - LEGACY_QWAVE

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\svchost.exe - @regsvc.dll,-1 (RemoteRegistry) .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_REMOTEREGISTRY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\System32\SCardSvr.dll (SCardSvr) .(.Microsoft Corporation - Serveur de gestion de ressources des cartes.) - LEGACY_SCARDSVR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\seclogon.dll (seclogon) .(.Microsoft Corporation - DLL de service d'ouverture de session secon.) - LEGACY_SECLOGON

O64 - Services: CurCS - C:\Windows\System32\drivers\sfdrv01.sys - StarForce Protection Environment Driver (version 1.x) (sfdrv01) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01

O64 - Services: CurCS - C:\Windows\System32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x) (sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02

O64 - Services: CurCS - C:\Windows\System32\drivers\sfsync04.sys - StarForce Protection Synchronization Driver (version 4.x) (sfsync04) .(.Protection Technology (StarForce) - FrontLine Synchronization Driver.) - LEGACY_SFSYNC04

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - C:\Windows\system32\snmptrap.exe (SNMPTRAP) .(.Microsoft Corporation - Interruption SNMP.) - LEGACY_SNMPTRAP

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - C:\Windows\system32\wiaservc.dll (stisvc) .(.Microsoft Corporation - Service de périphériques d'images fixes.) - LEGACY_STISVC

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\system32\trkwks.dll (TrkWks) .(.Microsoft Corporation - Client de suivi de lien distribué.) - LEGACY_TRKWKS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\system32\webclnt.dll (WebClient) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_WEBCLIENT

O64 - Services: CurCS - C:\Windows\System32\wersvc.dll (WerSvc) .(.Microsoft Corporation - Service de rapport d'erreurs Windows.) - LEGACY_WERSVC

O64 - Services: CurCS - C:\Windows\System32\svchost.exe - @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_WINDEFEND

O64 - Services: CurCS - C:\Windows\system32\wpcsvc.dll (WPCSvc) .(.Microsoft Corporation - Service de filtrage du contrôle parental Wi.) - LEGACY_WPCSVC

O64 - Services: CurCS - C:\Windows\system32\wpdbusenum.dll (WPDBusEnum) .(.Microsoft Corporation - Énumérateur d’appareil mobile.) - LEGACY_WPDBUSENUM

O64 - Services: CurCS - (.not file.) - X4Ex (X4Ex) .(.Pas de propriétaire - Pas de description.) - LEGACY_X4EX

O64 - Services: CurCS - (.not file.) - X4HSX32Ex (X4HSX32Ex) .(.Pas de propriétaire - Pas de description.) - LEGACY_X4HSX32EX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\xaudio.sys - XAudio (XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\OrangeHSS\Launcher\Launcher.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: prefs.js [nicolas alexis - 8mgqlmkr.default] user_pref("CT2438727.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");

O69 - SBI: prefs.js [nicolas alexis - 8mgqlmkr.default] user_pref("CT2438727.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - {searchTerms} - Bing

O69 - SBI: SearchScopes [HKCU] {18EAB056-9057-F224-FD4C-1F6569C4D8D2} - (Ask) - http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?}

O69 - SBI: SearchScopes [HKCU] {294A106F-DF33-46B4-BD49-54407E347682} - (Yahoo! Search) - {searchTerms} - Yahoo! Search Results

O69 - SBI: SearchScopes [HKCU] {47B6F735-33AB-4B82-8AA5-1D8B7443F45E} - (AOL Recherche) - http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcnnbie7-fr-fr

O69 - SBI: SearchScopes [HKCU] {557C21FE-7274-410D-853E-9ED4471BF193} - (cherche.us) - Recherche Web

O69 - SBI: SearchScopes [HKCU] {763FAB13-B3B5-4FB7-B3D1-B659F0FCE35A} - (Wikipedia) - http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}

O69 - SBI: SearchScopes [HKCU] {90B2ADEA-96BB-419F-A8A5-9FCE1442456C} - (Google) - {searchTerms} - Recherche Google

O69 - SBI: SearchScopes [HKCU] {A0B271A9-D8AA-8E74-7392-2164D6A1C03C} - (Ask) - http://www.iesearch.com/s/?q={searchTerms}

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [125952]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [601600]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]

 

 

---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84)

[MD5.985DCD2B3079E783130CFC1E5CEBF1DC] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\nicolas alexis\AppData\Local\ecmdbl.bat [99]

[MD5.A719B9EE6116B496F4000C0B1311EA13] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\nicolas alexis\AppData\Roaming\PnkBstrK.sys [22328]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 02/10/2009 108289 | "C:\Program Files\Avira\AntiVir Desktop\sched.exe (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 02/10/2009 185089 | "C:\Program Files\Avira\AntiVir Desktop\avguard.exe (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SS - | Demand 05/03/2007 110592 | "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Com4Qlb) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

SS - | Auto 12/12/2006 57344 | "C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

SS - | Demand 05/05/2008 165416 | "C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

SS - | Auto 14/06/2010 136176 | "C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 19/09/2007 65536 | "c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

SS - | Auto 02/05/2006 135168 | C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

SS - | Demand 03/04/2005 69632 | "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

SS - | Auto 23/08/2007 79136 | "C:\Program Files\Common Files\LightScribe\LSSrvc.exe (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

SS - | Auto 29/05/2007 99248 | C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdeserv.exe (lxdeCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdeserv.exe

SS - | Auto 29/05/2007 598960 | C:\Windows\system32\lxdecoms.exe (lxde_device) . (.Pas de propriétaire.) - C:\Windows\system32\lxdecoms.exe

SS - | Auto 04/03/2010 71096 | C:\Program Files\CDBurnerXP\NMSAccessU.exe (NMSAccess) . (.Pas de propriétaire.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

SS - | Demand 17/05/2010 3592432 | C:\Windows\system32\GameMon.des (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des

SS - | Auto 07/06/2010 129640 | C:\Windows\system32\nvvsvc.exe (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SS - | Auto 29/05/2010 66872 | C:\Windows\system32\PnkBstrA.exe (PnkBstrA) . (.Pas de propriétaire.) - C:\Windows\system32\PnkBstrA.exe

SS - | Auto 19/12/2007 271760 | "C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe (QPCapSvc) . (.Pas de propriétaire.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

SS - | Auto 19/12/2007 112016 | "C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe (QPSched) . (.Pas de propriétaire.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

SS - | Auto 09/01/2007 272024 | "C:\Program Files\CyberLink\Shared Files\RichVideo.exe (RichVideo) . (.Pas de propriétaire.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

SS - | Demand 24/11/2010 403240 | C:\Program Files\Common Files\Steam\SteamService.exe (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe

SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

SS - | Auto 18/10/2007 386560 | C:\Windows\system32\DRIVERS\xaudio.exe (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by nicolas alexis at 06/01/2011 23:06:11

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

kernel: MBR read successfully

user & kernel MBR OK

n

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by nicolas alexis at 06/01/2011 23:06:11

Use the desktop link 'MBRCheck' to have full report

 

 

 

 

End of the scan (1320 lines in 07mn 29s)(0)

[oneill76]

Et le CI joint ici

 

© CJoint.com, 2010

 

 

MErci d'avance mes petites " fesses " sont soulagées mdr

Modifié le 6 janvier 2011 par oneill76

[pear]

Bonjour,

 

Java n'est pas à jour,donc vulnérable.

Téléchargez Javara

vers le bureau.

Dézippez.

lancez Javara.exe

clic sur mise à jour via jucheck

 

ou , si vous préférez par le site de Sun:

Download Now

S'ouvre une nouvelle page.

Vous descendrez là:

Java Runtime Environment (JRE) 6 Update 23

Clic sur Download

Nouvelle page.

Sélectionnez votre platform->Windows

Cochez "I agree to the java..."

clic sur continue

Nouvelle page

Cochez:

Windows Online Installation

Cochez la flèche orange

" Cochez ici"jre-6u23-windows-i586-p-iftw.exe

 

clic sur installer

 

Revenez dans JavaRa

 

Cliquez Effacer les anciennes versions

Puis..... Autres Options ->Cocher Effacer les fichiers JRE Inutiles ->Exécuter

 

 

 

Cliquez sur l'icone Zhpfix qui doit être sur votre bureau.ou

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Dans ZHPDiag, sur l'icône

Copier/coller et vérifier que toutes les lignes en vert ci dessous(et seulement elles) sont dans la fenêtre

[MD5.00000000000000000000000000000000] [APT] [install_NSS] (.Pas de propriétaire.) -- C:\Users\NICOLA~1\AppData\Local\Temp\NSSstub.exe (.not file.)

O41 - Driver: (SRTSP) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\Drivers\SRTSP.sys (.not file.)

O41 - Driver: (SRTSPX) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\Drivers\SRTSPX.sys (.not file.)

O41 - Driver: (SymIM) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\SymIMv.sys (.not file.)

O41 - Driver: (SYMTDI) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\Drivers\SYMTDI.sys (.not file.)

[HKCU\Software\MGS]

O51 - MPSK:{434fa7bf-d493-11de-ae4d-00218664f867}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\MSS12\MSS.exe (.not file.) t

O51 - MPSK:{cec2a749-3bb5-11de-b3dc-00218664f867}\Shell\AutoRun\command - Clé orpheline =

O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O69 - SBI: prefs.js [nicolas alexis - 8mgqlmkr.default] user_pref("CT2438727.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1"); => Conduit/EffectiveBrand

O69 - SBI: prefs.js [nicolas alexis - 8mgqlmkr.default] user_pref("CT2438727.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");

M2 - MFEP: prefs.js [nicolas alexis - 8mgqlmkr.default\{7b13ec3e-999a-4b70-b9cb-2617b8323822}] [] Zynga Toolbar v2.7.1.3 (.Conduit Ltd..)

G0 - GCSP: Preference [user Data\Default] http://www.cherche.us

G2 - GCE: Preference [user Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.3182.77 (Activé)

G2 - GCE: Preference [user Data\Default] [njneehkdlobpllhkldmhhephffnniaec] "state": 1 v.G0 - GCSP: Preference [user Data\Default][HomePage] Recherche Web, moteur de recherche: Recherche Web , recherche Images , recherche Video (Activé)

 

 

Cliquez ensuite sur-

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.

Cliquer sur "Tous" puis sur "Nettoyer".

Acceptez de Redémarrer pour achever le nettoyage.

Un rapport apparait:

Copier-coller le rapport de suppression dans la prochaine réponse.

Si le rapport n'apparait pas,

Cliquer sur ce bouton:

Si besoin(au cas où vous n'auriez pas l'icône zhpfix)

Télécharger ZHPFix de Nicolas Coolman sur le bureau.

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Suivre les instructions qui apparaissent à l'écran.

Lancer ZHPFix (laisser la case cochée)

Cliquer ensuite sur le H

Copier-coller (Ctrl C CTRL V) toutes les lignes en vert (et seulement elles) dans le cadre blanc

Cliquer sur "Tous" puis sur "Nettoyer".

 

Télécharger ESET Online Scanner sur le Bureau en cliquant sur ce logo:

Double-cliquer sur le fichier esetsmartinstaller_enu.exe pour installer le scanner.

Attention: Sous Windows VISTA, cliquer droit sur esetsmartinstaller_enu.exe puis sélectionner "exécuter en tant qu'administrateur"

Accepter la licence en cochant la case "YES, i accept the terms of use", puis cliquer sur le bouton "Start"

Une fois le scanner installé, configurez-le en décochant la case "Remove found threats" et en cochant la case "Scan archives"

 

Lancer la recherche antivirale en cliquant sur le bouton "Start": l'outil se met à jour et lance le scan: une barre de progression indique où en est la recherche

Quand le scan est terminé, si des virus ont été détectés, cliquez sur la ligne "List of found threats":

 

Une nouvelle fenêtre aparaît: cliquer sur "Export to text file" et enregistrer le rapport sur le Bureau en le nommant logESET.txt

Cliquer sur le bouton "Back" pour retourner à l'interface précédente, puis cocher la case "Uninstall application on close"

Cliquer enfin sur le bouton "Finish" puis fermer la fenêtre du scanner

Ouvrez le fichier logESET sur le Bureau et copier-coller son contenu dans la prochaine réponse

Modifié le 7 janvier 2011 par pear

[oneill76]

Rapport de ZHPFix 1.12.3227 par Nicolas Coolman, Update du 16/12/2010

Fichier d'export Registre : C:\ZHPExportRegistry-07-01-2011-19-05-58.txt

Run by nicolas alexis at 07/01/2011 19:05:58

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Web site : ZHPFix Fix de rapport

Contact : nicolascoolman@yahoo.fr

 

========== Clé(s) du Registre ==========

HKCU\Software\MGS => Clé absente

O51 - MPSK:{434fa7bf-d493-11de-ae4d-00218664f867}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\MSS12\MSS.exe (.not file.) t => Clé absente

O51 - MPSK:{cec2a749-3bb5-11de-b3dc-00218664f867}\Shell\AutoRun\command - Clé orpheline = => Clé absente

 

========== Valeur(s) du Registre ==========

O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm => Valeur supprimée avec succès

 

========== Préférences navigateur ==========

/*user_pref("CT2438727.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");*/ => Valeur supprimée avec succès

 

========== Fichier(s) ==========

c:\users\nicola~1\appdata\local\temp\nssstub.exe (.not file.) => Fichier absent

c:\windows\system32\l3codecp.acm () => Fichier absent

 

========== Tache planifiée ==========

Task : Install_NSS => Tâche supprimée avec succès

 

 

========== Récapitulatif ==========

3 : Clé(s) du Registre

1 : Valeur(s) du Registre

2 : Fichier(s)

1 : Préférences navigateur

1 : Tache planifiée

 

 

End of the scan

[oneill76]

C:\Program Files\Navilog1\Backupnavi\gfyrkdfw.exe a variant of Win32/Skintrim.DJ trojan

C:\Program Files\Navilog1\Backupnavi\ujxfa.exe a variant of Win32/Skintrim.EU trojan

C:\Program Files\scrabbleproB\scrabblepro.exe probably unknown NewHeur_PE virus

C:\Program Files\Uniblue\RegistryBooster\Launcher.exe a variant of Win32/RegistryBooster application

C:\SwSetup\AOLIMS\setup.exe probably a variant of Win32/Agent.HZHBURL trojan

C:\Temp\xvid-win32.exe a variant of Win32/Adware.HotBar.H application

C:\Users\nicolas alexis\binternet0010.exe a variant of Win32/BInternet.AA application

C:\Users\nicolas alexis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1eca4e9f-22e83d15 Java/TrojanDownloader.Agent.NBN trojan

C:\Users\nicolas alexis\AppData\Roaming\OpenCandy\63A76124BCAB4E69B4D0C44751012E7E\registrybooster(.exe a variant of Win32/RegistryBooster application

C:\Users\nicolas alexis\Desktop\dossier a dossier\Call of duty 4\Crack COD4_FFF\Call.Of.Duty.4.Modern.Warfare_KEYGEN-FFF.exe probably a variant of Win32/Agent.BQFGNBU trojan

C:\Users\nicolas alexis\Desktop\dossier a dossier\papier\Elodie & Gilles\ecoleprimairejeanmonnet\scrabbleproB.exe probably unknown NewHeur_PE virus

C:\Users\nicolas alexis\Desktop\MUSIQUE\de gauche a droite(1).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan

C:\Users\nicolas alexis\Desktop\MUSIQUE\drake et josh generique-HQ.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan

C:\Users\nicolas alexis\Desktop\MUSIQUE\generique HIT TOP50.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan

C:\Users\nicolas alexis\Desktop\MUSIQUE\generique(Club RMX).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan

C:\Users\nicolas alexis\Desktop\MUSIQUE\FAIRE BOUGER\soiree laurence\2009\matador Jessy Allez! Ola! Olé!.wma probably a variant of Win32/TrojanDownloader.Agent.IIYTTCE trojan

C:\Users\nicolas alexis\Downloads\CasinoFranceNet.exe a variant of Win32/PrimeCasino application

C:\Users\nicolas alexis\Downloads\MsgPlusLive-480.exe a variant of Win32/MessengerPlus application

C:\Users\nicolas alexis\Downloads\Plugin_VLC.exe Win32/Adware.OfferBox application

C:\Users\nicolas alexis\Downloads\scrabbleproB(2).exe probably unknown NewHeur_PE virus

C:\Users\nicolas alexis\Downloads\scrabbleproB.exe probably unknown NewHeur_PE virus

C:\Users\nicolas alexis\Downloads\xvid_setup1.2.2-win32(2).exe Win32/Adware.OfferBox application

C:\Users\nicolas alexis\Downloads\xvid_setup1.2.2-win32.exe Win32/Adware.OfferBox application

C:\Users\nicolas alexis\Downloads\eMule\Incoming\[pc game] the settlers 7 [2010].rar a variant of Win32/Agent.WRY trojan

[pear]

J'aurais souhaité voir le rapport de Navilog et un rapport Complet d'Eset.

Modifié le 8 janvier 2011 par pear

[oneill76]

Bonjour PEar

Vous ne m'avez pas fait utiliser NAVILOGje n'ai que les deux rapport de juste au dessus de votre reponse

celui de Rapport de ZHPFix et l'autre qui est COMPLET