déplacement icone ou fichier

[gaspar]

le sp2 est installé

les mises à jour sont affichées, je choisis les + importantes, rien d'automatique

mem physique totale 2 go libre 957 mo soit 47 %

mem totale kernel 206 mo paginée 121 mo non paginée 85 mo

dans accessoires infos system j'ai tout vérifié, conflits partages tout est ok

la bête est dure à coincer, tu penses qu'on y arrivera ? en tout cas merci de ta persévérance

[Tonton]

Bon, on va sortir la "grosse Bertha" :

 

• Télécharge ZHPDiag de Nicolas Coolman :
  
• Enregistre le sur ton bureau
  
• Tu es sous Vista => clique droit sur l'cône, puis « exécuter en tant qu’administrateur »
  
• Suis les instructions à l'écran
  
• Clique sur l'icône LOUPE pour lancer l'analyse
  
• Clique sur l'icône APPAREIL PHOTO pour copier le rapport, puis colle-le dans ta prochaine réponse
  
• Tu peux également trouver le rapport sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

Modifié le 20 février 2011 par Tonton57

[gaspar]

Rapport de ZHPDiag v1.27.1610 par Nicolas Coolman, Update du 19/02/2011

Run by Henri at 20/02/2011 17:31:45

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18904

MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

 

---\\ System Information

Windows Vista Home Premium Edition, 32-bit (Build 6000)

Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2045 MB (50% free)

System Restore: Activé (Enable)

System drive C: has 58 GB (50%) free of 116 GB

 

---\\ Logged in mode

Computer Name: PC-DE-HENRI

User Name: Henri

All Users Names: Henri, ASPNET, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\Henri\AppData\Roaming

%LocalAppData%=C:\Users\Henri\AppData\Local

%StartMenu%=C:\Users\Henri\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 58 Go of 116 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 69 Go of 115 Go)

F:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - (.Microsoft Corporation - Explorateur Windows.) (.29/10/2008 07:20:29.) -- C:\Windows\Explorer.exe [2923520]

[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - (.Microsoft Corporation - Application de démarrage de Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\System32\Wininit.exe [95744]

[MD5.9F75392B9128A91ABAFB044EA350BAAD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\System32\Winlogon.exe [308224]

[MD5.B35CFCEF838382AB6490B321C87EDF17] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.20/04/2008 12:44:21.) -- C:\Windows\System32\drivers\atapi.sys [21560]

[MD5.37430AA7A66D7A63407ADC2C0D05E9F6] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/04/2008 12:45:48.) -- C:\Windows\System32\drivers\ntfs.sys [1060920]

 

 

---\\ Processus lancés

[MD5.53BECE85EC4AC765C76CE22D9D245892] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2620336]

[MD5.B6011B6ACC9ACF451F78A47EE9E7F073] - (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [904880]

[MD5.6735078E25750896D45B3E7008FFA921] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [140568]

[MD5.6C1B31F5C16E03153F0037AC6C451FFD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2838912]

[MD5.DEFFED4DDF802E2A64AB06D4EDCCB84B] - (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [413696]

[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]

[MD5.5F366CB7F83A5DBE8F50EF989C15DFE2] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe [4813312]

[MD5.71F78F19A6E965E55183B110E25A8B86] - (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe [353736]

[MD5.55A3AB661CF5E4314787B3E3FD284829] - (.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe [255432]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472]

[MD5.86F8D680A5EF001FFEBC3F8A4CF3A9DB] - (.Google Inc. - Picasa.) -- C:\Program Files\Google\Picasa3\Picasa3.exe [8775160]

[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]

[MD5.8EDAC4D2659E1F525D432D991BF97C53] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [630784]

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

M3 - MFPP: Plugins - [Henri] -- C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\cz563vbu.default\searchplugins\MyStart Search.xml

M3 - MFPP: Plugins - [Henri] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Henri] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Henri] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Henri] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Henri] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Henri] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=0.8.6b] - (.VideoLAN Team - Version 0.8.6b, copyright 1996-2006 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.0.5] - (.VideoLAN Team - Version 0.8.6b, copyright 1996-2006 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

M0 - MFSP: prefs.js [Henri - cz563vbu.default] Yahoo! Actualités - Toute l'actualité en France et dans le monde

M2 - MFEP: prefs.js [Henri - cz563vbu.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20101113Wb1 (.Google Inc..)

M2 - MFEP: prefs.js [Henri - cz563vbu.default\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}] [] Walnut pour Firefox" em:description="Walnut pour Firefox, basé sur des icônes de art.gnome.org. Inclut le support de DOM inspector, downloadstatusbar, QuickNote, v7.1.20101113Wb1 (.Alfred Kayser (alfredkayser@gmail.com).)

M2 - MFEP: prefs.js [Henri - cz563vbu.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v7.1.20101113Wb1 (.BitDefender R&D Team.)

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-2225186546-478183646-4290705749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKLM\..\Run: [AcronisTimounterMonitor] . (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

O4 - HKLM\..\Run: [PC Pitstop PC Matic Reminder] . (.PC Pitstop LLC - PC Matic.) -- C:\Program Files\PCPitstop\PC Matic\Reminder-PCMatic.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-2225186546-478183646-4290705749-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Henri\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe

O4 - Global Startup: C:\Users\Henri\Desktop\CrystalDiskInfo.lnk . (.Crystal Dew World.) -- C:\Program Files\CrystalDiskInfo\DiskInfo.exe

O4 - Global Startup: C:\Users\Henri\Desktop\desktop.ini - Raccourci.lnk . (...) -- C:\Users\Henri\Desktop\Racourcis\desktop.ini

O4 - Global Startup: C:\Users\Henri\Desktop\footballeuse Eric.wmv - Raccourci.lnk . (...) -- C:\Users\Henri\Desktop\Racourcis\footballeuse Eric.wmv

O4 - Global Startup: C:\Users\Henri\Desktop\grapheat..lnk . (...) -- C:\Program Files\Graphe AT\grapheat.exe

O4 - Global Startup: C:\Users\Henri\Desktop\iTunes.lnk . (...) -- C:\Windows\Installer\{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}\iTunesIco.exe

O4 - Global Startup: C:\Users\Henri\Desktop\Merops..lnk . (.Merops.) -- C:\Program Files\Mérops\Merops.exe

O4 - Global Startup: C:\Users\Henri\Desktop\PC Matic.lnk . (.PC Pitstop LLC.) -- C:\Program Files\PCPitstop\PC Matic\PCMatic.exe

O4 - Global Startup: C:\Users\Henri\Desktop\procexp.chm - Raccourci.lnk . (...) -- C:\Users\Henri\Desktop\procexp\ProcessExpl\procexp.chm

O4 - Global Startup: C:\Users\Henri\Desktop\procexp.exe - Raccourci.lnk . (.Sysinternals - www.sysinternals.com.) -- C:\Users\Henri\Desktop\ProcessExplorer-1\procexp.exe

O4 - Global Startup: C:\Users\Henri\Desktop\Tradexpert2.89A5R.lnk . (...) -- C:\Program Files\Tradexpert2.89A5R\Tradexpert2.exe

O4 - Global Startup: C:\Users\Henri\Desktop\WinBrick2000.lnk . (.Soft&Fun.) -- C:\Program Files\WinBrick2000\Brick2K.exe

O4 - Global Startup: C:\Users\Henri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk . (.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\bin\IncMail.exe

O4 - Global Startup: C:\Users\Henri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\Henri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegCleanr.exe - Raccourci.lnk . (...) -- C:\Program Files\RegCleaner\RegCleanr.exe

O4 - Global Startup: C:\Users\Henri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Henri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} . (.Pas de propriétaire - Pas de description.) -- C:\Toshiba\Webshops\eBay\ebay.ico

O9 - Extra button: eBay - Achetez, Vendez - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} () - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://ma-config.com/activex/hardwaredetection_3_1_1_0.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{0643592E-B1BF-417B-9488-49ECEF912647}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{0643592E-B1BF-417B-9488-49ECEF912647}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{0643592E-B1BF-417B-9488-49ECEF912647}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{0643592E-B1BF-417B-9488-49ECEF912647}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe

O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe

O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (avast! Mail Scanner) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (avast! Web Scanner) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: (gupdate1c9c2981aea6420) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: (PCPitstop Scheduling) . (.PC Pitstop LLC - PC Pitstop Scheduler Service.) - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe

O23 - Service: (SandraAgentSrv) . (.SiSoftware - SiSoftware Deployment Agent Service (NT)(Un.) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe

O23 - Service: (TempoMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPO.) - C:\Program Files\Toshiba TEMPO\TempoSVC.exe

O23 - Service: (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe

O23 - Service: (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: (TryAndDecideService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

O23 - Service: (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Registry Winner Schedule.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{292548E3-D7FD-4F81-9069-F7F0B755792F}.job

[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [Orb Startup] (.Pas de propriétaire.) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Registry Winner Schedule] (.Pas de propriétaire.) -- C:\Program Files\Registry Winner\RegistryWinner.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{5B4CCD25-9954-4157-B412-5072FB3E9802}] (.Pas de propriétaire.) -- C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe (.not file.)

[MD5.68997DCC017B8F0A1675452476A03300] [APT] [{786F6B7E-A88B-4D13-A96E-EC6951934695}] (.InstallShield Software Corporation.) -- C:\Windows\IsUn040c.exe

[MD5.00000000000000000000000000000000] [APT] [{86EEFB87-7D50-4490-8E76-39F6958C18D2}] (.Pas de propriétaire.) -- C:\Program Files\AVG\AVG8\setup.exe (.not file.)

[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: (DfsC) . (.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ACDSee 5.0 Standard - (.ACD Systems Ltd.) [HKLM] -- {504D6243-D4AE-44E3-991A-380CF2316E16}

O42 - Logiciel: Acronis True Image Home - (.Acronis.) [HKLM] -- {E5343B27-55DF-40BD-9FCF-A643C1331E8A}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 7.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A71000000002}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {553255F3-78FD-40F1-A6F8-6882140265FE}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {8A253629-0511-4854-8B4E-46E57E66005C}

O42 - Logiciel: Broadcom High Definition Video Decoder 2.6.40.1 - (.Broadcom Corporation.) [HKLM] -- BCM70010

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}

O42 - Logiciel: Canon ScanGear Starter - (.Pas de propriétaire.) [HKLM] -- {18A5DFF2-8A95-49F3-873F-743CB5549F3D}

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {22543949-70E8-45D0-A938-F38143EB8BF8}

O42 - Logiciel: CrystalDiskInfo 3.8.0 - (.Crystal Dew World.) [HKLM] -- CrystalDiskInfo_is1

O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: DVDFab 6.0.4.0 (28/07/2009) - (.Fengtao Software Inc..) [HKLM] -- DVDFab 6_is1

O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler

O42 - Logiciel: EasyCleaner - (.ToniArts.) [HKLM] -- {F5346614-B7C4-4E94-826A-E2363155233D}

O42 - Logiciel: Electric Sheep 2.7b29 - (.Electricsheep.) [HKLM] -- Electric Sheep

O42 - Logiciel: Emperor's Mahjong pour Windows - (.Pas de propriétaire.) [HKLM] -- Emperor's Mahjong pour Windows

O42 - Logiciel: FreeUndelete - (.Pas de propriétaire.) [HKLM] -- FreeUndelete

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}

O42 - Logiciel: Graphe Analyse Technique 3.0 - (.MLog.) [HKLM] -- Graphe AT_is1

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: ImgBurn 2.3.2.0 Fr - (.Pas de propriétaire.) [HKLM] -- {75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1

O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}

O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail

O42 - Logiciel: Intel Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Java 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}

O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}

O42 - Logiciel: Java SE Runtime Environment 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160000}

O42 - Logiciel: MRU-Blaster v1.5 (Database 3/28/2004) - (.Javacool Software LLC.) [HKLM] -- MRU-Blaster_is1

O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM] -- M953297

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Flight Simulator 2002 - (.Pas de propriétaire.) [HKLM] -- Flight Simulator 8.0

O42 - Logiciel: Microsoft Le Monde des avions Version 1.0 - (.Pas de propriétaire.) [HKLM] -- Microsoft_World_of_Flight

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {90AF040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9085040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: Mérops - (.Pas de propriétaire.) [HKCU] -- Mérops

O42 - Logiciel: PC Inspector File Recovery - (.Pas de propriétaire.) [HKLM] -- {0DD140D3-9563-481E-AA75-BA457CBDAEF2}

O42 - Logiciel: PC Matic 1.0.0.24 - (.PC Pitstop LLC.) [HKLM] -- PC Matic_is1

O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- photofiltre

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}

O42 - Logiciel: Quicken 2000 - (.Pas de propriétaire.) [HKLM] -- Quicken 2000

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Réducteur de bruit lect. CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}

O42 - Logiciel: SiSoftware Sandra Lite 2010 - (.SiSoftware.) [HKLM] -- {C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1

O42 - Logiciel: System Explorer 2.7.2 - (.Mister Group.) [HKLM] -- System Explorer_is1

O42 - Logiciel: TOSHIBA Assist - (.Pas de propriétaire.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}

O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}

O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}

O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA.) [HKLM] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}

O42 - Logiciel: TOSHIBA SD Memory Utilities - (.TOSHIBA.) [HKLM] -- {EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}

O42 - Logiciel: TOSHIBA Software Modem - (.Agere Systems.) [HKLM] -- TOSHIBA Software Modem

O42 - Logiciel: TV sur PC - (.SFR.) [HKLM] -- Neuf_TV_PC

O42 - Logiciel: The KMPlayer v2.9.4.1435 FR - (.www.kmplayer.com/fr.) [HKLM] -- The KMPlayer FR_is1

O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: Toshiba TEMPO - (.Toshiba Europe GmbH.) [HKLM] -- {4ACF5CB8-CADE-42C9-B3D3-B8751A2CDFD6}

O42 - Logiciel: Tradexpert 2.89A5R - (.Dubus S.A..) [HKLM] -- Tradexpert 2.89A5R_is1

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: VideoLAN VLC media player 0.8.6b - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Visual C++ CRT 9.0 SP1 - (.Michel Kraemer.) [HKLM] -- {EC25B803-4BDB-47F7-B877-FCE7D7966C0F}

O42 - Logiciel: WinBrick2000 - (.Pas de propriétaire.) [HKLM] -- Install WinBrick2000 v3.17.0 Shareware

O42 - Logiciel: WinBrick2000 - (.Pas de propriétaire.) [HKLM] -- Register WinBrick2000 to v3.06 full version

O42 - Logiciel: WinZip - (.WinZip Computing, Inc..) [HKLM] -- WinZip

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion

O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {5ECB3A3C-980B-4D12-9724-25DCB07A1F47}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ACD Systems]

[HKCU\Software\ALWIL Software]

[HKCU\Software\ASProtect]

[HKCU\Software\ATI Technologies Inc.]

[HKCU\Software\ATI]

[HKCU\Software\Acronis]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\AVG]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\CDDB]

[HKCU\Software\CEC_CM_SW]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\DVD Shrink]

[HKCU\Software\DVDFab]

[HKCU\Software\Google]

[HKCU\Software\ImInstaller]

[HKCU\Software\ImgBurn]

[HKCU\Software\IncrediMail]

[HKCU\Software\JavaSoft]

[HKCU\Software\KMPlayer]

[HKCU\Software\Lucent]

[HKCU\Software\MLog]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\ODBC]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\RegClean]

[HKCU\Software\Seattle FilmWorks]

[HKCU\Software\SiSoftware]

[HKCU\Software\Soft&Fun]

[HKCU\Software\Softonic]

[HKCU\Software\Sysinternals]

[HKCU\Software\TOSHIBA]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WinZip Computing]

[HKLM\Software\ACD Systems]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Acronis]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Canon]

[HKLM\Software\Chicony Electronics Co.,Ltd.]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Corbis]

[HKLM\Software\Crystal Dew World]

[HKLM\Software\Debug]

[HKLM\Software\DivXNetworks]

[HKLM\Software\ElectricSheep]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\Hexacto]

[HKLM\Software\ImInstaller]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\Kodak]

[HKLM\Software\Lucent]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Montparnasse]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Neuf]

[HKLM\Software\Nico Mak Computing]

[HKLM\Software\ODBC]

[HKLM\Software\PCPitstop]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SOFTWARE]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\SiSoftware]

[HKLM\Software\SystemExplorer]

[HKLM\Software\TOSHIBA]

[HKLM\Software\Toshiba Tempo]

[HKLM\Software\Trad-FR]

[HKLM\Software\TrendMicro]

[HKLM\Software\Ubi Soft]

[HKLM\Software\Ulead Systems]

[HKLM\Software\VideoLAN]

[HKLM\Software\Waves Audio]

[HKLM\Software\mozilla.org]

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 24/04/2008 - 11:52:46 ----D- C:\Program Files\ACD Systems

O43 - CFD: 16/05/2008 - 12:20:52 ----D- C:\Program Files\Acronis

O43 - CFD: 18/02/2011 - 17:35:26 ----D- C:\Program Files\Ad-Remover

O43 - CFD: 09/01/2009 - 16:22:42 ----D- C:\Program Files\Adobe

O43 - CFD: 10/06/2010 - 19:45:36 ----D- C:\Program Files\adslTV

O43 - CFD: 26/04/2010 - 09:35:10 ----D- C:\Program Files\Ahead

O43 - CFD: 29/08/2010 - 21:55:00 ----D- C:\Program Files\Alawar

O43 - CFD: 01/03/2010 - 11:03:48 ----D- C:\Program Files\Alwil Software

O43 - CFD: 10/11/2008 - 17:53:32 ----D- C:\Program Files\Apple Software Update

O43 - CFD: 25/04/2008 - 21:44:34 ----D- C:\Program Files\Astase

O43 - CFD: 19/04/2008 - 19:46:44 ----D- C:\Program Files\ATI

O43 - CFD: 17/09/2010 - 17:28:06 ----D- C:\Program Files\ATI Technologies

O43 - CFD: 18/06/2009 - 16:17:54 ----D- C:\Program Files\AVG

O43 - CFD: 08/06/2010 - 09:12:12 ----D- C:\Program Files\Bonjour

O43 - CFD: 17/06/2009 - 17:15:46 ----D- C:\Program Files\Broadcom

O43 - CFD: 15/01/2011 - 15:49:54 ----D- C:\Program Files\Camera Assistant Software for Toshiba

O43 - CFD: 28/11/2010 - 19:35:30 ----D- C:\Program Files\CCleaner

O43 - CFD: 15/02/2011 - 16:07:10 ----D- C:\Program Files\Common Files

O43 - CFD: 18/02/2011 - 23:26:52 ----D- C:\Program Files\CrystalDiskInfo

O43 - CFD: 26/04/2010 - 10:30:00 ----D- C:\Program Files\Defraggler

O43 - CFD: 03/09/2009 - 19:15:22 ----D- C:\Program Files\DVD Shrink

O43 - CFD: 29/12/2009 - 13:40:40 ----D- C:\Program Files\DVDFab 6

O43 - CFD: 31/01/2011 - 14:41:04 ----D- C:\Program Files\Electric Sheep

O43 - CFD: 27/09/2010 - 13:49:12 ----D- C:\Program Files\Electricsheep Screensaver

O43 - CFD: 19/04/2008 - 21:10:28 -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 01/01/2011 - 17:46:58 ----D- C:\Program Files\Foxmail

O43 - CFD: 20/10/2008 - 17:35:36 ----D- C:\Program Files\FreeUndelete

O43 - CFD: 03/12/2010 - 17:22:16 ----D- C:\Program Files\Google

O43 - CFD: 18/02/2011 - 12:00:08 ----D- C:\Program Files\Graphe AT

O43 - CFD: 26/04/2010 - 09:26:10 ----D- C:\Program Files\HP

O43 - CFD: 24/12/2009 - 19:38:22 ----D- C:\Program Files\ImgBurn

O43 - CFD: 30/12/2010 - 21:44:06 ----D- C:\Program Files\IncrediMail

O43 - CFD: 03/12/2010 - 17:21:00 --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 19/04/2008 - 21:29:34 ----D- C:\Program Files\Intel

O43 - CFD: 15/05/2010 - 09:34:48 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 10/07/2007 - 15:49:48 ----D- C:\Program Files\InterVideo

O43 - CFD: 01/07/2009 - 16:09:26 ----D- C:\Program Files\IObit

O43 - CFD: 08/06/2010 - 09:20:16 ----D- C:\Program Files\iPod

O43 - CFD: 08/06/2010 - 09:20:56 ----D- C:\Program Files\iTunes

O43 - CFD: 26/06/2009 - 16:57:32 ----D- C:\Program Files\Java

O43 - CFD: 05/10/2009 - 22:05:40 ----D- C:\Program Files\JkDefrag

O43 - CFD: 18/06/2009 - 16:42:12 ----D- C:\Program Files\Lavasoft

O43 - CFD: 12/01/2011 - 15:27:52 ----D- C:\Program Files\LED

O43 - CFD: 18/02/2011 - 09:42:20 ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 02/10/2009 - 10:26:14 ----D- C:\Program Files\MicroProse Software

O43 - CFD: 03/10/2009 - 12:53:50 ----D- C:\Program Files\Microsoft Games

O43 - CFD: 09/02/2011 - 23:29:16 ----D- C:\Program Files\Microsoft Office

O43 - CFD: 21/09/2010 - 07:37:54 ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 03/11/2010 - 14:43:56 ----D- C:\Program Files\Mindscape

O43 - CFD: 22/03/2010 - 11:21:26 ----D- C:\Program Files\Movie Maker

O43 - CFD: 01/01/2011 - 17:47:22 ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 18/11/2010 - 14:40:06 ----D- C:\Program Files\MRU-Blaster

O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\MSBuild

O43 - CFD: 20/04/2010 - 18:55:30 ----D- C:\Program Files\MSECache

O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\MSN

O43 - CFD: 10/07/2007 - 14:49:52 ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 31/01/2011 - 18:52:58 ----D- C:\Program Files\Mérops

O43 - CFD: 27/09/2010 - 12:01:58 ----D- C:\Program Files\Navirad GPS5

O43 - CFD: 04/07/2009 - 15:31:12 ----D- C:\Program Files\Notepad++

O43 - CFD: 20/12/2010 - 22:12:30 ----D- C:\Program Files\Opera

O43 - CFD: 20/10/2008 - 17:17:08 ----D- C:\Program Files\PC Inspector File Recovery

O43 - CFD: 18/02/2011 - 23:26:04 ----D- C:\Program Files\PCPitstop

O43 - CFD: 04/01/2011 - 19:37:46 ----D- C:\Program Files\Photo Notifier and Animation Creator

O43 - CFD: 25/04/2008 - 13:48:30 ----D- C:\Program Files\PhotoFiltre

O43 - CFD: 11/04/2009 - 13:04:38 ----D- C:\Program Files\Picasa2

O43 - CFD: 26/08/2010 - 14:27:54 ----D- C:\Program Files\Pochette Express 2

O43 - CFD: 28/08/2009 - 14:40:02 ----D- C:\Program Files\Prolific

O43 - CFD: 08/06/2010 - 09:17:36 ----D- C:\Program Files\QuickTime

O43 - CFD: 15/10/2007 - 18:40:36 ----D- C:\Program Files\Realtek

O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 18/06/2009 - 22:06:56 ----D- C:\Program Files\RegCleaner

O43 - CFD: 25/12/2008 - 13:01:26 ----D- C:\Program Files\Registry Easy

O43 - CFD: 11/07/2009 - 18:15:48 ----D- C:\Program Files\Registry Winner

O43 - CFD: 20/04/2008 - 17:17:16 ----D- C:\Program Files\Runtime Software

O43 - CFD: 22/06/2010 - 22:22:20 ----D- C:\Program Files\SFR

O43 - CFD: 13/01/2011 - 18:46:32 ----D- C:\Program Files\Shape Collage

O43 - CFD: 18/02/2011 - 20:40:42 ----D- C:\Program Files\SiSoftware

O43 - CFD: 20/02/2011 - 11:15:18 ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD: 18/02/2011 - 21:41:46 ----D- C:\Program Files\System Explorer

O43 - CFD: 18/12/2010 - 18:17:16 ----D- C:\Program Files\The KMPlayer FR

O43 - CFD: 15/01/2011 - 14:03:18 ----D- C:\Program Files\ToniArts

O43 - CFD: 19/04/2008 - 21:32:30 ----D- C:\Program Files\TOSHIBA

O43 - CFD: 19/04/2008 - 21:28:30 ----D- C:\Program Files\Toshiba TEMPO

O43 - CFD: 25/12/2009 - 18:35:14 ----D- C:\Program Files\Tradexpert2.80

O43 - CFD: 05/10/2009 - 14:51:18 ----D- C:\Program Files\Tradexpert2.89A5R

O43 - CFD: 22/08/2008 - 22:10:54 ----D- C:\Program Files\Trend Micro

O43 - CFD: 29/06/2010 - 15:04:26 ----D- C:\Program Files\Trojan Killer

O43 - CFD: 10/07/2007 - 15:46:34 ----D- C:\Program Files\Ulead Systems

O43 - CFD: 02/11/2006 - 14:01:56 --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 22/06/2010 - 21:13:52 ----D- C:\Program Files\VideoLAN

O43 - CFD: 03/12/2010 - 17:16:14 ----D- C:\Program Files\Visual Math Evolution

O43 - CFD: 21/09/2010 - 07:13:34 ----D- C:\Program Files\Winamp

O43 - CFD: 29/08/2010 - 22:02:30 ----D- C:\Program Files\WinBrick2000

O43 - CFD: 20/04/2008 - 12:51:08 ----D- C:\Program Files\Windows Calendar

O43 - CFD: 10/07/2007 - 15:08:34 ----D- C:\Program Files\Windows Defender

O43 - CFD: 20/08/2009 - 10:43:20 ----D- C:\Program Files\Windows Mail

O43 - CFD: 31/12/2009 - 13:07:20 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 19/04/2008 - 21:10:28 ----D- C:\Program Files\Windows NT

O43 - CFD: 02/11/2006 - 13:42:34 ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 20/04/2008 - 12:51:02 ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 26/06/2009 - 17:48:30 ----D- C:\Program Files\Winmail Opener

O43 - CFD: 04/07/2009 - 15:50:20 ----D- C:\Program Files\Winmail Reader

O43 - CFD: 25/04/2008 - 12:29:06 ----D- C:\Program Files\WinZip

O43 - CFD: 07/09/2009 - 13:47:30 ----D- C:\Program Files\xTrade

O43 - CFD: 01/07/2009 - 16:09:42 ----D- C:\Program Files\Yahoo!

O43 - CFD: 20/02/2011 - 17:32:02 ----D- C:\Program Files\ZHPDiag

O43 - CFD: 18/02/2011 - 16:04:36 ----D- C:\Program Files\ZHPFix

O43 - CFD: 24/04/2008 - 11:52:46 ----D- C:\Program Files\Common Files\ACD Systems

O43 - CFD: 16/05/2008 - 12:21:04 ----D- C:\Program Files\Common Files\Acronis

O43 - CFD: 09/01/2009 - 16:22:42 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 03/09/2009 - 21:52:02 ----D- C:\Program Files\Common Files\Ahead

O43 - CFD: 08/06/2010 - 09:20:08 ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 18/11/2008 - 20:20:02 ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD: 05/05/2009 - 22:24:02 ----D- C:\Program Files\Common Files\BOONTY Shared

O43 - CFD: 23/04/2010 - 20:54:24 ----D- C:\Program Files\Common Files\CyberLink

O43 - CFD: 19/10/2010 - 11:43:06 ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 18/04/2007 - 07:47:18 ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 18/04/2007 - 06:44:54 ----D- C:\Program Files\Common Files\Java

O43 - CFD: 29/12/2010 - 19:10:06 ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 20/09/2010 - 19:57:04 ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 21/04/2008 - 16:31:32 ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 19/10/2010 - 11:42:46 ----D- C:\Program Files\Common Files\System

O43 - CFD: 17/06/2009 - 17:29:04 ----D- C:\Program Files\Common Files\Toshiba Shared

O43 - CFD: 10/07/2007 - 15:49:36 ----D- C:\Program Files\Common Files\Ulead Systems

O43 - CFD: 15/02/2011 - 16:07:10 ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 19/04/2008 - 21:28:04 ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 24/04/2008 - 11:52:44 ----D- C:\ProgramData\ACD Systems

O43 - CFD: 07/06/2008 - 15:29:12 ----D- C:\ProgramData\Acronis

O43 - CFD: 28/12/2008 - 13:13:00 ----D- C:\ProgramData\Adobe

O43 - CFD: 01/03/2010 - 11:03:48 ----D- C:\ProgramData\Alwil Software

O43 - CFD: 05/05/2008 - 11:28:24 ----D- C:\ProgramData\Apple

O43 - CFD: 08/06/2010 - 09:20:06 ----D- C:\ProgramData\Apple Computer

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Application Data

O43 - CFD: 17/09/2010 - 17:35:46 ----D- C:\ProgramData\ATI

O43 - CFD: 19/04/2008 - 21:10:28 -SH-D- C:\ProgramData\Bureau

O43 - CFD: 26/04/2010 - 09:25:14 ----D- C:\ProgramData\CyberLink

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Desktop

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Documents

O43 - CFD: 12/01/2011 - 23:06:40 ----D- C:\ProgramData\DVD Shrink

O43 - CFD: 31/01/2011 - 14:41:28 ----D- C:\ProgramData\ElectricSheep

O43 - CFD: 06/04/2010 - 15:45:06 ----D- C:\ProgramData\Etiam

O43 - CFD: 19/04/2008 - 21:10:28 -SH-D- C:\ProgramData\Favoris

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Favorites

O43 - CFD: 23/01/2009 - 12:52:14 ----D- C:\ProgramData\Google

O43 - CFD: 26/04/2010 - 09:29:42 ----D- C:\ProgramData\HP

O43 - CFD: 19/10/2010 - 19:27:22 ----D- C:\ProgramData\IM

O43 - CFD: 19/04/2008 - 22:35:00 ----D- C:\ProgramData\IncrediMail

O43 - CFD: 19/04/2008 - 21:35:36 ----D- C:\ProgramData\IsolatedStorage

O43 - CFD: 29/05/2009 - 22:48:48 ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 18/05/2010 - 09:25:22 ----D- C:\ProgramData\McAfee

O43 - CFD: 19/04/2008 - 21:10:28 -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 07/08/2008 - 11:04:02 ----D- C:\ProgramData\MGS

O43 - CFD: 15/02/2011 - 16:06:54 -S--D- C:\ProgramData\Microsoft

O43 - CFD: 19/04/2008 - 21:10:28 -SH-D- C:\ProgramData\Modèles

O43 - CFD: 26/06/2010 - 13:58:34 ----D- C:\ProgramData\Mozilla

O43 - CFD: 18/02/2011 - 23:37:50 ----D- C:\ProgramData\PCPitstop

O43 - CFD: 04/01/2011 - 19:37:46 ----D- C:\ProgramData\Photo Notifier and Animation Creator

O43 - CFD: 20/02/2011 - 11:15:16 ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 18/02/2011 - 22:10:42 ----D- C:\ProgramData\SystemExplorer

O43 - CFD: 23/04/2010 - 20:50:08 ---AD- C:\ProgramData\TEMP

O43 - CFD: 02/11/2006 - 14:02:06 -SH-D- C:\ProgramData\Templates

O43 - CFD: 19/04/2008 - 21:32:34 ----D- C:\ProgramData\Toshiba

O43 - CFD: 19/04/2008 - 21:14:42 ----D- C:\ProgramData\ToshibaEurope

O43 - CFD: 10/07/2007 - 15:49:02 ----D- C:\ProgramData\Ulead Systems

O43 - CFD: 10/07/2007 - 15:36:02 ----D- C:\ProgramData\Vista64

O43 - CFD: 10/12/2009 - 20:46:20 ----D- C:\ProgramData\vsosdk

O43 - CFD: 10/07/2007 - 15:36:02 ----D- C:\ProgramData\XP

O43 - CFD: 01/07/2009 - 16:10:16 ----D- C:\ProgramData\Yahoo! Companion

O43 - CFD: 24/04/2008 - 12:04:20 ----D- C:\Users\Henri\AppData\Roaming\ACD Systems

O43 - CFD: 16/05/2008 - 12:32:38 ----D- C:\Users\Henri\AppData\Roaming\Acronis

O43 - CFD: 26/08/2009 - 16:19:50 ----D- C:\Users\Henri\AppData\Roaming\Adobe

O43 - CFD: 04/05/2008 - 22:19:54 ----D- C:\Users\Henri\AppData\Roaming\AdobeUM

O43 - CFD: 11/06/2010 - 13:30:40 ----D- C:\Users\Henri\AppData\Roaming\Apple Computer

O43 - CFD: 19/04/2008 - 21:35:28 ----D- C:\Users\Henri\AppData\Roaming\ATI

O43 - CFD: 18/11/2008 - 19:34:54 ----D- C:\Users\Henri\AppData\Roaming\AVS4YOU

O43 - CFD: 20/04/2008 - 16:53:56 ----D- C:\Users\Henri\AppData\Roaming\Canon

O43 - CFD: 23/04/2010 - 20:58:34 ----D- C:\Users\Henri\AppData\Roaming\CyberLink

O43 - CFD: 04/09/2010 - 14:22:32 ----D- C:\Users\Henri\AppData\Roaming\dvdcss

O43 - CFD: 19/04/2008 - 22:29:18 ----D- C:\Users\Henri\AppData\Roaming\Google

O43 - CFD: 19/04/2008 - 21:33:54 ----D- C:\Users\Henri\AppData\Roaming\Identities

O43 - CFD: 24/12/2009 - 20:31:26 ----D- C:\Users\Henri\AppData\Roaming\ImgBurn

O43 - CFD: 19/04/2008 - 21:30:36 ----D- C:\Users\Henri\AppData\Roaming\InstallShield

O43 - CFD: 01/07/2009 - 16:09:26 ----D- C:\Users\Henri\AppData\Roaming\IObit

O43 - CFD: 03/01/2009 - 17:36:40 ----D- C:\Users\Henri\AppData\Roaming\Leadertech

O43 - CFD: 19/04/2008 - 22:26:52 ----D- C:\Users\Henri\AppData\Roaming\Macromedia

O43 - CFD: 18/06/2009 - 21:38:10 ----D- C:\Users\Henri\AppData\Roaming\MailWasher

O43 - CFD: 29/05/2009 - 22:48:54 ----D- C:\Users\Henri\AppData\Roaming\Malwarebytes

O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Users\Henri\AppData\Roaming\Media Center Programs

O43 - CFD: 16/09/2010 - 18:27:56 ----D- C:\Users\Henri\AppData\Roaming\Media Player Classic

O43 - CFD: 23/11/2010 - 17:52:06 -S--D- C:\Users\Henri\AppData\Roaming\Microsoft

O43 - CFD: 17/05/2010 - 14:07:34 ----D- C:\Users\Henri\AppData\Roaming\Mozilla

O43 - CFD: 04/07/2009 - 15:31:12 ----D- C:\Users\Henri\AppData\Roaming\Notepad++

O43 - CFD: 15/10/2008 - 13:34:44 ----D- C:\Users\Henri\AppData\Roaming\OpenOffice.org

O43 - CFD: 20/05/2008 - 22:26:10 ----D- C:\Users\Henri\AppData\Roaming\OpenOffice.org2

O43 - CFD: 20/12/2010 - 18:02:00 ----D- C:\Users\Henri\AppData\Roaming\Opera

O43 - CFD: 02/12/2010 - 20:57:56 ----D- C:\Users\Henri\AppData\Roaming\QuickScan

O43 - CFD: 25/12/2008 - 20:39:46 ----D- C:\Users\Henri\AppData\Roaming\RegClean

O43 - CFD: 01/09/2010 - 21:25:38 ----D- C:\Users\Henri\AppData\Roaming\Thunderbird

O43 - CFD: 25/04/2008 - 09:18:16 ----D- C:\Users\Henri\AppData\Roaming\Toshiba

O43 - CFD: 22/06/2010 - 21:16:14 ----D- C:\Users\Henri\AppData\Roaming\vlc

O43 - CFD: 01/07/2009 - 16:09:40 ----D- C:\Users\Henri\AppData\Roaming\Yahoo!

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.ACED1200D8DCAD7600FCFD7F80EE1200] - 20/02/2011 - 17:10:30 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1837910]

O44 - LFC:[MD5.A37C4A731D21837754C9503F2E107F89] - 20/02/2011 - 16:21:48 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1622290]

O44 - LFC:[MD5.6EA1D56845AD6958DDE2272859631BEE] - 20/02/2011 - 16:21:48 ---A- . (...) -- C:\Windows\System32\perfc009.dat [115272]

O44 - LFC:[MD5.297D786A245E11E6A0774A20E7DAF8D4] - 20/02/2011 - 16:21:48 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [131864]

O44 - LFC:[MD5.D2791EBD29F373659DC2C2BA8C5FE803] - 20/02/2011 - 16:21:48 ---A- . (...) -- C:\Windows\System32\perfh009.dat [648362]

O44 - LFC:[MD5.2536398D9DF199125274052D28CB73AA] - 20/02/2011 - 16:21:48 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [734970]

O44 - LFC:[MD5.05A519699CA99065B27EDCA8E4697FB2] - 20/02/2011 - 16:16:54 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/02/2011 - 12:53:36 ---A- . (...) -- C:\Windows\setupact.log [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/02/2011 - 12:53:36 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.32F436F3F54DE8786BE28F946BEB4BE7] - 20/02/2011 - 11:57:08 ---A- . (...) -- C:\Windows\PFRO.log [336]

O44 - LFC:[MD5.0A8F581525C95275E3F8DDF9257CF020] - 19/02/2011 - 22:00:27 ---A- . (...) -- C:\Ad-Report-CLEAN[2].txt [3506]

O44 - LFC:[MD5.CDA0D998FF3B217A3A3711E9256D9EB7] - 18/02/2011 - 17:47:08 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [4183]

O44 - LFC:[MD5.D7D31939946E354B99DADC8367DFB1C0] - 18/02/2011 - 17:36:35 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [3860]

O44 - LFC:[MD5.C7B80785B96F35FB7BE1818F9290B8CD] - 16/02/2011 - 17:44:30 ---A- . (...) -- C:\Windows\QUICKEN.INI [1445]

O44 - LFC:[MD5.7AD946FE6EE40CD3EB4824946FB78BAE] - 15/02/2011 - 16:20:09 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [364160]

O44 - LFC:[MD5.ED4FC5980BD8B1AD869FF725C7776338] - 12/02/2011 - 22:55:22 RSHA- . (...) -- C:\config.sys [10]

O44 - LFC:[MD5.1BAFC8FD5DC87A07B8B4DB17D2C48841] - 30/01/2011 - 11:50:11 ---A- . (...) -- C:\Windows\System32\(null)id [11]

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - taskmgr.exe - "C:\USERS\HENRI\DESKTOP\PROCESSEXPLORER-1\PROCEXP.EXE"

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers\"WaveMapper"="msacm.drv" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.IV31"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"VIDC.IV32"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"msacm.drv"="MS Audio Compression Manager" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]

O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]

O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]

O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]

O58 - SDL:[MD5.CE91B158FA490CF4C4D487A4130F4660] - 28/11/2006 - 08:11:00 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1161888]

O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952]

O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]

O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]

O58 - SDL:[MD5.A0D86B8AC93EF95620420C7A24AC5344] - 07/09/2010 - 15:47:07 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [17744]

O58 - SDL:[MD5.BD9119468C32B7ECD1E0544D3F286A73] - 07/09/2010 - 15:47:30 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [50768]

O58 - SDL:[MD5.69823954BBD461A73D69774928C9737E] - 07/09/2010 - 15:47:46 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [23376]

O58 - SDL:[MD5.7ECC2776638B04553F9A85BD684C3ABF] - 07/09/2010 - 15:52:03 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [165584]

O58 - SDL:[MD5.095ED820A926AA8189180B305E1BCFC9] - 07/09/2010 - 15:52:25 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [46672]

O58 - SDL:[MD5.6046A55F79DE9C581B8D5E9C1366CC81] - 02/11/2006 - 08:30:52 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [467456]

O58 - SDL:[MD5.8CE91545423A431353869ED5ADE90ECE] - 20/09/2007 - 17:56:22 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [3077632]

O58 - SDL:[MD5.76C10D80E46CB79570479CB7CF205D39] - 24/03/2009 - 15:07:58 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [55640]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488]

O58 - SDL:[MD5.C3156B712E3873AAD354F1696B2B2925] - 06/03/2007 - 14:01:04 ---A- . (.COMPAL ELECTRONIC INC. - CPLIR.) -- C:\Windows\system32\drivers\CplIR.sys [14848]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]

O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 14:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]

O58 - SDL:[MD5.FD7F9D74C2B35DBDA400804A3F5ED5D8] - 12/02/2007 - 13:36:54 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [277784]

O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.FCCF4AE4EF72CBABA6D6BEFEFD77E940] - 29/03/2003 - 15:45:18 ---A- . (.Ahead Software AG and its licensors - NERO IMAGEDRIVE SCSI miniport.) -- C:\Windows\system32\drivers\imagedrv.sys [89184]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.A383F2CEA0A8F4E76E71ABC869BD5748] - 18/01/2007 - 15:40:56 ---A- . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) -- C:\Windows\system32\drivers\KR10I.sys [219392]

O58 - SDL:[MD5.6E9922332386C2A49936B30B2B6FD298] - 18/01/2007 - 15:47:18 ---A- . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) -- C:\Windows\system32\drivers\KR10N.sys [211072]

O58 - SDL:[MD5.515FC18CABEE0158A324B08B1C2667CF] - 28/07/2006 - 15:25:26 ---A- . (.COMPAL ELECTRONIC INC. - LPCFilter.) -- C:\Windows\system32\drivers\LPCFilter.sys [19456]

O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]

O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]

O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 15:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 15:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.A15F219208843A5A210C8CB391384453] - 02/11/2006 - 08:30:54 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\Windows\system32\drivers\NETw3v32.sys [1781760]

O58 - SDL:[MD5.6522DD40A5F67CED020BD81B856613FB] - 26/09/2007 - 12:12:22 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw4v32.sys [2251776]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680]

O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040]

O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872]

O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.0F16D98C3AF2138FABFA20ADDE4E01FE] - 05/09/2007 - 10:36:26 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [1953944]

O58 - SDL:[MD5.B8B159FA669C6386A458FCD468EBB1E6] - 30/04/2007 - 06:42:14 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [81408]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]

O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]

O58 - SDL:[MD5.BCC773872041AA59BC9A6CF770FB32E2] - 16/05/2008 - 12:21:32 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\system32\drivers\snapman.sys [129248]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.1825BCEB47BF41C5A9F0E44DE82FC27A] - 18/10/2006 - 11:50:04 ---A- . (.TOSHIBA Corporation. - Toshiba ODD Writing Driver For x86..) -- C:\Windows\system32\drivers\tdcmdpst.sys [16128]

O58 - SDL:[MD5.603D59923828C6C213B84B14CBF32083] - 16/05/2008 - 12:21:15 ---A- . (.Acronis - Acronis Try&Decide and Restore Points Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpman.sys [368736]

O58 - SDL:[MD5.E4C85C291DDB3DC5E4A2F227CA465BA6] - 24/01/2007 - 13:44:06 ---A- . (.Texas Instruments - tifm21.sys.) -- C:\Windows\system32\drivers\tifm21.sys [290304]

O58 - SDL:[MD5.B0B3122BFF3910E0BA97014045467778] - 16/05/2008 - 12:21:35 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys [44384]

O58 - SDL:[MD5.13BFE330880AC0CE8672D00AA5AFF738] - 16/05/2008 - 12:21:35 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [441760]

O58 - SDL:[MD5.5C4103544612E5011EF46301B93D1AA6] - 23/10/2006 - 15:32:20 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\system32\drivers\tosrfec.sys [9216]

O58 - SDL:[MD5.1EA5F27C29405BF49799FECA77186DA9] - 26/07/2007 - 15:18:04 ---A- . (.TOSHIBA Corporation - tos_sps2.) -- C:\Windows\system32\drivers\tos_sps32.sys [285184]

O58 - SDL:[MD5.792A8B80F8188ABA4B2BE271583F3E46] - 09/11/2007 - 05:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS [23640]

O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.3B929A72AAEA96DC0150D3A6DA268C89] - 16/04/2007 - 09:19:10 ---A- . (.Chicony Electronics Co., Ltd. - UVCFTR_S.sys.) -- C:\Windows\system32\drivers\UVCFTR_S.SYS [11776]

O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512]

O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.81A3CFF05560C1BE2789B1F7BDD66B53] - 20/03/2002 - 20:01:06 R--A- . (...) -- C:\Windows\system32\Digita.sys [6688]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: ZHPFix 1.12 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Apple Mobile Device (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK

O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI

O64 - Services: CurCS - (.not file.) - AVG network filter service (Avgfwfd) .(...) - LEGACY_AVGFWFD

O64 - Services: CurCS - C:\Windows\system32\Drivers\AVGNTFLT.sys - avgntflt (avgntflt) .(...) - LEGACY_AVGNTFLT

O64 - Services: CurCS - (.not file.) - avgrkx86.sys (AvgRkx86) .(...) - LEGACY_AVGRKX86

O64 - Services: CurCS - (.not file.) - AVG Free8 Network Redirector (AvgTdiX) .(...) - LEGACY_AVGTDIX

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - (.not file.) - (.not file.) - Boonty Games (Boonty Games) .(...) - LEGACY_BOONTY_GAMES

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\System32\Drivers\dfsc.sys - Dfs Client Driver (DfsC) .(.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\dot3svc.dll (dot3svc) .(.Microsoft Corporation - Service de configuration automatique de rés.) - LEGACY_DOT3SVC

O64 - Services: CurCS - C:\Windows\system32\dps.dll (DPS) .(.Microsoft Corporation - Service de stratégie de diagnostic WDI.) - LEGACY_DPS

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\ehome\ehstart.dll (ehstart) .(.Microsoft Corporation - Lanceur des services Windows Media Center.) - LEGACY_EHSTART

O64 - Services: CurCS - C:\Windows\system32\emdmgmt.dll (EMDMgmt) .(.Microsoft Corporation - Service ReadyBoost.) - LEGACY_EMDMGMT

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\PresentationHost.exe (FontCache3.0.0.0) .(.Microsoft Corporation - Windows Presentation Foundation Host.) - LEGACY_FONTCACHE3.0.0.0

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\System32\hidserv.dll (hidserv) .(.Microsoft Corporation - Service HID.) - LEGACY_HIDSERV

O64 - Services: CurCS - C:\Windows\system32\kmsvc.dll (hkmsvc) .(.Microsoft Corporation - Service Gestion des clés.) - LEGACY_HKMSVC

O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(...) - LEGACY_IDSVIX86

O64 - Services: CurCS - C:\Windows\system32\ikeext.dll (IKEEXT) .(.Microsoft Corporation - Extension IKE.) - LEGACY_IKEEXT

O64 - Services: CurCS - C:\Windows\system32\iphlpsvc.dll (iphlpsvc) .(.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - LEGACY_IPHLPSVC

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - IP Network Address Translator (IPNAT) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - (.not file.) - Lbd (Lbd) .(...) - LEGACY_LBD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\lmhsvc.dll (lmhosts) .(.Microsoft Corporation - DLL des services de transport NetBIOS sur T.) - LEGACY_LMHOSTS

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR

O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV

O64 - Services: CurCS - C:\Windows\system32\mmcss.dll (MMCSS) .(.Microsoft Corporation - Service Planificateur de classes multimédia.) - LEGACY_MMCSS

O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (MpsSvc) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSSVC

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\System32\drivers\msahci.sys - msahci (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI

O64 - Services: CurCS - C:\Windows\System32\msdtc.exe - @comres.dll,-2797 (MSDTC) .(.Microsoft Corporation - Programme DTCconsole MS.) - LEGACY_MSDTC

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\qagentrt.dll (napagent) .(.Microsoft Corporation - Exécution du service Agent de quarantaine.) - LEGACY_NAPAGENT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP

O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\System32\netlogon.dll (Netlogon) .(.Microsoft Corporation - DLL des services Net Logon.) - LEGACY_NETLOGON

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\system32\p2psvc.dll (p2pimsvc) .(.Microsoft Corporation - Services pair à pair.) - LEGACY_P2PIMSVC

O64 - Services: CurCS - C:\Windows\system32\pcasvc.dll (PcaSvc) .(.Microsoft Corporation - Service de l’Assistant Compatibilité des pr.) - LEGACY_PCASVC

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\pla.dll (pla) .(.Microsoft Corporation - Journaux & alertes de performance.) - LEGACY_PLA

O64 - Services: CurCS - C:\Windows\system32\p2psvc.dll (PNRPAutoReg) .(.Microsoft Corporation - Services pair à pair.) - LEGACY_PNRPAUTOREG

O64 - Services: CurCS - C:\Windows\system32\p2psvc.dll (PNRPsvc) .(.Microsoft Corporation - Services pair à pair.) - LEGACY_PNRPSVC

O64 - Services: CurCS - (.not file.) - PQNTDrv (PQNTDrv) .(...) - LEGACY_PQNTDRV

O64 - Services: CurCS - (.not file.) - PROCEXP141 (PROCEXP141) .(...) - LEGACY_PROCEXP141

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\qwave.dll (QWAVE) .(.Microsoft Corporation - Windows.) - LEGACY_QWAVE

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\Drivers\RDPWD.sys - (.not file.) - RDP Winstation Driver (RDPWD) .(...) - LEGACY_RDPWD

O64 - Services: CurCS - C:\Windows\system32\mprdim.dll (RemoteAccess) .(.Microsoft Corporation - Gestionnaire d’interface dynamique.) - LEGACY_REMOTEACCESS

O64 - Services: CurCS - C:\Windows\system32\svchost.exe - @regsvc.dll,-1 (RemoteRegistry) .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_REMOTEREGISTRY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys - SANDRA (SANDRA) .(.SiSoftware - Sandra Device Driver (x86)(Unicode).) - LEGACY_SANDRA

O64 - Services: CurCS - C:\Windows\system32\schedsvc.dll (Schedule) .(.Microsoft Corporation - Service du Planificateur de tâches.) - LEGACY_SCHEDULE

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\seclogon.dll (seclogon) .(.Microsoft Corporation - DLL de service d'ouverture de session secon.) - LEGACY_SECLOGON

O64 - Services: CurCS - C:\Windows\system32\ipnathlp.dll (SharedAccess) .(.Microsoft Corporation - Composants de l'application d'assistance à.) - LEGACY_SHAREDACCESS

O64 - Services: CurCS - C:\Windows\system32\SLUINotify.dll (SLUINotify) .(.Microsoft Corporation - Service de notification de l’interface util.) - LEGACY_SLUINOTIFY

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\wiaservc.dll (stisvc) .(.Microsoft Corporation - Service de périphériques d'images fixes.) - LEGACY_STISVC

O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS

O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT

O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW

O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(...) - LEGACY_SYMIDS

O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(...) - LEGACY_SYMNDISV

O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\TabSvc.dll (TabletInputService) .(.Microsoft Corporation - Service Microsoft Panneau de saisie Tablet.) - LEGACY_TABLETINPUTSERVICE

O64 - Services: CurCS - C:\Windows\system32\tapisrv.dll (TapiSrv) .(.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) - LEGACY_TAPISRV

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\System32\drivers\tdtcp.sys - TDTCP (TDTCP) .(.Microsoft Corporation - TCP Transport Driver.) - LEGACY_TDTCP

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\System32\termsrv.dll (TermService) .(.Microsoft Corporation - Gestionnaire des connexions distantes Termi.) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tifsfilt.sys - Acronis True Image FS Filter (tifsfilter) .(.Acronis - Acronis True Image File System Filter.) - LEGACY_TIFSFILTER

O64 - Services: CurCS - C:\Windows\system32\trkwks.dll (TrkWks) .(.Microsoft Corporation - Client de suivi de lien distribué.) - LEGACY_TRKWKS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tssecsrv.sys - Terminal Services Security Filter Driver (tssecsrv) .(.Microsoft Corporation - TS Security Filter Driver.) - LEGACY_TSSECSRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - (.not file.) - Zone Alarm Firewall Driver (Vsdatant) .(...) - LEGACY_VSDATANT

O64 - Services: CurCS - C:\Windows\system32\w32time.dll (W32Time) .(.Microsoft Corporation - Service de temps Windows.) - LEGACY_W32TIME

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\system32\wcncsvc.dll (wcncsvc) .(.Microsoft Corporation - Windows Connect Now - Service de registre d.) - LEGACY_WCNCSVC

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\system32\wdi.dll (WdiServiceHost) .(.Microsoft Corporation - Infrastructure de diagnostics Windows.) - LEGACY_WDISERVICEHOST

O64 - Services: CurCS - C:\Windows\system32\wdi.dll (WdiSystemHost) .(.Microsoft Corporation - Infrastructure de diagnostics Windows.) - LEGACY_WDISYSTEMHOST

O64 - Services: CurCS - C:\Windows\System32\wercplsupport.dll (wercplsupport) .(.Microsoft Corporation - Rapports et solutions aux problèmes.) - LEGACY_WERCPLSUPPORT

O64 - Services: CurCS - C:\Windows\System32\wersvc.dll (WerSvc) .(.Microsoft Corporation - Service de rapport d'erreurs Windows.) - LEGACY_WERSVC

O64 - Services: CurCS - C:\Windows\System32\svchost.exe - @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_WINDEFEND

O64 - Services: CurCS - C:\Windows\system32\wsmsvc.dll (WinRM) .(.Microsoft Corporation - Service WSMan.) - LEGACY_WINRM

O64 - Services: CurCS - C:\Windows\System32\wlansvc.dll (Wlansvc) .(.Microsoft Corporation - DLL du service de configuration automatique.) - LEGACY_WLANSVC

O64 - Services: CurCS - C:\Program Files\Windows Media Player\wmpnetwk.exe - @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows M.) - LEGACY_WMPNETWORKSVC

O64 - Services: CurCS - C:\Windows\system32\wpcsvc.dll (WPCSvc) .(.Microsoft Corporation - Service de filtrage du contrôle parental Wi.) - LEGACY_WPCSVC

O64 - Services: CurCS - C:\Windows\System32\wscsvc.dll (wscsvc) .(.Microsoft Corporation - Service Centre de sécurité de Windows.) - LEGACY_WSCSVC

O64 - Services: CurCS - C:\Windows\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH

O64 - Services: CurCS - C:\Windows\system32\wudfsvc.dll (wudfsvc) .(.Microsoft Corporation - Windows Driver Foundation - Service d’infra.) - LEGACY_WUDFSVC

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {9C6F0EE1-5162-4B64-B520-5CA89FF42BC5} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredimail.com

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "MCX-Prov-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe

O87 - FAEL: "TCP Query User{513BB227-233B-4C26-BD57-C21924D5BFE8}C:\windows\system32\electricsheep.scr" |In - Public - P6 - TRUE | .(...) -- C:\windows\system32\electricsheep.scr (.not file.)

O87 - FAEL: "UDP Query User{D0AC1166-46B3-43F2-A318-757B28C65C37}C:\windows\system32\electricsheep.scr" |In - Public - P17 - TRUE | .(...) -- C:\windows\system32\electricsheep.scr (.not file.)

O87 - FAEL: "{670BA0E1-36FD-4FE6-8C15-BD648A86F964}" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "{AF273F81-205F-4001-AE88-DA652B149290}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{7E972A78-B06C-4F32-BF0F-E491AD060905}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{B813FB8F-1849-4BFF-BC14-6BEE20EF096A}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{FAA3BC6D-2BB2-4709-858F-E881B5CA1C12}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{423C1C45-1E64-4E73-A37C-47CAFB5A79C0}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{86EC2D82-3403-420F-97B0-00AEEADD8A62}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{97FCF298-FD23-4A9E-9532-78B800560481}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{DD3CEF26-95DD-4EEF-AFA9-F8A4F54AF1AC}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{7E8D635A-04F3-44A2-87BB-CBC13626E600}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files\Magentic\bin\MgImp.exe (.not file.)

O87 - FAEL: "{947029DD-3B4B-4CF1-BFDE-DF70B138FC3C}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files\Magentic\bin\MgImp.exe (.not file.)

O87 - FAEL: "{39564546-EB96-4850-8C3B-23F5733B3D2E}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{13715F38-A75C-42E3-97C8-E25A2BB37FAB}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{8E0EF65A-A330-4189-B73B-52F5521F3C8A}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{6D6004F5-2787-4F23-9077-4C024359BEC2}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{4604D1A0-A565-4C94-BB35-A0EED3C01AEF}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{A120499A-18D7-4B6C-B893-8686AE65145C}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\Orb.exe (.not file.)

O87 - FAEL: "{F80501F1-BEE0-4135-98A4-4ABDBC2B9A61}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\Orb.exe (.not file.)

O87 - FAEL: "{BB387E48-3176-4443-B8C0-044E7024835A}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe (.not file.)

O87 - FAEL: "{0A8A41AC-59DE-4543-A055-3E578D1D7715}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe (.not file.)

O87 - FAEL: "{059FF725-25FA-4F0F-9D38-0A93087E2438}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\OrbIR.exe (.not file.)

O87 - FAEL: "{622B1FC0-610A-4958-8538-D2741FA7FDBF}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\OrbIR.exe (.not file.)

O87 - FAEL: "{894D5C44-D5C2-4B08-84B7-7C817F90B1E0}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe (.not file.)

O87 - FAEL: "{32586D5F-0D90-4DE9-AC93-B91635A1E7EA}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe (.not file.)

O87 - FAEL: "{032B5ABE-8E64-40B5-8A20-5F61F3A96804}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgemc.exe (.not file.)

O87 - FAEL: "{1875A37F-D4DA-44CC-B31E-FA179BD43DF6}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgupd.exe (.not file.)

O87 - FAEL: "{1BB81F35-06FC-48CA-A855-B5EE9D6CE5F1}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgnsx.exe (.not file.)

O87 - FAEL: "{BFABB3D6-D40D-4C08-AEC3-CC5B6F0669B5}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{B5EEDE5F-87EF-4A9E-8D6F-2EE4BCBBD2CE}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{87EB6DE8-186B-4FC1-82C3-0B3F5BF2BA1B}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{99B597C7-7212-4EFC-AFC0-23F787D72C4A}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{17953C97-3712-4E55-B394-8584B32A7D21}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{AC40A69B-72C6-455C-AA24-91BA4C7CD2C9}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)

O87 - FAEL: "{9FADCF84-5A56-46CA-BC2C-BC08861DC958}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)

O87 - FAEL: "{F53B6D32-D359-499D-BCB4-A1FCEA6AC503}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files\Magentic\bin\Magentic.exe (.not file.)

O87 - FAEL: "{C5C21BFC-A410-4F89-97DA-FC8AFB1ECAE2}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files\Magentic\bin\Magentic.exe (.not file.)

O87 - FAEL: "{B0531C05-D5CE-48E2-B0EF-10DED1B16B06}" |In - Public - P6 - FALSE | .(...) -- C:\Program Files\Magentic\bin\MgApp.exe (.not file.)

O87 - FAEL: "{84ED56C7-E706-4A8F-8DB8-9563E7B44EA5}" |In - Public - P17 - FALSE | .(...) -- C:\Program Files\Magentic\bin\MgApp.exe (.not file.)

O87 - FAEL: "{5C55A501-4FB3-426B-8A4E-AC3ABD80EAAB}" | In - Public - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "{62BD33AD-7904-4B4B-858C-19ED3C5AA322}" | In - Public - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "{90FF4D56-F8C4-43F8-9512-A60E49019464}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "TCP Query User{09B3F444-0F08-4085-87A8-9291300C64D7}C:\program files\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe

O87 - FAEL: "UDP Query User{BBA58B60-5C44-45F9-A877-047B4C0620F5}C:\program files\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe

O87 - FAEL: "{66EAED64-F2FF-496B-974A-2D7F2EFB04ED}" | In - Public - P6 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe

O87 - FAEL: "{645CF95B-8F7A-49D4-847C-2CF026029DDA}" | In - Public - P17 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe

O87 - FAEL: "{112479BA-E61E-4091-B921-54C4A7523DB1}" | In - Public - P6 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files\IncrediMail\bin\ImApp.exe

O87 - FAEL: "{9F94E36A-5E9F-4B82-9294-344D3FD18C91}" | In - Public - P17 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files\IncrediMail\bin\ImApp.exe

O87 - FAEL: "{B878BE75-48AF-487E-B1E8-57C6155F82CF}" | In - Public - P6 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe

O87 - FAEL: "{7DB26202-0788-42F2-A054-63F1107D4C89}" | In - Public - P17 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe

O87 - FAEL: "{05C2BB99-181B-4C15-A053-1099DBF1150F}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{2667C59D-8256-4E82-97F8-79F65020B3B8}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{46FBAB56-721B-416F-B720-DD47F5E58B83}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{198FEB27-9B34-46B0-809E-DF833D7E5EAC}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{DC84F6AB-E847-4877-A611-AADB0C05C429}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{4F3E5365-4BB0-4192-888D-A88DED9E693C}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{0A8CCC7A-ACD4-4E41-A25D-42C64FF3EF7A}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{565513C9-31C0-4353-977A-2BD7F5CF83DF}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "TCP Query User{503DCB47-4154-4684-9DB6-F59E17A1E4D8}C:\program files\microsoft games\fs2002\fs2002.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation.) -- C:\program files\microsoft games\fs2002\fs2002.exe

O87 - FAEL: "UDP Query User{37D1A014-6CCE-4D6E-910B-39AA5B804808}C:\program files\microsoft games\fs2002\fs2002.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation.) -- C:\program files\microsoft games\fs2002\fs2002.exe

O87 - FAEL: "{ED119FE9-2DAC-4AF3-BC1C-D90D0E2F82CD}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "TCP Query User{71EDC7A8-FEF2-4875-B5F2-EC355EDAB8C7}C:\windows\system32\electricsheep.scr" |In - Private - P6 - TRUE | .(...) -- C:\windows\system32\electricsheep.scr (.not file.)

O87 - FAEL: "UDP Query User{84776E06-B8D7-467E-9571-9CE308BA6E94}C:\windows\system32\electricsheep.scr" |In - Private - P17 - TRUE | .(...) -- C:\windows\system32\electricsheep.scr (.not file.)

O87 - FAEL: "TCP Query User{5FBA5720-3821-4072-86C8-811B42F407BC}C:\program files\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe

O87 - FAEL: "UDP Query User{2F2EAB98-D4E0-4610-B8DB-F4F4EF56126C}C:\program files\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe

O87 - FAEL: "{7CF18256-AEB1-4CD2-A009-2CF6041CEC4F}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{6109A0B4-01BA-4418-84EA-DA200796466A}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{5F854C8E-C2F5-4256-9DA6-533D44CD6D6C}" | In - Private - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "{33F04C34-DD16-4896-8F0A-A742CE9FA152}" | In - Private - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "{FCEEB011-A33C-4539-95EB-19BEDC47469D}" | In - Private - P6 - TRUE | .(.Soft&Fun - Pas de description.) -- C:\Program Files\WinBrick2000\Brick2K.exe

O87 - FAEL: "{38C1010B-8BB8-4014-9FC8-72D98845CC4F}" | In - Private - P17 - TRUE | .(.Soft&Fun - Pas de description.) -- C:\Program Files\WinBrick2000\Brick2K.exe

O87 - FAEL: "TCP Query User{8735147C-2DAC-46D7-990B-9E28A2E21A33}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe

O87 - FAEL: "UDP Query User{569B46DB-914A-457E-956D-9FF07183729E}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe

O87 - FAEL: "{CD99B7D1-BC98-4187-9CCD-51A12C36E8B3}" | In - Private - P6 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe

O87 - FAEL: "{785C2F40-504B-4921-B334-8C44E5C0F8C8}" | In - Private - P17 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe

O87 - FAEL: "{F4C8ABC7-939A-4AB3-9E49-F62594C25D53}" | In - Private - P6 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files\IncrediMail\bin\ImApp.exe

O87 - FAEL: "{84C5DB97-3A3D-420E-A334-F114DDC1E7D2}" | In - Private - P17 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files\IncrediMail\bin\ImApp.exe

O87 - FAEL: "{3B59F7A5-CD75-44BC-A2BA-DDDE33BB37D0}" | In - Private - P6 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe

O87 - FAEL: "{B9157A76-C000-4362-BDD5-BB08C731A0AE}" | In - Private - P17 - TRUE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe

O87 - FAEL: "{A503F03E-41FD-4B6A-932F-6FD9A5D90E8E}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Henri\AppData\Local\Temp\ImInstaller\3d_magic_installer.exe (.not file.)

O87 - FAEL: "{A7CF110E-38B8-4330-B9D8-D71F0AEF7998}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Henri\AppData\Local\Temp\ImInstaller\3d_magic_installer.exe (.not file.)

O87 - FAEL: "{89D170E5-5906-4138-AA5F-2E090BA1380D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{83043C2D-1172-490B-BE94-DF116BD6F49A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{CA879235-895B-4495-B15B-9123F8CB423B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{6E5EB645-9B43-4949-8202-8E5D7B373E74}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{391FD405-3AE9-4EF0-B565-A83553CF01BE}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{1967F365-63C4-4DA3-9A72-872DD15921BF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{F748BAF5-7BD3-4AFD-9557-C1BB3C62404A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{CABA0D4B-5C00-4C1E-B7E1-E5804A182DC9}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{F92246C3-6D9F-4041-A6FC-D754EE4743BC}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{9C653F3D-F607-47A7-84F2-C3ED53E265F7}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{A0E68934-3E85-405F-8F57-036B30FE7F32}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{C99C4284-F408-4CA9-A9C0-26780F1B8745}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{EDFFE2C4-0DD8-4CB4-8D64-1AFE3CFC261E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{EEC597F7-431C-4FB1-87C4-C7159192FCB9}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{951E9273-881A-4BC0-A8EE-87AFF11F1D0A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{A3ADC998-49F6-4880-917D-0ED01C20E6B3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{875732E9-62A2-4E3C-A153-C09899AE065A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{38FEB912-C530-4074-AC98-28666B93734B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{F3F6979A-E102-4C55-9D0D-E6E8B95DB348}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{E609438B-2FF7-45C6-B56A-083CCB6F081C}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{B7D2BAF2-F04C-45A0-A029-776006885DE5}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{231EBB7A-F8F1-4A1D-B627-B6F1900D770C}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{E579EFA1-E227-4413-B8A3-83A7AC37CCEE}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{9D8F0280-7152-4592-A347-87F501730A4E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{AE57844E-A8F4-4570-89D0-C11F4DCAAEEE}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe (.not file.)

O87 - FAEL: "{1A179100-3E34-4B99-9762-D29816F39424}" | In - Private - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe

O87 - FAEL: "{307A1609-7894-470E-966B-D2EF8602B07E}" | In - Private - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe

O87 - FAEL: "TCP Query User{F75E00C3-67C0-45DC-84A8-D91046A26F1D}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe

O87 - FAEL: "UDP Query User{09C9F11C-6895-4FFE-B694-A573B5DAA4AA}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe

O87 - FAEL: "{F240B9D7-BDDC-4037-8AD0-F46AF1DAF1D2}" | In - Domain - P6 - TRUE | .(.SiSoftware - SiSoftware Deployment Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe

O87 - FAEL: "{F96604CD-5C92-4EF9-8F67-26FEDF8923BB}" | In - None - P1 - TRUE | .(.SiSoftware - SiSoftware Deployment Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe

O87 - FAEL: "{EBBDDB63-87FA-4A97-984A-130E0093A550}" | In - Domain - P6 - TRUE | .(.SiSoftware - SiSoftware Sandra Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\RpcSandraSrv.exe

O87 - FAEL: "{0AF1D262-1BBC-47D5-B4FA-268420279BDD}" | In - None - P1 - TRUE | .(.SiSoftware - SiSoftware Sandra Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\RpcSandraSrv.exe

O87 - FAEL: "{96FA6E5A-58AC-40EE-87D5-93B91B462FE7}" | In - Domain - P6 - TRUE | .(.SiSoftware - SiSoftware Sandra Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\RpcSandraSrv.exe

O87 - FAEL: "{C50EC2BA-3CCF-4282-9034-8ECA8F5EFE55}" | In - None - P1 - TRUE | .(.SiSoftware - SiSoftware Sandra Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\RpcSandraSrv.exe

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 07/10/2007 427288 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

SS - | Auto 05/10/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe

SS - | Demand 16/04/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 20/09/2007 610304 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe

SR - | Auto 07/09/2010 40384 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SR - | Demand 07/09/2010 40384 | (avast! Mail Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SR - | Demand 07/09/2010 40384 | (avast! Web Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SR - | Auto 08/04/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 14/11/2006 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

SS - | Auto 21/04/2009 133104 | (gupdate1c9c2981aea6420) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 26/03/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 12/02/2007 355096 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

SS - | Demand 28/04/2010 545576 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Disabled 04/01/2010 90352 | (PCPitstop Scheduling) . (.PC Pitstop LLC.) - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe

SR - | Demand 24/08/2009 93336 | (SandraAgentSrv) . (.SiSoftware.) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe

SR - | Auto 29/10/2007 95624 | (TempoMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files\Toshiba TEMPO\TempoSVC.exe

SR - | Auto 19/09/2007 77824 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

SR - | Auto 25/05/2006 114688 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SR - | Auto 29/03/2007 427576 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SR - | Auto 08/10/2007 493200 | (TryAndDecideService) . (.Pas de propriétaire.) - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

SR - | Auto 23/08/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

SR - | Auto 02/11/2006 22016 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by Henri at 20/02/2011 17:32:51

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys

C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver

1 ntkrnlpa!IofCallDriver[0x82827F3B] -> \Device\Harddisk0\DR0[0x8694B0E8]

3 ntkrnlpa[0x828B07E2] -> ntkrnlpa!IofCallDriver[0x82827F3B] -> [0x856166A8]

5 acpi[0x8046932A] -> ntkrnlpa!IofCallDriver[0x82827F3B] -> \Device\Ide\IAAStorageDevice-0[0x8561C030]

kernel: MBR read successfully

user & kernel MBR OK

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Henri at 20/02/2011 17:32:51

Use the desktop link 'MBRCheck' to have full report

 

 

 

End of the scan (1237 lines in 01mn 06s)(0)

[Tonton]

Ton PC est infecté.

 

Comme tu dis utiliser régulièrement MBAM et n'avoir rien trouvé, je t'invite à faire un saut par "la case désinfection".

 

Pour ce faire, crée stp un nouveau sujet ds la section "Analyse et éradication des malwares" :

 

Pour que le helper qui te prendra en charge soit informé des manips déjà réalisées, copie-colle ds ton nouveau sujet le lien que tu trouveras en cliquant sur le n° du présent Post.

 

A noter aussi que Java et Adobe Reader ne sont plus à jour.

 

Bonne continuation !

Modifié le 20 février 2011 par Tonton57

[gaspar]

alors on se quitte ? quel dommage, et je ne comprends pas avec toutes les protections et le peu de sites visités, en tout cas grand merci pour ton désintéressement et ta serviabilité, ta disponibilité, je t'admire, je te dis au revoir et non adieu, et encore un grand merci,

p.s je n'ai pas compris pourquoi les messages antérieurs de ce post étaient déformés à la relecture

[Tonton]

Salut gaspar,

 

Ca a été un plaisir de t'aider.

Le souci des messages déformés à la relecture est peut-être lié à l'infection constatée : n'oublie pas d'en faire part aux helpers de la section "Analyse et éradication des malwares".

Tu verras, tu vas être pris en charge par de véritables experts qui vont résoudre ton roblème.

 

Je reste bien entendu à ta disposition pour tout éventuelle interrogation à venir.

 

Bon continuation, l'ami !

Tonton