PC infecté avec 16 Malwares

[tournedos]

Bonjour,

 

J'ai trouvé, ca dit que j'ai déjà le logiciel et il me demande si je veux le réinstaller...j'ai dit oui

 

Je reviens après

[tournedos]

Rapport de ZHPDiag v1.27.18 par Nicolas Coolman, Update du 19/03/2011

Run by mimi at 2011-03-23 15:13:22

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.19019 (Defaut)

 

---\\ System Information

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1012 MB (19% free)

System Restore: Activé (Enable)

System drive C: has 218 GB (75%) free of 289 GB

 

---\\ Logged in mode

Computer Name: PC-DE-MIMI

User Name: mimi

All Users Names: mimi, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\mimi\AppData\Roaming

%LocalAppData%=C:\Users\mimi\AppData\Local

%StartMenu%=C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 218 Go of 289 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.2009-04-11 01:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2008-01-20 21:23:42.) -- C:\Windows\System32\Wininit.exe [96768]

[MD5.74BCC23D622F32DA0450D164735ACAB1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2010-12-18 01:27:04.) -- C:\Windows\System32\wininet.dll [916480]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.2009-04-11 01:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]

[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-04-11 01:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2009-04-11 01:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]

 

 

 

---\\ Processus lancés

[MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880]

[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536]

[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784]

[MD5.392845E8D49B5F0E81AAC4D795000A8C] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792]

[MD5.03B4BD7A96C004FE8EEEB9F2BC1F413A] - (.Vidéotron - Agent de services Vidéotron.) -- C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe [4318520]

[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3451496]

[MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152]

[MD5.409E5B10053382C9D339BAEAA6584999] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424]

[MD5.B76195C8E8845FF2A8FA658709345DE2] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656]

[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]

[MD5.EF4EE38DEF63166D8C2B369FD03029E3] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe [160592]

[MD5.CF03C8F6F6B0D71F6E5BCE167FCF7CA6] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360]

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]

[MD5.1CF370D5C495F52DB8B83346BDF3AE7C] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]

[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]

[MD5.8A96CEAF576F92E3D9C47ADDAE85DF78] - (.Webshots.com - Webshots Photo Manager.) -- C:\PROGRA~1\Webshots\Webshots.scr [3446088]

[MD5.745C54B66C61E9B52318D329D62708DD] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658432]

[MD5.80B8AE8E18FF57BE13FF4A5959DB0EC1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320]

[MD5.F0898E9BD7C914FB7389F393D189B32F] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [569344]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@radialpoint.com/SPA,version=1] - (.Vidéotron - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\nprpspa.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-2164166307-1310619440-4161934922-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Clé orpheline

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Clé orpheline

O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [VideotronSA.exe] . (.Vidéotron - Agent de services Vidéotron.) -- C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe

O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (.not file.)

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-2164166307-1310619440-4161934922-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-21-2164166307-1310619440-4161934922-1000\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk . (.Webshots.com.) -- C:\Program Files\Webshots\Launcher.exe

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\mimi\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Users\mimi\Desktop\Courrier.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\Desktop\Documents.lnk . (...) -- C:\Users\mimi\Documents

O4 - Global Startup: C:\Users\mimi\Desktop\Favoris.lnk . (...) -- C:\Users\mimi\Favorites

O4 - Global Startup: C:\Users\mimi\Desktop\Internet.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\Desktop\Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - Global Startup: C:\Users\mimi\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe

O4 - Global Startup: C:\Users\mimi\Desktop\Webshots Desktop.lnk . (.Webshots.com.) -- C:\Program Files\Webshots\Launcher.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Courrier.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Jouer à Mes jeux.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Run.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Barre RoboForm - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Enregistrer le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll

O8 - Extra context menu item: Personnaliser le menu - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Remplir le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.)

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Barre RoboForm - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS1\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS2\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS3\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AGWinService) - Clé orpheline

O23 - Service: (Apple Mobile Device) . (.Apple, Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (avg8emc) - Clé orpheline

O23 - Service: (avg8wd) - Clé orpheline

O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) - Clé orpheline

O23 - Service: (ServicepointService) . (.Radialpoint Inc. - Pas de description.) - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

O23 - Service: (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EasyShare Registration Task.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleFormimi.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{48152027-D49C-4742-A93F-27B7EBA78948}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\WebReg Deskjet F4100 series.job

[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [HPCeeScheduleFormimi] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [WebReg Deskjet F4100 series] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{9C88BA63-6AF0-4B54-93FF-336886DB3D7E}] (.Pas de propriétaire.) -- C:\Users\mimi\AppData\Local\Temp\Temp1_Standard_Monitor_Driver_Signed_Vista_x64_070717[1].zip\Standard_Monitor_Driver_Signed_Vista_x64_070717

[MD5.00000000000000000000000000000000] [APT] [{C0F42BB1-69D5-4B89-8476-D0D804D132CE}] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Reminders - mimi] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [MP Scheduled Scan] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [scheduled Maintenance] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [scheduled Maintenance Swap] (.Pas de propriétaire.) -- (.not file.)

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (AvgLdx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\system32\Drivers\avgldx86.sys

O41 - Driver: (AvgMfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\system32\Drivers\avgmfx86.sys

O41 - Driver: (AvgTdiX) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\system32\Drivers\avgtdix.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Agent de services Vidéotron 3.7.44 - (.Vidéotron.) [HKLM] -- RadialpointClientGateway_is1

O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\AVAST Software]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Aurigma]

[HKCU\Software\AppDataLow\Software\AVG]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Smart-Shopper]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\ArcSoft]

[HKCU\Software\Big Fish Games]

[HKCU\Software\Binary Noise]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Kodak]

[HKCU\Software\Leadertech]

[HKCU\Software\Licenses]

[HKCU\Software\LightScribe]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Logitech]

[HKCU\Software\MGS]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Masque]

[HKCU\Software\Meetstream]

[HKCU\Software\MimarSinan]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\PCTools]

[HKCU\Software\Paint.NET]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\RadialPoint]

[HKCU\Software\Realtek]

[HKCU\Software\Screensaver Factory]

[HKCU\Software\Siber Systems]

[HKCU\Software\Softdisk LLC]

[HKCU\Software\Softthinks]

[HKCU\Software\TERMINAL Studio]

[HKCU\Software\WebShot]

[HKCU\Software\Webshots]

[HKCU\Software\Windows Live]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\http://www.ecran-de-veille.com]

[HKCU\Software\keyhole.com]

[HKLM\Software\ALWIL Software]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\BackWeb]

[HKLM\Software\Big Fish Games]

[HKLM\Software\CA561B]

[HKLM\Software\CCleaner]

[HKLM\Software\CXT]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conexant Systems]

[HKLM\Software\CyberLink]

[HKLM\Software\Debug]

[HKLM\Software\GST]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Kodak]

[HKLM\Software\Labtec]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\Logitech]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\ODBC]

[HKLM\Software\PCTools]

[HKLM\Software\Paint.NET]

[HKLM\Software\Policies]

[HKLM\Software\Python]

[HKLM\Software\Radialpoint]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SDLLC]

[HKLM\Software\SRS Labs]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Siber Systems]

[HKLM\Software\Sonic]

[HKLM\Software\SymDebug]

[HKLM\Software\Symantec]

[HKLM\Software\SystemAct]

[HKLM\Software\TLC]

[HKLM\Software\The Learning Company]

[HKLM\Software\ViewSonic Corporation]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\WholeSecurity]

[HKLM\Software\Windows]

[HKLM\Software\Yahoo]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 2010-07-25 - 17:23:38 - [11748894] ----D- C:\Program Files\a-squared Free

O43 - CFD: 2009-08-27 - 01:41:36 - [128729474] ----D- C:\Program Files\Adobe

O43 - CFD: 2010-03-12 - 20:50:06 - [152660156] ----D- C:\Program Files\Alwil Software

O43 - CFD: 2010-10-12 - 10:38:54 - [2221118] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 2008-12-14 - 22:27:34 - [0] ----D- C:\Program Files\ArcSoft

O43 - CFD: 2010-03-13 - 23:01:00 - [0] ----D- C:\Program Files\AWS

O43 - CFD: 2011-03-03 - 23:19:34 - [6988263] ----D- C:\Program Files\bfgclient

O43 - CFD: 2010-10-12 - 13:11:14 - [392881] ----D- C:\Program Files\Bonjour

O43 - CFD: 2010-03-08 - 15:00:56 - [1327120] ----D- C:\Program Files\CCleaner

O43 - CFD: 2010-05-09 - 02:25:26 - [1025943615] ----D- C:\Program Files\Common Files

O43 - CFD: 2008-02-19 - 00:46:10 - [1024000] ----D- C:\Program Files\CONEXANT

O43 - CFD: 2008-02-19 - 01:08:04 - [735040696] ----D- C:\Program Files\CyberLink

O43 - CFD: 2010-07-24 - 02:52:38 - [26552477] ----D- C:\Program Files\Emsisoft Anti-Malware

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 2011-02-16 - 18:53:12 - [2908240] ----D- C:\Program Files\Google

O43 - CFD: 2009-10-10 - 22:03:22 - [115240047] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 2011-03-04 - 02:58:58 - [167587410] ----D- C:\Program Files\Hidden Expedition - Amazon

O43 - CFD: 2008-07-08 - 15:42:10 - [133852165] ----D- C:\Program Files\HP

O43 - CFD: 2010-04-10 - 00:17:04 - [61467250] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 2011-02-09 - 07:45:38 - [5699790] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 2011-03-23 - 14:59:26 - [89298744] ----D- C:\Program Files\Java

O43 - CFD: 2008-06-30 - 21:56:44 - [122240459] ----D- C:\Program Files\Kodak

O43 - CFD: 2008-09-02 - 21:43:58 - [79802142] ----D- C:\Program Files\Labtec

O43 - CFD: 2010-12-10 - 03:13:24 - [749576] ----D- C:\Program Files\LimeWire

O43 - CFD: 2011-03-21 - 18:30:20 - [4952964] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 2010-10-22 - 05:00:42 - [526291] ----D- C:\Program Files\Microsoft

O43 - CFD: 2006-11-02 - 08:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 2008-08-21 - 13:08:42 - [366533155] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 2011-03-19 - 04:09:58 - [39396803] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 2008-11-20 - 16:43:06 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 2010-12-15 - 04:13:06 - [144641984] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 2010-06-25 - 07:07:36 - [8167779] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 2010-08-13 - 02:02:02 - [99342446] ----D- C:\Program Files\Movie Maker

O43 - CFD: 2008-05-05 - 15:42:56 - [3921216] ----D- C:\Program Files\MP3 Player Utilities

O43 - CFD: 2006-11-02 - 08:37:36 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 2008-08-18 - 23:09:26 - [27815471] ----D- C:\Program Files\MSECache

O43 - CFD: 2008-05-05 - 15:28:36 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 2008-02-19 - 01:09:04 - [155434389] ----D- C:\Program Files\muvee Technologies

O43 - CFD: 2009-10-10 - 22:04:24 - [116363] R---D- C:\Program Files\Online Services

O43 - CFD: 2008-08-18 - 23:59:20 - [0] ----D- C:\Program Files\OpenOffice.org 2.4

O43 - CFD: 2008-09-09 - 22:29:20 - [9326446] ----D- C:\Program Files\Paint.NET

O43 - CFD: 2010-10-12 - 10:45:46 - [76337719] ----D- C:\Program Files\QuickTime

O43 - CFD: 2009-10-29 - 18:53:32 - [3684999] ----D- C:\Program Files\Radialpoint

O43 - CFD: 2008-08-18 - 23:04:38 - [62844252] ----D- C:\Program Files\Realtek

O43 - CFD: 2006-11-02 - 08:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 2008-07-01 - 17:29:42 - [11093081] ----D- C:\Program Files\Siber Systems

O43 - CFD: 2006-11-02 - 09:01:56 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 2009-10-29 - 18:52:22 - [9780409] ----D- C:\Program Files\Videotron

O43 - CFD: 2010-03-09 - 02:40:36 - [12435208] ----D- C:\Program Files\Webshots

O43 - CFD: 2009-09-19 - 01:36:18 - [1016832] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 2009-09-19 - 01:36:14 - [2737152] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 2009-09-19 - 01:36:00 - [4490624] ----D- C:\Program Files\Windows Defender

O43 - CFD: 2009-09-19 - 01:36:14 - [7084664] ----D- C:\Program Files\Windows Journal

O43 - CFD: 2010-10-22 - 04:58:06 - [146671059] ----D- C:\Program Files\Windows Live

O43 - CFD: 2010-03-12 - 21:33:34 - [1303] ----D- C:\Program Files\Windows Live Toolbar

O43 - CFD: 2011-02-09 - 07:45:40 - [9116344] ----D- C:\Program Files\Windows Mail

O43 - CFD: 2010-10-14 - 03:33:04 - [4498121] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 2008-05-03 - 23:12:08 - [7957544] ----D- C:\Program Files\Windows NT

O43 - CFD: 2009-09-19 - 01:36:10 - [13528738] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 2009-11-18 - 04:20:38 - [134144] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 2009-09-19 - 01:36:16 - [7866954] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 2008-12-07 - 22:22:58 - [0] ----D- C:\Program Files\Yahoo!

O43 - CFD: 2011-03-23 - 15:13:46 - [3614704] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 2009-08-27 - 01:41:54 - [10887811] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 2010-10-12 - 10:39:26 - [75145842] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 2008-12-14 - 22:27:36 - [55974] ----D- C:\Program Files\Common Files\ArcSoft

O43 - CFD: 2008-08-21 - 13:08:38 - [92976] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 2008-05-22 - 17:28:44 - [457237] ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 2008-02-19 - 00:58:46 - [5160872] ----D- C:\Program Files\Common Files\HP

O43 - CFD: 2008-02-19 - 01:23:28 - [14028235] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 2011-03-23 - 14:59:24 - [1247175] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 2008-12-14 - 22:08:20 - [3266818] ----D- C:\Program Files\Common Files\Kodak

O43 - CFD: 2008-05-05 - 15:14:10 - [12725285] ----D- C:\Program Files\Common Files\Labtec

O43 - CFD: 2009-08-04 - 15:50:14 - [32098444] ---AD- C:\Program Files\Common Files\LightScribe

O43 - CFD: 2011-03-23 - 15:03:32 - [34024836] ----D- C:\Program Files\Common Files\LogiShrd

O43 - CFD: 2009-01-04 - 18:57:44 - [1337318] ----D- C:\Program Files\Common Files\Logitech

O43 - CFD: 2008-02-19 - 01:08:14 - [56415] ---AD- C:\Program Files\Common Files\LS Getting Started

O43 - CFD: 2010-10-22 - 04:55:08 - [436768674] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 2008-12-14 - 22:07:54 - [651776] ----D- C:\Program Files\Common Files\MSSoap

O43 - CFD: 2008-02-19 - 01:09:04 - [49399251] ----D- C:\Program Files\Common Files\muvee Technologies

O43 - CFD: 2009-04-25 - 21:05:40 - [1963995] ----D- C:\Program Files\Common Files\PC Tools

O43 - CFD: 2006-11-02 - 07:18:34 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 2006-11-02 - 07:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 2008-05-26 - 00:35:42 - [1811224] ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 2009-09-19 - 01:36:10 - [42750094] ----D- C:\Program Files\Common Files\System

O43 - CFD: 2010-05-09 - 02:25:26 - [218474680] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 2008-05-04 - 00:03:44 - [42434246] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 2009-08-27 - 01:41:48 - [764] ----D- C:\ProgramData\Adobe

O43 - CFD: 2010-03-12 - 20:50:06 - [36268507] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 2008-05-05 - 02:15:14 - [31628800] ----D- C:\ProgramData\Apple

O43 - CFD: 2010-10-12 - 10:45:14 - [26921472] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 2008-12-14 - 22:15:28 - [1273] ----D- C:\ProgramData\ArcSoft

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 2008-06-12 - 01:06:30 - [7396] ----D- C:\ProgramData\CyberLink

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 2011-02-16 - 18:53:12 - [523440] ----D- C:\ProgramData\Google

O43 - CFD: 2009-10-10 - 22:03:22 - [1146652] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 2008-09-09 - 22:13:24 - [1844516] ----D- C:\ProgramData\HP

O43 - CFD: 2010-07-24 - 02:51:32 - [8979] ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 2008-05-22 - 17:53:18 - [265] ----D- C:\ProgramData\HPSSUPPLY

O43 - CFD: 2008-06-30 - 21:58:10 - [207213439] ----D- C:\ProgramData\Kodak

O43 - CFD: 2008-06-12 - 01:07:32 - [390] ----D- C:\ProgramData\LightScribe

O43 - CFD: 2011-03-23 - 15:03:32 - [227] ----D- C:\ProgramData\Logishrd

O43 - CFD: 2008-09-02 - 21:44:16 - [0] ----D- C:\ProgramData\Logitech

O43 - CFD: 2010-08-12 - 23:43:22 - [14174432] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 2011-02-16 - 18:49:48 - [1062] ----D- C:\ProgramData\McAfee

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 2008-09-06 - 23:03:56 - [185795921] ----D- C:\ProgramData\MGS

O43 - CFD: 2010-10-22 - 04:55:52 - [312262680] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 2010-12-15 - 04:07:12 - [57040] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 2008-02-19 - 01:09:00 - [0] ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 2009-04-25 - 20:19:40 - [0] ----D- C:\ProgramData\PC Tools

O43 - CFD: 2010-10-26 - 16:16:40 - [804734] ----D- C:\ProgramData\Radialpoint

O43 - CFD: 2008-07-01 - 17:30:46 - [96] ----D- C:\ProgramData\RoboForm

O43 - CFD: 2010-12-07 - 04:54:54 - [0] ----D- C:\ProgramData\Softdisk LLC

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 2010-03-31 - 23:27:54 - [364] ----D- C:\ProgramData\Sun

O43 - CFD: 2011-03-10 - 02:54:46 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 2006-11-02 - 09:02:06 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 2009-10-29 - 18:52:22 - [3080] ----D- C:\ProgramData\Videotron

O43 - CFD: 2009-10-29 - 18:52:32 - [0] ----D- C:\ProgramData\Vidéotron

O43 - CFD: 2008-05-22 - 17:43:06 - [236] ----D- C:\ProgramData\WEBREG

O43 - CFD: 2009-06-09 - 14:05:06 - [0] ----D- C:\ProgramData\WindowsSearch

O43 - CFD: 2008-12-07 - 22:25:02 - [0] ----D- C:\ProgramData\Winferno

O43 - CFD: 2008-11-20 - 16:40:40 - [582292] ----D- C:\ProgramData\WLInstaller

O43 - CFD: 2008-05-09 - 02:35:28 - [2309772] ----D- C:\Users\mimi\AppData\Roaming\Adobe

O43 - CFD: 2008-05-05 - 02:19:10 - [151308] ----D- C:\Users\mimi\AppData\Roaming\Apple Computer

O43 - CFD: 2008-12-14 - 22:21:04 - [288022] ----D- C:\Users\mimi\AppData\Roaming\ArcSoft

O43 - CFD: 2010-07-22 - 16:46:44 - [0] ----D- C:\Users\mimi\AppData\Roaming\CBS Interactive

O43 - CFD: 2008-06-15 - 00:23:42 - [8768884] ----D- C:\Users\mimi\AppData\Roaming\CyberLink

O43 - CFD: 2009-07-16 - 00:10:34 - [34637] ----D- C:\Users\mimi\AppData\Roaming\Google

O43 - CFD: 2009-10-10 - 22:03:22 - [24705] ----D- C:\Users\mimi\AppData\Roaming\Hewlett-Packard

O43 - CFD: 2008-05-28 - 03:39:48 - [229016] ----D- C:\Users\mimi\AppData\Roaming\HP

O43 - CFD: 2009-10-17 - 17:17:34 - [37120] ----D- C:\Users\mimi\AppData\Roaming\HpUpdate

O43 - CFD: 2008-05-03 - 23:22:26 - [0] ----D- C:\Users\mimi\AppData\Roaming\Identities

O43 - CFD: 2008-06-07 - 20:17:44 - [1210814] ----D- C:\Users\mimi\AppData\Roaming\LANCITE

O43 - CFD: 2008-09-02 - 21:46:56 - [272] ----D- C:\Users\mimi\AppData\Roaming\Leadertech

O43 - CFD: 2010-12-10 - 03:13:24 - [16114637] ----D- C:\Users\mimi\AppData\Roaming\LimeWire

O43 - CFD: 2008-05-03 - 23:21:14 - [1664] ----D- C:\Users\mimi\AppData\Roaming\Macromedia

O43 - CFD: 2010-08-12 - 23:43:48 - [15231047] ----D- C:\Users\mimi\AppData\Roaming\Malwarebytes

O43 - CFD: 2006-11-02 - 08:37:36 - [0] ----D- C:\Users\mimi\AppData\Roaming\Media Center Programs

O43 - CFD: 2010-03-06 - 02:13:04 - [21424261] -S--D- C:\Users\mimi\AppData\Roaming\Microsoft

O43 - CFD: 2010-06-02 - 01:01:22 - [0] ----D- C:\Users\mimi\AppData\Roaming\Mozilla

O43 - CFD: 2008-08-18 - 23:17:36 - [15090575] ----D- C:\Users\mimi\AppData\Roaming\OpenOffice.org2

O43 - CFD: 2009-04-25 - 20:19:40 - [0] ----D- C:\Users\mimi\AppData\Roaming\PC Tools

O43 - CFD: 2008-06-30 - 21:58:34 - [0] ----D- C:\Users\mimi\AppData\Roaming\Skinux

O43 - CFD: 2008-05-03 - 23:23:08 - [0] ----D- C:\Users\mimi\AppData\Roaming\Symantec

O43 - CFD: 2009-10-29 - 18:52:42 - [7354244] ----D- C:\Users\mimi\AppData\Roaming\Videotron

O43 - CFD: 2009-10-29 - 18:52:44 - [0] ----D- C:\Users\mimi\AppData\Roaming\Vidéotron

O43 - CFD: 2008-12-22 - 03:50:24 - [22779132] ----D- C:\Users\mimi\AppData\Roaming\Webshots

O43 - CFD: 2008-08-18 - 23:04:28 - [0] ----D- C:\Users\mimi\AppData\Roaming\WinBatch

O43 - CFD: 2010-10-25 - 08:41:52 - [295] ----D- C:\Users\mimi\AppData\Roaming\Windows Live Writer

O43 - CFD: 2008-05-04 - 00:42:26 - [0] ----D- C:\Users\mimi\AppData\Roaming\Yahoo!

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.CF721E064F489AB8C52CFC2D8A3B5C17] - 2008-01-02 - 03:27:00 ---A- . (...) -- C:\Windows\System32\iglhxo32.vp [2096]

O44 - LFC:[MD5.46537E443C84983A1E2D7A7744C275D1] - 2008-03-25 - 16:46:42 ---A- . (...) -- C:\Windows\System32\iglhxs32.vp [32896]

O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 2009-07-16 - 12:30:03 ---A- . (...) -- C:\Windows\System32\WsmTxt.xsl [2426]

O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 2009-07-16 - 12:30:03 ---A- . (...) -- C:\Windows\System32\wsmanconfig_schema.xml [4675]

O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 2009-08-01 - 01:27:37 ---A- . (...) -- C:\Windows\System32\winrm.vbs [201184]

O44 - LFC:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 2011-02-23 - 09:54:55 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\drivers\aswFsBlk.sys [19544]

O44 - LFC:[MD5.B0F137F664F10829CD2380B0E20E7C29] - 2011-02-23 - 09:55:03 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [53592]

O44 - LFC:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 2011-02-23 - 09:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [25432]

O44 - LFC:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 2011-02-23 - 09:55:49 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\drivers\aswTdi.sys [49240]

O44 - LFC:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 2011-02-23 - 09:56:45 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [301528]

O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 2011-02-23 - 09:56:55 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [371544]

O44 - LFC:[MD5.C6E1D434F1F3A5226B0DDFDF84B12677] - 2011-02-23 - 10:04:17 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016]

O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 2011-02-23 - 10:04:21 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648]

O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 2011-03-05 - 10:43:20 ---A- . (...) -- C:\Windows\System32\config.nt [2577]

O44 - LFC:[MD5.62F534791AE488A475A3E508D92AF4CC] - 2011-03-20 - 03:29:27 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [2307072]

O44 - LFC:[MD5.CADB1C9B8CE4F23EC49BD3B713DBE027] - 2011-03-20 - 03:29:28 ---A- . (.Intel Corporation - LDDM User Mode Driver for Intel® Graphics.) -- C:\Windows\System32\igdumd32.dll [3301376]

O44 - LFC:[MD5.BC74A74B020374D280FB8DB82FCB8D55] - 2011-03-20 - 03:29:30 ---A- . (.Intel Corporation - hccutils Module.) -- C:\Windows\System32\hccutils.dll [106496]

O44 - LFC:[MD5.829ABAD7E87B155C25B69C41A872CF5D] - 2011-03-20 - 03:29:30 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.dll [48640]

O44 - LFC:[MD5.1CF370D5C495F52DB8B83346BDF3AE7C] - 2011-03-20 - 03:29:31 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.exe [256536]

O44 - LFC:[MD5.FBDD6B407BEF4524D71363E8D820C24B] - 2011-03-20 - 03:29:32 ---A- . (.Intel Corporation - igfxpph Module.) -- C:\Windows\System32\igfxpph.dll [204800]

O44 - LFC:[MD5.5B69A33D1F6AB3BB734B9BEF4099160B] - 2011-03-20 - 03:29:33 ---A- . (.Intel Corporation - igfxcfg Module.) -- C:\Windows\System32\igfxcfg.exe [539160]

O44 - LFC:[MD5.BADB93F5B0EED724DC833C3A5A330CF8] - 2011-03-20 - 03:29:33 ---A- . (.Intel Corporation - igfxcpl Module.) -- C:\Windows\System32\igfxcpl.cpl [122880]

O44 - LFC:[MD5.AC88A8E42CDD202F83C39AAC5CBFB105] - 2011-03-20 - 03:29:33 ---A- . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll [204800]

O44 - LFC:[MD5.409E5B10053382C9D339BAEAA6584999] - 2011-03-20 - 03:29:34 ---A- . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424]

O44 - LFC:[MD5.767B74C5242D0F33E610F31A2363D7F6] - 2011-03-20 - 03:29:34 ---A- . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848]

O44 - LFC:[MD5.495F21584FC2875F8C824755CE52BBF1] - 2011-03-20 - 03:29:34 ---A- . (.Intel Corporation - igfxdo Module.) -- C:\Windows\System32\igfxdo.dll [135168]

O44 - LFC:[MD5.93A472E1FB39AF5A7E8315CDBDDC1806] - 2011-03-20 - 03:29:35 ---A- . (.Intel Corporation - igfxress Module.) -- C:\Windows\System32\igfxress.dll [3293184]

O44 - LFC:[MD5.B76195C8E8845FF2A8FA658709345DE2] - 2011-03-20 - 03:29:40 ---A- . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656]

O44 - LFC:[MD5.B94049ED36059FB37B0D077C855F159E] - 2011-03-20 - 03:29:41 ---A- . (.Intel Corporation - igfxTMM Module.) -- C:\Windows\System32\igfxTMM.dll [241664]

O44 - LFC:[MD5.7570C98D7BCFB09DF159A9CFDD9592AD] - 2011-03-20 - 03:29:42 ---A- . (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxext.exe [170520]

O44 - LFC:[MD5.98467169F5C85138FDE29A85C268C8F5] - 2011-03-20 - 03:29:43 ---A- . (.Intel Corporation - Oemdspif Module.) -- C:\Windows\System32\oemdspif.dll [69632]

O44 - LFC:[MD5.150B8CE4F300CAF1C7F10B2130AFBFF0] - 2011-03-20 - 03:29:43 ---A- . (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxexps.dll [24576]

O44 - LFC:[MD5.0CC1F17E8B2D6210708B6E4920EF0642] - 2011-03-20 - 03:29:44 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrara.lrc [159744]

O44 - LFC:[MD5.0315D4956246ACE396BAB40B4700D3E2] - 2011-03-20 - 03:29:45 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrchs.lrc [114688]

O44 - LFC:[MD5.25A8F57918888648B003671AA857588C] - 2011-03-20 - 03:29:45 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrcht.lrc [110592]

O44 - LFC:[MD5.AA16F911229FB8B9B7CF9453539412E6] - 2011-03-20 - 03:29:45 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrdan.lrc [176128]

O44 - LFC:[MD5.3406324B4105280FF5F6B9032675F5BD] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrdeu.lrc [192512]

O44 - LFC:[MD5.1534E172D3FA9A5F562255AD58EF62CC] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrenu.lrc [172032]

O44 - LFC:[MD5.8CF43AE2EC1D8279DDB75541E66EEDC4] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxresp.lrc [188416]

O44 - LFC:[MD5.4FE2C378DB00345411AB83233C2AE2AC] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrfin.lrc [176128]

O44 - LFC:[MD5.B697441F26A8C3EE4554A4DBA784DA88] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrfra.lrc [184320]

O44 - LFC:[MD5.3EF352FAABCD99320554172EB37A96A0] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrheb.lrc [155648]

O44 - LFC:[MD5.2D7B69E7552DB322BBE152AD430D4784] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrita.lrc [188416]

O44 - LFC:[MD5.28458D1049FA058768DB736A79DCF63B] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrjpn.lrc [131072]

O44 - LFC:[MD5.DB123F3E491AE46A2B6826AC73CA366F] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrkor.lrc [126976]

O44 - LFC:[MD5.ED406EEDB3A5936CD2EBCEA7FBC8151B] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrnld.lrc [188416]

O44 - LFC:[MD5.EDA9F4D2D6D5502FAE7CEFFED8D65430] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrnor.lrc [176128]

O44 - LFC:[MD5.CBDC8C55BED17C0618229D87CFDF4CE7] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrplk.lrc [180224]

O44 - LFC:[MD5.0A0A59E2D0E603177D3A5EB344B85F7E] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrptb.lrc [180224]

O44 - LFC:[MD5.64FB5E977620AC7D9426C775A5DA47A0] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrptg.lrc [180224]

O44 - LFC:[MD5.DA4CCD2608C0E8DDF2CED77292B80FBA] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrrus.lrc [180224]

O44 - LFC:[MD5.3C551293D5D7A88F2300D8B3D0C65727] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrsky.lrc [176128]

O44 - LFC:[MD5.DB982EBA97C5F24DF8C809B602EAB677] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrslv.lrc [172032]

O44 - LFC:[MD5.0F1154C31228E044805C03649B960A52] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrsve.lrc [176128]

O44 - LFC:[MD5.B921A78EF1B3E4907D4A35467A11F429] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrtha.lrc [163840]

O44 - LFC:[MD5.7ADECA447E7E253DF346BC1E31DF0365] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - OpenGL® Driver for Intel® Graphics Acce.) -- C:\Windows\System32\ig4icd32.dll [2420736]

O44 - LFC:[MD5.EBEDD4406281CF885EA488569C4A1600] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrcsy.lrc [176128]

O44 - LFC:[MD5.A25646C6751A557C9EE6DDC0C157A603] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrell.lrc [192512]

O44 - LFC:[MD5.2B09B3C05933CBC0B710DC4381A2B26B] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrhun.lrc [184320]

O44 - LFC:[MD5.EE996847D89FB31F284B47A82A00DCF7] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrtrk.lrc [172032]

O44 - LFC:[MD5.383FD7C95B7C0CAEF338DF6A78E3FD23] - 2011-03-20 - 03:29:50 ---A- . (.Intel Corporation - OpenGL® Device Driver for Intel® Graphi.) -- C:\Windows\System32\ig4dev32.dll [2174976]

O44 - LFC:[MD5.9477D99EDC98D62063FBA80E7B6D7A7E] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1497962]

O44 - LFC:[MD5.9552F2020B5953E76BA7FF2D3671964D] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfc009.dat [104284]

O44 - LFC:[MD5.DE410084E12A770A32FBCB618DD0DE18] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [126798]

O44 - LFC:[MD5.C0466014288F888B50F57C401C0B8D35] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfh009.dat [596210]

O44 - LFC:[MD5.B0F1B7305913E5AF2865C40533FD3CB2] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [679552]

O44 - LFC:[MD5.01F79628EE7A02A2118EC2137B1A93BA] - 2011-03-20 - 14:56:00 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.12644C1D171352BBBBE10B77AF216E90] - 2011-03-23 - 13:06:32 ---A- . (...) -- C:\Windows\Rp_SPA.log [47629]

O44 - LFC:[MD5.D12182135698CCA1BC56B67F264A5C70] - 2011-03-23 - 13:22:12 ---A- . (...) -- C:\Windows\PFRO.log [1042]

O44 - LFC:[MD5.F87BA06FE22C81CDE563761DDFBAB267] - 2011-03-23 - 13:31:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [472808]

O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 2011-03-23 - 13:31:59 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184]

O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 2011-03-23 - 13:32:01 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]

O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 2011-03-23 - 13:32:01 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-03-23 - 13:58:58 ---A- . (...) -- C:\Windows\System32\RENF814.tmp [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-03-23 - 13:58:58 ---A- . (...) -- C:\Windows\System32\RENF825.tmp [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-03-23 - 13:58:58 ---A- . (...) -- C:\Windows\System32\RENF826.tmp [0]

O44 - LFC:[MD5.A2D469008393D7DA429CE9E6857337D7] - 2011-03-23 - 14:05:50 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.28EF120054891F7600ECFD7FFCEF1200] - 2011-03-23 - 14:13:00 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1497038]

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{c40f894f-2e25-11df-8da7-001d9265f71c}\AutoRun\command. (.Microsoft Corporation - Démarrer le programme Assistant Réseau sans fil.) -- C:\Windows\System32\setupSNK.exe

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll

O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\iyvu9_32.dll

O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\Iac25_32.ax

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\LogitechCommunicationsManager [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Labtec\WebCam10\WebCam10.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.F8A6018193BE629B8EA4C5D7B2452B70] - 2004-09-16 - 12:26:40 ---A- . (...) -- C:\Windows\system32\drivers\ADFUUD.SYS [12634]

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 2008-01-20 - 21:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 2008-01-20 - 21:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 2008-01-20 - 21:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 2008-01-20 - 21:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 2008-01-20 - 21:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 2008-01-20 - 21:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 2008-01-20 - 21:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]

O58 - SDL:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 2011-02-23 - 09:54:55 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544]

O58 - SDL:[MD5.B0F137F664F10829CD2380B0E20E7C29] - 2011-02-23 - 09:55:03 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [53592]

O58 - SDL:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 2011-02-23 - 09:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432]

O58 - SDL:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 2011-02-23 - 09:56:55 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [371544]

O58 - SDL:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 2011-02-23 - 09:56:45 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [301528]

O58 - SDL:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 2011-02-23 - 09:55:49 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [49240]

O58 - SDL:[MD5.BC12F2404BB6F2B6B2FF3C4C246CB752] - 2009-12-11 - 16:20:49 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\Windows\system32\drivers\avgldx86.sys [335240]

O58 - SDL:[MD5.5903D729D4F0C5BCA74123C96A1B29E0] - 2009-12-11 - 16:20:49 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\Windows\system32\drivers\avgmfx86.sys [27784]

O58 - SDL:[MD5.92D8E1E8502E649B60E70074EB29C380] - 2009-12-11 - 16:20:45 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\Windows\system32\drivers\avgtdix.sys [108552]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 2006-11-02 - 03:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 2006-11-02 - 03:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 2006-11-02 - 03:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 2006-11-02 - 03:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 2006-11-02 - 03:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 2006-11-02 - 03:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 2008-01-20 - 21:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 2006-11-02 - 04:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 2008-01-20 - 21:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 2008-01-20 - 21:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]

O58 - SDL:[MD5.B283F1BC1FF852BD232449A4B3E3CE63] - 2006-05-18 - 09:48:50 ---A- . (.FTDI Ltd. - FTDIBUS USB Driver.) -- C:\Windows\system32\drivers\ftdibus.sys [47249]

O58 - SDL:[MD5.678A73F56DDF84A08C31123C386E9967] - 2006-05-18 - 09:49:02 ---A- . (.FTDI Ltd. - FTDIBUS Serial Device Driver.) -- C:\Windows\system32\drivers\ftser2k.sys [61067]

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 2008-01-20 - 21:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]

O58 - SDL:[MD5.FE440536BD98AF772130DC3A6FE1915F] - 2008-05-08 - 04:05:18 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\Windows\system32\drivers\HSXHWBS2.sys [266752]

O58 - SDL:[MD5.72CC6A8CA7891031D6380DB5025C773C] - 2008-05-08 - 04:04:16 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504]

O58 - SDL:[MD5.88749FBF8BEB18C90E7D6626C8C1910B] - 2008-05-08 - 04:03:18 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DP.sys [980992]

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 2008-01-20 - 21:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]

O58 - SDL:[MD5.62F534791AE488A475A3E508D92AF4CC] - 2008-03-25 - 15:44:24 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [2307072]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 2006-11-02 - 04:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 2006-11-02 - 04:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 2006-11-02 - 04:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 2008-01-20 - 21:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 2008-01-20 - 21:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 2008-01-20 - 21:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]

O58 - SDL:[MD5.D395B2DC1705454AA36A34099E066DF0] - 2007-03-06 - 16:49:20 ---A- . (.Labtec Inc. - Labtec Video Driver.) -- C:\Windows\system32\drivers\LV561AV.SYS [491168]

O58 - SDL:[MD5.23F8EF78BB9553E465A476F3CEE5CA18] - 2008-07-26 - 10:26:20 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBSta.sys [41752]

O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 2010-12-20 - 17:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]

O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 2010-12-20 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 2006-06-19 - 09:26:58 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672]

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 2008-01-20 - 21:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 2008-01-20 - 21:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 2006-11-02 - 04:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 2006-11-02 - 04:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 2006-11-02 - 02:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 2008-01-20 - 21:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 2008-01-20 - 21:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]

O58 - SDL:[MD5.3379E7A840DE135FB7A829E03BC9CC25] - 2008-12-18 - 11:16:56 ---A- . (.PC Tools - PC Tools App Monitor Driver.) -- C:\Windows\system32\drivers\PCTAppEvent.sys [73840]

O58 - SDL:[MD5.AA9CFA67850893FBB168B9C4E4C86952] - 2009-04-03 - 10:18:26 ---A- . (.PC Tools - PC Tools KDS Core Driver.) -- C:\Windows\system32\drivers\PCTCore.sys [130936]

O58 - SDL:[MD5.5AA75B88E57AEDF7FDB1F6B5196AD8A6] - 2008-12-10 - 10:36:04 ---A- . (.PC Tools - PC Tools SG Plugin Driver.) -- C:\Windows\system32\drivers\pctplsg.sys [64392]

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 2008-01-20 - 21:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 2006-11-02 - 04:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.5D26CCB06E1F3B5C26E863DF3F4F2611] - 2008-07-03 - 16:03:48 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152088]

O58 - SDL:[MD5.C347A3CDE57077056E7E73D3498F7D7D] - 2007-10-03 - 11:18:12 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [99840]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 2006-11-02 - 01:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 2008-01-20 - 21:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 2006-11-02 - 04:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 2006-11-02 - 04:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 2006-11-02 - 04:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 2008-01-20 - 21:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 2006-11-02 - 04:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 2008-01-20 - 21:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 2008-01-20 - 21:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 2008-01-20 - 21:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]

O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 2007-10-18 - 06:36:54 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2006-11-02 - 02:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2006-11-02 - 02:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 2006-11-02 - 02:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 2006-11-02 - 02:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2006-11-02 - 02:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 2006-11-02 - 02:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2006-11-02 - 02:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2006-11-02 - 02:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2006-11-02 - 02:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2006-11-02 - 02:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 2006-11-02 - 02:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 2006-11-02 - 02:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 2006-11-02 - 02:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 2006-11-02 - 02:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 2006-11-02 - 02:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK

O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI

O64 - Services: CurCS - C:\Windows\system32\Drivers\avgldx86.sys - AVG AVI Loader Driver x86 (AvgLdx86) .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX86

O64 - Services: CurCS - C:\Windows\system32\Drivers\avgmfx86.sys - AVG On-access Scanner Minifilter Driver x86 (AvgMfx86) .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX86

O64 - Services: CurCS - C:\Windows\system32\Drivers\avgtdix.sys - AVG8 Network Redirector (AvgTdiX) .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIX

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(...) - LEGACY_CO_MON

O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(...) - LEGACY_IDSVIX86

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Lbd.sys (.not file.) - Lbd (Lbd) .(...) - LEGACY_LBD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - (.not file.) - Logitech LVPr2Mon Driver (LVPr2Mon) .(...) - LEGACY_LVPR2MON

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR

O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV

O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms (.not file.) - PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) .(...) - LEGACY_PCD5SRVC{BD6912E3-AC9D80E8-05040000}

O64 - Services: CurCS - C:\Windows\System32\drivers\PCTCore.sys - PCTools KDS (PCTCore) .(.PC Tools - PC Tools KDS Core Driver.) - LEGACY_PCTCORE

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS

O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT

O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW

O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(...) - LEGACY_SYMNDISV

O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\xaudio.sys - XAudio (XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {06D5DBFB-0673-4A06-A7F5-C7B1B334E75D} - (Yahoo! Search) - Yahoo! Recherche

O69 - SBI: SearchScopes [HKCU] {5D228923-218C-4703-B63A-B00AB761059A} - (Ask.com) - Ask.com Web Search

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe

O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe

O87 - FAEL: "{C02764DB-508F-45F2-B682-C695A17EABA5}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe

O87 - FAEL: "{94610ADD-A3F2-4AB2-9056-F9D569DB7824}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{1CF29E06-2485-47EF-883D-4AE24E8B2C4E}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\livecall.exe (.not file.)

O87 - FAEL: "{64D728AE-EBEB-4597-BB74-32DA4407AEDE}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{5DE70C22-4A94-40D5-8324-9A05F132A8D8}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{5C44A879-CC73-45D7-9C5D-3BABCBC2D911}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgupd.exe (.not file.)

O87 - FAEL: "{D0E8FA24-F650-4494-AF92-A0A2B95AABC2}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgemc.exe (.not file.)

O87 - FAEL: "{FFE72D97-A3C5-44D0-AFD6-9F6EBBF2AD26}" | In - Private - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe

O87 - FAEL: "{F99EE220-E4A5-464F-A1D6-7FF594102800}" | In - Private - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe

O87 - FAEL: "{3ED3E828-3A0D-4E3A-BC94-A4F22DA44B3A}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "TCP Query User{C91AC6E3-57EF-4C7F-9B46-8F8D69D1F923}C:\program files\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe

O87 - FAEL: "UDP Query User{D0C8486B-D9E9-4079-AC30-7AA3127256EE}C:\program files\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe

O87 - FAEL: "TCP Query User{4FE8AD4F-8450-4673-AE58-D609EB452026}C:\program files\kodak\kodak easyshare software\bin\easyshare.exe" | In - Private - P6 - TRUE | .(.Eastman Kodak Company.) -- C:\program files\kodak\kodak easyshare software\bin\easyshare.e

O87 - FAEL: "UDP Query User{CF3CB13D-404E-4782-8A31-BAC5BD9BFEBE}C:\program files\kodak\kodak easyshare software\bin\easyshare.exe" | In - Private - P17 - TRUE | .(.Eastman Kodak Company.) -- C:\program files\kodak\kodak easyshare software\bin\easyshare.

O87 - FAEL: "{260EE80B-CE4E-4D97-A8D0-AAFB6A48AE5B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgnsx.exe (.not file.)

O87 - FAEL: "{E1258F9E-3EEF-4BF3-8956-73B198EADE1E}" | In - Private - P6 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O87 - FAEL: "{F9D2C759-C807-4C1F-8268-1D8AC076B777}" | In - Private - P17 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O87 - FAEL: "TCP Query User{69595D1F-289D-48D0-98AE-DAC79988F70B}C:\program files\limewire\limewire.exe" | In - Public - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe

O87 - FAEL: "UDP Query User{7DE2F1AD-8290-40BB-BA10-3C996DD0AE31}C:\program files\limewire\limewire.exe" | In - Public - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe

O87 - FAEL: "{8BEE8F4F-358B-432F-AE52-BDD878AAACA1}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{690BA04F-8129-42DA-86F7-5A463E42564D}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{7FD13AC5-A9A3-44FC-8E05-D693CBE80620}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "TCP Query User{A5371F05-89E3-46FF-BD71-86DD68D20E17}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{372BA17C-6D1D-4EE8-B6ED-BB48B9C75023}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe

O87 - FAEL: "{3A3610C6-D26D-4A48-B14F-4EC762FA5ED2}" | In - Public - P6 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O87 - FAEL: "{7C322B5C-ACDE-4F74-997B-DE5EE983646F}" | In - Public - P17 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

 

 

 

---\\ Scan additionnel (O88)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Auto 0 | (AGWinService) . (...) - C:\Program Files\AGI\common\win32\PythonService.exe

SR - | Auto 2008-02-18 110592 | (Apple Mobile Device) . (.Apple, Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

SR - | Auto 2011-02-23 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SS - | Auto 2011-02-23 0 | (avg8emc) . (...) - C:\PROGRA~1\AVG\AVG8\avgemc.exe

SS - | Auto 2011-02-23 0 | (avg8wd) . (...) - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

SR - | Auto 2008-12-12 238888 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Auto 2010-02-10 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 2007-09-19 65536 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

SR - | Auto 2009-03-17 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

SS - | Demand 2009-03-17 0 | (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) . (...) - C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms

SR - | Auto 2011-01-31 689464 | (ServicepointService) . (.Radialpoint Inc..) - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

SR - | Auto 2008-01-20 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

SR - | Auto 2007-10-18 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by mimi at 2011-03-23 15:16:14

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys

1 ntkrnlpa!IofCallDriver[0x82882912] -> \Device\Harddisk0\DR0[0x85A83128]

3 CLASSPNP[0x8379E8B3] -> ntkrnlpa!IofCallDriver[0x82882912] -> [0x852D8918]

5 acpi[0x806A06BC] -> ntkrnlpa!IofCallDriver[0x82882912] -> \Device\Ide\IdeDeviceP0T0L0-0[0x852CA030]

kernel: MBR read successfully

user & kernel MBR OK

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by mimi at 2011-03-23 15:17:04

Use the desktop link 'MBRCheck' to have full report

Dump file Name : C:\PhysicalDisk0_MBR.bin

 

 

 

End of the scan (1076 lines in 03mn 41s)(0)

 

 

voici le rapport

 

Aujourd'hui mon PC est très long à démarrer et quand j'ouvre une page c'est très long à ouvrir????

[tournedos]

Bonjour,

 

En allant sur le panneau de configuration j,ai vu un crochet vert au dossier rapports et solutions aux problèmes: voici ce qui est écrit:

 

 

 

Résolution d''un problème survenu avec un pilote USB

Vous avez reçu ce message parce que votre pilote USB (universal serial bus) a provoqué une erreur à l''origine d''un écran bleu. Ce type d''erreur indique que l''ordinateur s''est éteint brusquement pour se protéger d''une éventuelle altération ou perte de données.

 

Qu''est-ce qu''un pilote ?

 

Il s''agit d''un logiciel qui permet à votre ordinateur de communiquer avec le matériel ou les périphériques. Sans pilote, le matériel que vous connectez à votre ordinateur (par exemple, une carte vidéo ou une webcam) ne fonctionnerait pas correctement.

 

Les étapes recommandées décrites ci-après peuvent vous aider à éliminer ce problème, ou au moins à en réduire la fréquence. Essayez-les dans l''ordre indiqué. Si une étape ne résout pas ou ne réduit pas le problème, passez à l''étape suivante.

 

Procédure de résolution de ce problème

Réglez les paramètres d''alimentation de votre ordinateur

 

Les réglages des paramètres d''alimentation suivants peuvent réduire la fréquence de ce problème.

 

Désactivez le paramètre de la suspension sélective USB :

 

Cliquez sur le bouton Démarrer.

 

Dans la zone Rechercher, tapez options d''alimentation, puis appuyez sur ENTRÉE.

 

Recherchez le mode sélectionné et cliquez sur Modifier les paramètres du mode.

 

Cliquez sur Modifier les paramètres d''alimentation avancés.

 

Double-cliquez sur Paramètres USB, puis double-cliquez sur Paramètre de la suspension sélective USB.

 

Assurez-vous que le paramètre de la suspension sélective USB est bien désactivé. S''il est activé, cliquez dessus et sélectionnez Désactivé, puis cliquez sur OK.

 

Désactivez le mode d''économie d''énergie (sur les ordinateurs non portables uniquement) :

 

Cliquez sur le bouton Démarrer.

 

Dans le champ Rechercher, tapez options d''alimentation, puis appuyez sur ENTRÉE.

 

Sous Modes favoris, assurez-vous que l''option Performances élevées est sélectionnée, puis fermez la fenêtre.

 

Recherchez une mise à jour du système BIOS pour votre ordinateur

 

Plusieurs fabricants de matériel informatique dont les ordinateurs présentent ce problème ont publié des mises à jour du BIOS pour corriger ce problème connu. Contactez le fabricant de votre ordinateur pour savoir si une mise à jour du BIOS est disponible pour votre modèle d''ordinateur.

 

Qu''est-ce que le BIOS ?

 

Il s''agit d''un logiciel intégré qui s''exécute au démarrage de l''ordinateur. Ce programme a notamment pour tâche de lancer le système d''exploitation et de prendre en charge le transfert d''informations entre les périphériques matériels (tels que le clavier et le moniteur).

Comment savoir quel est le fabricant de mon ordinateur ?

 

Cliquez sur le bouton Démarrer, tapez msinfo32 dans la zone Rechercher, puis appuyez sur ENTRÉE. Le nom du fabricant de votre ordinateur est indiqué comme Fabricant du système dans le volet droit de la fenêtre Informations système.

 

Cliquez pour accéder au site Web et afficher les coordonnées des principaux fabricants d''ordinateurs

Téléchargez et installez les dernières mises à jour et pilotes pour votre ordinateur

 

De temps en temps, il peut être utile de rechercher des mises à jour de pilotes pour votre ordinateur, en particulier si vous avez récemment ajouté du matériel tel qu''un concentrateur USB ou un autre périphérique USB.

 

Qu''est-ce qu''un concentrateur USB ?

 

Un concentrateur USB est un périphérique doté de plusieurs ports USB. Les ports USB sont des points de connexion étroits et rectangulaires permettant de connecter des périphériques USB à votre ordinateur. Un concentrateur USB sert de rallonge ou de réplicateur de ports, fournissant ainsi plusieurs ports USB à partir d''une seule connexion USB de votre ordinateur. Les concentrateurs USB peuvent être des périphériques externes à brancher à un port USB ou des périphériques internes intégrés à votre ordinateur.

 

Pour rechercher les mises à jour de pilotes :

 

Utiliser Windows Update pour rechercher et installer les mises à jour :

Connectez-vous à Windows Update

 

Cliquez sur Rechercher les mises à jour dans le volet gauche, puis sur Afficher les mises à jour disponibles.

 

Que faire si je ne vois aucune mise à jour disponible ?

 

Si le message Vous recevez des mises à jour : gérées par votre administrateur système s''affiche, vous pouvez essayer de cliquer sur le lien Rechercher les mises à jour à partir de Microsoft Update ou Rechercher les mises à jour à partir de Windows Update, mais vous devrez peut-être contacter l''administrateur de votre système pour obtenir les mises à jour désirées.

 

Si vous ne voyez pas le message ci-dessus et qu''aucune mise à jour n''est disponible dans Windows Update, après avoir cliqué sur le lien Rechercher les mises à jour dans le volet gauche, les mises à jour disponibles sont peut-être déjà installées.

 

Sélectionnez les mises à jour de pilote pour ce périphérique et toute autre mise à jour que vous souhaitez installer.

 

Remarque

Nous vous conseillons d''installer toutes les mises à jour importantes et recommandées. Ces mises à jour améliorent la sécurité et la stabilité de votre ordinateur.

 

Cliquez sur Installer. Si vous êtes invité à entrer un mot de passe administrateur ou une confirmation de mot de passe, entrez votre mot de passe ou apportez une confirmation.

 

Si vous avez récemment ajouté un nouveau périphérique matériel sur votre ordinateur, connectez-vous au site Web du fabricant pour vérifier si une mise à jour de pilote est disponible.

 

Si vous avez récemment ajouté un nouveau programme sur votre ordinateur, connectez-vous au site Web du fabricant pour vérifier si une mise à jour est disponible.

 

Procédure de contournement de ce problème

Avertissement

Cette procédure permet de résoudre un problème spécifique en désactivant ou en supprimant provisoirement certaines fonctionnalités de votre ordinateur.

 

Essayez de supprimer les périphériques USB ajoutés récemment

 

Si le problème est apparu après l''ajout d''un concentrateur USB ou d''un autre périphérique USB, nous vous conseillons de le supprimer afin de voir si le problème disparaît. Si le problème est résolu ainsi, contactez le fabricant du périphérique pour obtenir une mise à jour du produit ou d''autres recommandations.

 

Ne déconnectez pas les périphériques USB alors que l''ordinateur est en train de s''éteindre ou de se mettre en veille

 

Ce problème se produit généralement lorsque des périphériques USB sont débranchés au cours de l''arrêt ou de la mise en veille de l''ordinateur. Il survient communément sur les ordinateurs portables, en particulier sur ceux qui sont placés sur une station d''accueil, cette dernière pouvant faire office de concentrateur USB. La fréquence de ce problème peut être réduite en laissant l''ordinateur s''arrêter ou se mettre en veille complètement avant de le retirer de sa station d''accueil ou de débrancher les périphériques USB de l''ordinateur ou de la station d''accueil.

 

 

Si vous savez quel périphérique USB est à l''origine de ce problème

 

Il peut être possible d''empêcher l''erreur provoquant un écran bleu en sélectionnant l''option Retirer le périphérique en toute sécurité dans la zone de notification avant de mettre votre ordinateur en mode veille ou en veille prolongée.

 

Dans la barre d''état système, cliquez sur l''icône Supprimer le périphérique en toute sécurité, sélectionnez le périphérique USB que vous croyez à l''origine du problème, puis cliquez sur OK.

 

Ne retirez pas le périphérique USB physiquement.

 

Exécutez l''action qui a provoqué l''erreur d''écran bleu, qu''il s''agisse de la relance de l''ordinateur après une mise en veille ou une veille prolongée ou, pour les ordinateurs portables, de la fermeture de l''ordinateur ou de son placement sur une station d''accueil.

 

Si l''erreur d''écran bleu se reproduit, le problème vient probablement d''un autre périphérique USB. Appliquez cette procédure aux autres périphériques USB jusqu''à ce que vous trouviez celui qui est à l''origine du problème.

 

Si l''erreur d''écran bleu a disparu, vous avez en toute vraisemblance identifié le périphérique qui cause le problème. Contactez le fabricant du périphérique pour obtenir des informations sur la manière de résoudre ce problème ou utilisez l''option Retirer le périphérique en toute sécurité pour le contourner.

 

Remarque

Selon le modèle et le fabricant, certains périphériques USB redeviennent automatiquement accessibles lorsque vous relancez l''ordinateur. D''autres ont besoin d''être d''abord débranchés physiquement, puis rebranchés pour que l''ordinateur les reconnaisse. Vous pouvez voir sur la barre d''état système si le périphérique USB retiré en toute sécurité est de nouveau accessible lorsque vous relancez votre ordinateur. S''il n''est pas accessible automatiquement, déconnectez-le physiquement, puis reconnectez-le.

 

 

 

--------------------------------------------------------------------------------

J'attend de vos nouvelles

 

Merci

[pear]

Votre rapport Zhpdiag est trop vieux pour être utile.

Il a été fait avant le passage de Ad_Remover.

 

 

Vous avez eu un écran bleu avec problème Usb?(BSOD)

Avez vous une icône jaune dans le gestionnaire de périphériques

Gestionnaire-de-peripheriques Vista

 

mon PC est très long à démarrer et quand j'ouvre une page c'est très long à ouvrir

 

Démarrer->EXécuter->Chkdsk /f/r

sous Vista, et 7

Démarrer->Tous les Programmes->Accessoires.

Clic droit sur Invite de commande

et cliquez Exécuter en tant qu'administrateur.

 

Windows vous dira qu'il ne peut executer cette commande car le disque est en "application"

et il vous proposera d'effectuer chkdsk au prochain redémarrage,

tapez O pour accepter, puis valider. et redémarrez le pc

La fonction chkdsk s'exécutera alors automatiquement. .

Modifié le 24 mars 2011 par pear

[tournedos]

voici le rapport fait aujourd'hui..

 

Rapport de ZHPDiag v1.27.18 par Nicolas Coolman, Update du 19/03/2011

Run by mimi at 2011-03-24 16:21:17

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.19019 (Defaut)

 

---\\ System Information

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1012 MB (14% free)

System Restore: Activé (Enable)

System drive C: has 217 GB (75%) free of 289 GB

 

---\\ Logged in mode

Computer Name: PC-DE-MIMI

User Name: mimi

All Users Names: mimi, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\mimi\AppData\Roaming

%LocalAppData%=C:\Users\mimi\AppData\Local

%StartMenu%=C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 217 Go of 289 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.2009-04-11 01:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2008-01-20 21:23:42.) -- C:\Windows\System32\Wininit.exe [96768]

[MD5.74BCC23D622F32DA0450D164735ACAB1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2010-12-18 01:27:04.) -- C:\Windows\System32\wininet.dll [916480]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.2009-04-11 01:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]

[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-04-11 01:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2009-04-11 01:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]

 

 

 

---\\ Processus lancés

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]

[MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880]

[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536]

[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784]

[MD5.03B4BD7A96C004FE8EEEB9F2BC1F413A] - (.Vidéotron - Agent de services Vidéotron.) -- C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe [4318520]

[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3451496]

[MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152]

[MD5.409E5B10053382C9D339BAEAA6584999] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424]

[MD5.B76195C8E8845FF2A8FA658709345DE2] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656]

[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]

[MD5.EF4EE38DEF63166D8C2B369FD03029E3] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe [160592]

[MD5.CF03C8F6F6B0D71F6E5BCE167FCF7CA6] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360]

[MD5.1CF370D5C495F52DB8B83346BDF3AE7C] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]

[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]

[MD5.8A96CEAF576F92E3D9C47ADDAE85DF78] - (.Webshots.com - Webshots Photo Manager.) -- C:\PROGRA~1\Webshots\Webshots.scr [3446088]

[MD5.80B8AE8E18FF57BE13FF4A5959DB0EC1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320]

[MD5.F0898E9BD7C914FB7389F393D189B32F] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [569344]

[MD5.5F119ED4E9750247AE40C5CFA2D16C81] - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe [92024]

[MD5.B988D7F127B94BD5BF8356FE81B985C4] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]

[MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe [233936]

[MD5.745C54B66C61E9B52318D329D62708DD] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658432]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@radialpoint.com/SPA,version=1] - (.Vidéotron - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\nprpspa.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-2164166307-1310619440-4161934922-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Clé orpheline

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Clé orpheline

O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [VideotronSA.exe] . (.Vidéotron - Agent de services Vidéotron.) -- C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe

O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-2164166307-1310619440-4161934922-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-21-2164166307-1310619440-4161934922-1000\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk . (.Webshots.com.) -- C:\Program Files\Webshots\Launcher.exe

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\mimi\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Users\mimi\Desktop\Courrier.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\Desktop\Documents.lnk . (...) -- C:\Users\mimi\Documents

O4 - Global Startup: C:\Users\mimi\Desktop\Favoris.lnk . (...) -- C:\Users\mimi\Favorites

O4 - Global Startup: C:\Users\mimi\Desktop\Internet.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\Desktop\Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - Global Startup: C:\Users\mimi\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe

O4 - Global Startup: C:\Users\mimi\Desktop\Webshots Desktop.lnk . (.Webshots.com.) -- C:\Program Files\Webshots\Launcher.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Courrier.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Jouer à Mes jeux.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Run.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Barre RoboForm - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Enregistrer le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll

O8 - Extra context menu item: Personnaliser le menu - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Remplir le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O9 - Extra button: Barre RoboForm - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS1\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS2\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS3\Services\Tcpip\..\{335E3D66-E7C5-4D4C-98C6-416C35AE4FA5}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AGWinService) - Clé orpheline

O23 - Service: (Apple Mobile Device) . (.Apple, Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (avg8emc) - Clé orpheline

O23 - Service: (avg8wd) - Clé orpheline

O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) - Clé orpheline

O23 - Service: (ServicepointService) . (.Radialpoint Inc. - Pas de description.) - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

O23 - Service: (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EasyShare Registration Task.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleFormimi.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{48152027-D49C-4742-A93F-27B7EBA78948}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\WebReg Deskjet F4100 series.job

[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [HPCeeScheduleFormimi] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [WebReg Deskjet F4100 series] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{9C88BA63-6AF0-4B54-93FF-336886DB3D7E}] (.Pas de propriétaire.) -- C:\Users\mimi\AppData\Local\Temp\Temp1_Standard_Monitor_Driver_Signed_Vista_x64_070717[1].zip\Standard_Monitor_Driver_Signed_Vista_x64_070717

[MD5.00000000000000000000000000000000] [APT] [{C0F42BB1-69D5-4B89-8476-D0D804D132CE}] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Reminders - mimi] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [MP Scheduled Scan] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [scheduled Maintenance] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [scheduled Maintenance Swap] (.Pas de propriétaire.) -- (.not file.)

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (AvgLdx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\system32\Drivers\avgldx86.sys

O41 - Driver: (AvgMfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\system32\Drivers\avgmfx86.sys

O41 - Driver: (AvgTdiX) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\system32\Drivers\avgtdix.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Agent de services Vidéotron 3.7.44 - (.Vidéotron.) [HKLM] -- RadialpointClientGateway_is1

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {DDD5104F-1C44-49EB-9E6B-29EC5D27658B}

O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\AVAST Software]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Aurigma]

[HKCU\Software\AppDataLow\Software\AVG]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Smart-Shopper]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\ArcSoft]

[HKCU\Software\Big Fish Games]

[HKCU\Software\Binary Noise]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Kodak]

[HKCU\Software\Leadertech]

[HKCU\Software\Licenses]

[HKCU\Software\LightScribe]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Logitech]

[HKCU\Software\MGS]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Masque]

[HKCU\Software\Meetstream]

[HKCU\Software\MimarSinan]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\PCTools]

[HKCU\Software\Paint.NET]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\RadialPoint]

[HKCU\Software\Realtek]

[HKCU\Software\Screensaver Factory]

[HKCU\Software\Siber Systems]

[HKCU\Software\Softdisk LLC]

[HKCU\Software\Softthinks]

[HKCU\Software\TERMINAL Studio]

[HKCU\Software\WebShot]

[HKCU\Software\Webshots]

[HKCU\Software\Windows Live]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\http://www.ecran-de-veille.com]

[HKCU\Software\keyhole.com]

[HKLM\Software\ALWIL Software]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\BackWeb]

[HKLM\Software\Big Fish Games]

[HKLM\Software\CA561B]

[HKLM\Software\CCleaner]

[HKLM\Software\CXT]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conexant Systems]

[HKLM\Software\CyberLink]

[HKLM\Software\Debug]

[HKLM\Software\GST]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Kodak]

[HKLM\Software\Labtec]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\Logitech]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\ODBC]

[HKLM\Software\PCTools]

[HKLM\Software\Paint.NET]

[HKLM\Software\Policies]

[HKLM\Software\Python]

[HKLM\Software\Radialpoint]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SDLLC]

[HKLM\Software\SRS Labs]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Siber Systems]

[HKLM\Software\Sonic]

[HKLM\Software\SymDebug]

[HKLM\Software\Symantec]

[HKLM\Software\SystemAct]

[HKLM\Software\TLC]

[HKLM\Software\The Learning Company]

[HKLM\Software\ViewSonic Corporation]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\WholeSecurity]

[HKLM\Software\Windows]

[HKLM\Software\Yahoo]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 2010-07-25 - 17:23:38 - [11748894] ----D- C:\Program Files\a-squared Free

O43 - CFD: 2009-08-27 - 01:41:36 - [128729474] ----D- C:\Program Files\Adobe

O43 - CFD: 2010-03-12 - 20:50:06 - [152892382] ----D- C:\Program Files\Alwil Software

O43 - CFD: 2010-10-12 - 10:38:54 - [2221118] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 2008-12-14 - 22:27:34 - [0] ----D- C:\Program Files\ArcSoft

O43 - CFD: 2010-03-13 - 23:01:00 - [0] ----D- C:\Program Files\AWS

O43 - CFD: 2011-03-03 - 23:19:34 - [6988263] ----D- C:\Program Files\bfgclient

O43 - CFD: 2010-10-12 - 13:11:14 - [392881] ----D- C:\Program Files\Bonjour

O43 - CFD: 2010-03-08 - 15:00:56 - [1327120] ----D- C:\Program Files\CCleaner

O43 - CFD: 2010-05-09 - 02:25:26 - [1025943615] ----D- C:\Program Files\Common Files

O43 - CFD: 2008-02-19 - 00:46:10 - [1024000] ----D- C:\Program Files\CONEXANT

O43 - CFD: 2008-02-19 - 01:08:04 - [735040696] ----D- C:\Program Files\CyberLink

O43 - CFD: 2010-07-24 - 02:52:38 - [26552477] ----D- C:\Program Files\Emsisoft Anti-Malware

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 2011-02-16 - 18:53:12 - [2908240] ----D- C:\Program Files\Google

O43 - CFD: 2009-10-10 - 22:03:22 - [115240047] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 2011-03-04 - 02:58:58 - [167587410] ----D- C:\Program Files\Hidden Expedition - Amazon

O43 - CFD: 2008-07-08 - 15:42:10 - [134902929] ----D- C:\Program Files\HP

O43 - CFD: 2010-04-10 - 00:17:04 - [61467250] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 2011-02-09 - 07:45:38 - [5699790] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 2011-03-23 - 14:59:26 - [89298744] ----D- C:\Program Files\Java

O43 - CFD: 2008-06-30 - 21:56:44 - [122240459] ----D- C:\Program Files\Kodak

O43 - CFD: 2008-09-02 - 21:43:58 - [79802142] ----D- C:\Program Files\Labtec

O43 - CFD: 2010-12-10 - 03:13:24 - [749576] ----D- C:\Program Files\LimeWire

O43 - CFD: 2011-03-21 - 18:30:20 - [4952964] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 2010-10-22 - 05:00:42 - [526291] ----D- C:\Program Files\Microsoft

O43 - CFD: 2006-11-02 - 08:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 2008-08-21 - 13:08:42 - [366533155] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 2011-03-19 - 04:09:58 - [39396803] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 2008-11-20 - 16:43:06 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 2010-12-15 - 04:13:06 - [144641984] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 2010-06-25 - 07:07:36 - [8167779] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 2010-08-13 - 02:02:02 - [99342446] ----D- C:\Program Files\Movie Maker

O43 - CFD: 2008-05-05 - 15:42:56 - [3921216] ----D- C:\Program Files\MP3 Player Utilities

O43 - CFD: 2006-11-02 - 08:37:36 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 2008-08-18 - 23:09:26 - [27815471] ----D- C:\Program Files\MSECache

O43 - CFD: 2008-05-05 - 15:28:36 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 2008-02-19 - 01:09:04 - [155434389] ----D- C:\Program Files\muvee Technologies

O43 - CFD: 2009-10-10 - 22:04:24 - [116363] R---D- C:\Program Files\Online Services

O43 - CFD: 2008-08-18 - 23:59:20 - [0] ----D- C:\Program Files\OpenOffice.org 2.4

O43 - CFD: 2008-09-09 - 22:29:20 - [9326446] ----D- C:\Program Files\Paint.NET

O43 - CFD: 2010-10-12 - 10:45:46 - [76337719] ----D- C:\Program Files\QuickTime

O43 - CFD: 2009-10-29 - 18:53:32 - [3684999] ----D- C:\Program Files\Radialpoint

O43 - CFD: 2008-08-18 - 23:04:38 - [62844252] ----D- C:\Program Files\Realtek

O43 - CFD: 2006-11-02 - 08:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 2008-07-01 - 17:29:42 - [11093081] ----D- C:\Program Files\Siber Systems

O43 - CFD: 2006-11-02 - 09:01:56 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 2009-10-29 - 18:52:22 - [9780409] ----D- C:\Program Files\Videotron

O43 - CFD: 2010-03-09 - 02:40:36 - [12435208] ----D- C:\Program Files\Webshots

O43 - CFD: 2009-09-19 - 01:36:18 - [1016832] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 2009-09-19 - 01:36:14 - [2737152] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 2009-09-19 - 01:36:00 - [4490624] ----D- C:\Program Files\Windows Defender

O43 - CFD: 2009-09-19 - 01:36:14 - [7084664] ----D- C:\Program Files\Windows Journal

O43 - CFD: 2010-10-22 - 04:58:06 - [146671059] ----D- C:\Program Files\Windows Live

O43 - CFD: 2010-03-12 - 21:33:34 - [1303] ----D- C:\Program Files\Windows Live Toolbar

O43 - CFD: 2011-02-09 - 07:45:40 - [9116344] ----D- C:\Program Files\Windows Mail

O43 - CFD: 2010-10-14 - 03:33:04 - [4498121] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 2008-05-03 - 23:12:08 - [7957544] ----D- C:\Program Files\Windows NT

O43 - CFD: 2009-09-19 - 01:36:10 - [13528738] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 2009-11-18 - 04:20:38 - [134144] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 2009-09-19 - 01:36:16 - [7866954] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 2008-12-07 - 22:22:58 - [0] ----D- C:\Program Files\Yahoo!

O43 - CFD: 2011-03-24 - 16:21:34 - [3588405] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 2009-08-27 - 01:41:54 - [10887811] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 2010-10-12 - 10:39:26 - [75145842] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 2008-12-14 - 22:27:36 - [55974] ----D- C:\Program Files\Common Files\ArcSoft

O43 - CFD: 2008-08-21 - 13:08:38 - [92976] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 2008-05-22 - 17:28:44 - [457237] ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 2008-02-19 - 00:58:46 - [5160872] ----D- C:\Program Files\Common Files\HP

O43 - CFD: 2008-02-19 - 01:23:28 - [14028235] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 2011-03-23 - 14:59:24 - [1247175] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 2008-12-14 - 22:08:20 - [3266818] ----D- C:\Program Files\Common Files\Kodak

O43 - CFD: 2008-05-05 - 15:14:10 - [12725285] ----D- C:\Program Files\Common Files\Labtec

O43 - CFD: 2009-08-04 - 15:50:14 - [32098444] ---AD- C:\Program Files\Common Files\LightScribe

O43 - CFD: 2011-03-23 - 15:03:32 - [34024836] ----D- C:\Program Files\Common Files\LogiShrd

O43 - CFD: 2009-01-04 - 18:57:44 - [1337318] ----D- C:\Program Files\Common Files\Logitech

O43 - CFD: 2008-02-19 - 01:08:14 - [56415] ---AD- C:\Program Files\Common Files\LS Getting Started

O43 - CFD: 2010-10-22 - 04:55:08 - [436768674] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 2008-12-14 - 22:07:54 - [651776] ----D- C:\Program Files\Common Files\MSSoap

O43 - CFD: 2008-02-19 - 01:09:04 - [49399251] ----D- C:\Program Files\Common Files\muvee Technologies

O43 - CFD: 2009-04-25 - 21:05:40 - [1963995] ----D- C:\Program Files\Common Files\PC Tools

O43 - CFD: 2006-11-02 - 07:18:34 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 2006-11-02 - 07:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 2008-05-26 - 00:35:42 - [1811224] ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 2009-09-19 - 01:36:10 - [42750094] ----D- C:\Program Files\Common Files\System

O43 - CFD: 2010-05-09 - 02:25:26 - [218474680] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 2008-05-04 - 00:03:44 - [42434246] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 2009-08-27 - 01:41:48 - [764] ----D- C:\ProgramData\Adobe

O43 - CFD: 2010-03-12 - 20:50:06 - [36580452] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 2008-05-05 - 02:15:14 - [31628800] ----D- C:\ProgramData\Apple

O43 - CFD: 2010-10-12 - 10:45:14 - [26921472] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 2008-12-14 - 22:15:28 - [1273] ----D- C:\ProgramData\ArcSoft

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 2008-06-12 - 01:06:30 - [7396] ----D- C:\ProgramData\CyberLink

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 2011-02-16 - 18:53:12 - [523440] ----D- C:\ProgramData\Google

O43 - CFD: 2009-10-10 - 22:03:22 - [1146652] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 2008-09-09 - 22:13:24 - [1902987] ----D- C:\ProgramData\HP

O43 - CFD: 2010-07-24 - 02:51:32 - [8979] ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 2008-05-22 - 17:53:18 - [265] ----D- C:\ProgramData\HPSSUPPLY

O43 - CFD: 2008-06-30 - 21:58:10 - [207213439] ----D- C:\ProgramData\Kodak

O43 - CFD: 2008-06-12 - 01:07:32 - [390] ----D- C:\ProgramData\LightScribe

O43 - CFD: 2011-03-23 - 15:03:32 - [227] ----D- C:\ProgramData\Logishrd

O43 - CFD: 2008-09-02 - 21:44:16 - [0] ----D- C:\ProgramData\Logitech

O43 - CFD: 2010-08-12 - 23:43:22 - [14174432] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 2011-02-16 - 18:49:48 - [1062] ----D- C:\ProgramData\McAfee

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 2008-09-06 - 23:03:56 - [185795921] ----D- C:\ProgramData\MGS

O43 - CFD: 2010-10-22 - 04:55:52 - [317661703] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 2010-12-15 - 04:07:12 - [57040] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 2008-05-03 - 23:12:08 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 2008-02-19 - 01:09:00 - [0] ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 2009-04-25 - 20:19:40 - [0] ----D- C:\ProgramData\PC Tools

O43 - CFD: 2010-10-26 - 16:16:40 - [808892] ----D- C:\ProgramData\Radialpoint

O43 - CFD: 2008-07-01 - 17:30:46 - [96] ----D- C:\ProgramData\RoboForm

O43 - CFD: 2010-12-07 - 04:54:54 - [0] ----D- C:\ProgramData\Softdisk LLC

O43 - CFD: 2006-11-02 - 09:02:04 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 2010-03-31 - 23:27:54 - [364] ----D- C:\ProgramData\Sun

O43 - CFD: 2011-03-10 - 02:54:46 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 2006-11-02 - 09:02:06 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 2009-10-29 - 18:52:22 - [3080] ----D- C:\ProgramData\Videotron

O43 - CFD: 2009-10-29 - 18:52:32 - [0] ----D- C:\ProgramData\Vidéotron

O43 - CFD: 2008-05-22 - 17:43:06 - [236] ----D- C:\ProgramData\WEBREG

O43 - CFD: 2009-06-09 - 14:05:06 - [0] ----D- C:\ProgramData\WindowsSearch

O43 - CFD: 2008-12-07 - 22:25:02 - [0] ----D- C:\ProgramData\Winferno

O43 - CFD: 2008-11-20 - 16:40:40 - [582292] ----D- C:\ProgramData\WLInstaller

O43 - CFD: 2008-05-09 - 02:35:28 - [2309772] ----D- C:\Users\mimi\AppData\Roaming\Adobe

O43 - CFD: 2008-05-05 - 02:19:10 - [151308] ----D- C:\Users\mimi\AppData\Roaming\Apple Computer

O43 - CFD: 2008-12-14 - 22:21:04 - [288022] ----D- C:\Users\mimi\AppData\Roaming\ArcSoft

O43 - CFD: 2010-07-22 - 16:46:44 - [0] ----D- C:\Users\mimi\AppData\Roaming\CBS Interactive

O43 - CFD: 2008-06-15 - 00:23:42 - [8768884] ----D- C:\Users\mimi\AppData\Roaming\CyberLink

O43 - CFD: 2009-07-16 - 00:10:34 - [34637] ----D- C:\Users\mimi\AppData\Roaming\Google

O43 - CFD: 2009-10-10 - 22:03:22 - [22343] ----D- C:\Users\mimi\AppData\Roaming\Hewlett-Packard

O43 - CFD: 2008-05-28 - 03:39:48 - [229016] ----D- C:\Users\mimi\AppData\Roaming\HP

O43 - CFD: 2011-03-24 - 06:39:04 - [56406] ----D- C:\Users\mimi\AppData\Roaming\HpUpdate

O43 - CFD: 2008-05-03 - 23:22:26 - [0] ----D- C:\Users\mimi\AppData\Roaming\Identities

O43 - CFD: 2008-06-07 - 20:17:44 - [1210814] ----D- C:\Users\mimi\AppData\Roaming\LANCITE

O43 - CFD: 2008-09-02 - 21:46:56 - [272] ----D- C:\Users\mimi\AppData\Roaming\Leadertech

O43 - CFD: 2010-12-10 - 03:13:24 - [16114637] ----D- C:\Users\mimi\AppData\Roaming\LimeWire

O43 - CFD: 2008-05-03 - 23:21:14 - [456] ----D- C:\Users\mimi\AppData\Roaming\Macromedia

O43 - CFD: 2010-08-12 - 23:43:48 - [30497] ----D- C:\Users\mimi\AppData\Roaming\Malwarebytes

O43 - CFD: 2006-11-02 - 08:37:36 - [0] ----D- C:\Users\mimi\AppData\Roaming\Media Center Programs

O43 - CFD: 2010-03-06 - 02:13:04 - [21372020] -S--D- C:\Users\mimi\AppData\Roaming\Microsoft

O43 - CFD: 2010-06-02 - 01:01:22 - [0] ----D- C:\Users\mimi\AppData\Roaming\Mozilla

O43 - CFD: 2008-08-18 - 23:17:36 - [15090575] ----D- C:\Users\mimi\AppData\Roaming\OpenOffice.org2

O43 - CFD: 2009-04-25 - 20:19:40 - [0] ----D- C:\Users\mimi\AppData\Roaming\PC Tools

O43 - CFD: 2008-06-30 - 21:58:34 - [0] ----D- C:\Users\mimi\AppData\Roaming\Skinux

O43 - CFD: 2008-05-03 - 23:23:08 - [0] ----D- C:\Users\mimi\AppData\Roaming\Symantec

O43 - CFD: 2009-10-29 - 18:52:42 - [7328892] ----D- C:\Users\mimi\AppData\Roaming\Videotron

O43 - CFD: 2009-10-29 - 18:52:44 - [0] ----D- C:\Users\mimi\AppData\Roaming\Vidéotron

O43 - CFD: 2008-12-22 - 03:50:24 - [22860501] ----D- C:\Users\mimi\AppData\Roaming\Webshots

O43 - CFD: 2008-08-18 - 23:04:28 - [0] ----D- C:\Users\mimi\AppData\Roaming\WinBatch

O43 - CFD: 2010-10-25 - 08:41:52 - [295] ----D- C:\Users\mimi\AppData\Roaming\Windows Live Writer

O43 - CFD: 2008-05-04 - 00:42:26 - [0] ----D- C:\Users\mimi\AppData\Roaming\Yahoo!

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.CF721E064F489AB8C52CFC2D8A3B5C17] - 2008-01-02 - 03:27:00 ---A- . (...) -- C:\Windows\System32\iglhxo32.vp [2096]

O44 - LFC:[MD5.46537E443C84983A1E2D7A7744C275D1] - 2008-03-25 - 16:46:42 ---A- . (...) -- C:\Windows\System32\iglhxs32.vp [32896]

O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 2009-07-16 - 12:30:03 ---A- . (...) -- C:\Windows\System32\WsmTxt.xsl [2426]

O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 2009-07-16 - 12:30:03 ---A- . (...) -- C:\Windows\System32\wsmanconfig_schema.xml [4675]

O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 2009-08-01 - 01:27:37 ---A- . (...) -- C:\Windows\System32\winrm.vbs [201184]

O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 2011-03-05 - 10:43:20 ---A- . (...) -- C:\Windows\System32\config.nt [2577]

O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 2011-03-05 - 10:43:20 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [371544]

O44 - LFC:[MD5.62F534791AE488A475A3E508D92AF4CC] - 2011-03-20 - 03:29:27 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [2307072]

O44 - LFC:[MD5.CADB1C9B8CE4F23EC49BD3B713DBE027] - 2011-03-20 - 03:29:28 ---A- . (.Intel Corporation - LDDM User Mode Driver for Intel® Graphics.) -- C:\Windows\System32\igdumd32.dll [3301376]

O44 - LFC:[MD5.BC74A74B020374D280FB8DB82FCB8D55] - 2011-03-20 - 03:29:30 ---A- . (.Intel Corporation - hccutils Module.) -- C:\Windows\System32\hccutils.dll [106496]

O44 - LFC:[MD5.829ABAD7E87B155C25B69C41A872CF5D] - 2011-03-20 - 03:29:30 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.dll [48640]

O44 - LFC:[MD5.1CF370D5C495F52DB8B83346BDF3AE7C] - 2011-03-20 - 03:29:31 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.exe [256536]

O44 - LFC:[MD5.FBDD6B407BEF4524D71363E8D820C24B] - 2011-03-20 - 03:29:32 ---A- . (.Intel Corporation - igfxpph Module.) -- C:\Windows\System32\igfxpph.dll [204800]

O44 - LFC:[MD5.5B69A33D1F6AB3BB734B9BEF4099160B] - 2011-03-20 - 03:29:33 ---A- . (.Intel Corporation - igfxcfg Module.) -- C:\Windows\System32\igfxcfg.exe [539160]

O44 - LFC:[MD5.BADB93F5B0EED724DC833C3A5A330CF8] - 2011-03-20 - 03:29:33 ---A- . (.Intel Corporation - igfxcpl Module.) -- C:\Windows\System32\igfxcpl.cpl [122880]

O44 - LFC:[MD5.AC88A8E42CDD202F83C39AAC5CBFB105] - 2011-03-20 - 03:29:33 ---A- . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll [204800]

O44 - LFC:[MD5.409E5B10053382C9D339BAEAA6584999] - 2011-03-20 - 03:29:34 ---A- . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424]

O44 - LFC:[MD5.767B74C5242D0F33E610F31A2363D7F6] - 2011-03-20 - 03:29:34 ---A- . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848]

O44 - LFC:[MD5.495F21584FC2875F8C824755CE52BBF1] - 2011-03-20 - 03:29:34 ---A- . (.Intel Corporation - igfxdo Module.) -- C:\Windows\System32\igfxdo.dll [135168]

O44 - LFC:[MD5.93A472E1FB39AF5A7E8315CDBDDC1806] - 2011-03-20 - 03:29:35 ---A- . (.Intel Corporation - igfxress Module.) -- C:\Windows\System32\igfxress.dll [3293184]

O44 - LFC:[MD5.B76195C8E8845FF2A8FA658709345DE2] - 2011-03-20 - 03:29:40 ---A- . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656]

O44 - LFC:[MD5.B94049ED36059FB37B0D077C855F159E] - 2011-03-20 - 03:29:41 ---A- . (.Intel Corporation - igfxTMM Module.) -- C:\Windows\System32\igfxTMM.dll [241664]

O44 - LFC:[MD5.7570C98D7BCFB09DF159A9CFDD9592AD] - 2011-03-20 - 03:29:42 ---A- . (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxext.exe [170520]

O44 - LFC:[MD5.98467169F5C85138FDE29A85C268C8F5] - 2011-03-20 - 03:29:43 ---A- . (.Intel Corporation - Oemdspif Module.) -- C:\Windows\System32\oemdspif.dll [69632]

O44 - LFC:[MD5.150B8CE4F300CAF1C7F10B2130AFBFF0] - 2011-03-20 - 03:29:43 ---A- . (.Intel Corporation - igfxext Module.) -- C:\Windows\System32\igfxexps.dll [24576]

O44 - LFC:[MD5.0CC1F17E8B2D6210708B6E4920EF0642] - 2011-03-20 - 03:29:44 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrara.lrc [159744]

O44 - LFC:[MD5.0315D4956246ACE396BAB40B4700D3E2] - 2011-03-20 - 03:29:45 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrchs.lrc [114688]

O44 - LFC:[MD5.25A8F57918888648B003671AA857588C] - 2011-03-20 - 03:29:45 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrcht.lrc [110592]

O44 - LFC:[MD5.AA16F911229FB8B9B7CF9453539412E6] - 2011-03-20 - 03:29:45 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrdan.lrc [176128]

O44 - LFC:[MD5.3406324B4105280FF5F6B9032675F5BD] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrdeu.lrc [192512]

O44 - LFC:[MD5.1534E172D3FA9A5F562255AD58EF62CC] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrenu.lrc [172032]

O44 - LFC:[MD5.8CF43AE2EC1D8279DDB75541E66EEDC4] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxresp.lrc [188416]

O44 - LFC:[MD5.4FE2C378DB00345411AB83233C2AE2AC] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrfin.lrc [176128]

O44 - LFC:[MD5.B697441F26A8C3EE4554A4DBA784DA88] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrfra.lrc [184320]

O44 - LFC:[MD5.3EF352FAABCD99320554172EB37A96A0] - 2011-03-20 - 03:29:46 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrheb.lrc [155648]

O44 - LFC:[MD5.2D7B69E7552DB322BBE152AD430D4784] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrita.lrc [188416]

O44 - LFC:[MD5.28458D1049FA058768DB736A79DCF63B] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrjpn.lrc [131072]

O44 - LFC:[MD5.DB123F3E491AE46A2B6826AC73CA366F] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrkor.lrc [126976]

O44 - LFC:[MD5.ED406EEDB3A5936CD2EBCEA7FBC8151B] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrnld.lrc [188416]

O44 - LFC:[MD5.EDA9F4D2D6D5502FAE7CEFFED8D65430] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrnor.lrc [176128]

O44 - LFC:[MD5.CBDC8C55BED17C0618229D87CFDF4CE7] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrplk.lrc [180224]

O44 - LFC:[MD5.0A0A59E2D0E603177D3A5EB344B85F7E] - 2011-03-20 - 03:29:47 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrptb.lrc [180224]

O44 - LFC:[MD5.64FB5E977620AC7D9426C775A5DA47A0] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrptg.lrc [180224]

O44 - LFC:[MD5.DA4CCD2608C0E8DDF2CED77292B80FBA] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrrus.lrc [180224]

O44 - LFC:[MD5.3C551293D5D7A88F2300D8B3D0C65727] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrsky.lrc [176128]

O44 - LFC:[MD5.DB982EBA97C5F24DF8C809B602EAB677] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrslv.lrc [172032]

O44 - LFC:[MD5.0F1154C31228E044805C03649B960A52] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrsve.lrc [176128]

O44 - LFC:[MD5.B921A78EF1B3E4907D4A35467A11F429] - 2011-03-20 - 03:29:48 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrtha.lrc [163840]

O44 - LFC:[MD5.7ADECA447E7E253DF346BC1E31DF0365] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - OpenGL® Driver for Intel® Graphics Acce.) -- C:\Windows\System32\ig4icd32.dll [2420736]

O44 - LFC:[MD5.EBEDD4406281CF885EA488569C4A1600] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrcsy.lrc [176128]

O44 - LFC:[MD5.A25646C6751A557C9EE6DDC0C157A603] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrell.lrc [192512]

O44 - LFC:[MD5.2B09B3C05933CBC0B710DC4381A2B26B] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrhun.lrc [184320]

O44 - LFC:[MD5.EE996847D89FB31F284B47A82A00DCF7] - 2011-03-20 - 03:29:49 ---A- . (.Intel Corporation - igfxres Module.) -- C:\Windows\System32\igfxrtrk.lrc [172032]

O44 - LFC:[MD5.383FD7C95B7C0CAEF338DF6A78E3FD23] - 2011-03-20 - 03:29:50 ---A- . (.Intel Corporation - OpenGL® Device Driver for Intel® Graphi.) -- C:\Windows\System32\ig4dev32.dll [2174976]

O44 - LFC:[MD5.9477D99EDC98D62063FBA80E7B6D7A7E] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1497962]

O44 - LFC:[MD5.9552F2020B5953E76BA7FF2D3671964D] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfc009.dat [104284]

O44 - LFC:[MD5.DE410084E12A770A32FBCB618DD0DE18] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [126798]

O44 - LFC:[MD5.C0466014288F888B50F57C401C0B8D35] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfh009.dat [596210]

O44 - LFC:[MD5.B0F1B7305913E5AF2865C40533FD3CB2] - 2011-03-20 - 07:56:03 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [679552]

O44 - LFC:[MD5.01F79628EE7A02A2118EC2137B1A93BA] - 2011-03-20 - 14:56:00 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.F87BA06FE22C81CDE563761DDFBAB267] - 2011-03-23 - 13:31:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [472808]

O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 2011-03-23 - 13:31:59 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184]

O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 2011-03-23 - 13:32:01 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]

O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 2011-03-23 - 13:32:01 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-03-23 - 13:58:58 ---A- . (...) -- C:\Windows\System32\RENF814.tmp [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-03-23 - 13:58:58 ---A- . (...) -- C:\Windows\System32\RENF825.tmp [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-03-23 - 13:58:58 ---A- . (...) -- C:\Windows\System32\RENF826.tmp [0]

O44 - LFC:[MD5.AC7F2490933C68A5A72CF1A72F576DE6] - 2011-03-24 - 05:34:12 ---A- . (.Hewlett-Packard Company - LanguageMonitor.) -- C:\Windows\System32\hpzll64X.dll [117760]

O44 - LFC:[MD5.6C23A50A0E7864D2033B048DA6E2220D] - 2011-03-24 - 14:58:52 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.28EF120054890C7600FCFD7FFCEF1200] - 2011-03-24 - 15:04:18 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1534766]

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{c40f894f-2e25-11df-8da7-001d9265f71c}\AutoRun\command. (.Microsoft Corporation - Démarrer le programme Assistant Réseau sans fil.) -- C:\Windows\System32\setupSNK.exe

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll

O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\iyvu9_32.dll

O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\Iac25_32.ax

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\LogitechCommunicationsManager [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Labtec\WebCam10\WebCam10.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.F8A6018193BE629B8EA4C5D7B2452B70] - 2004-09-16 - 12:26:40 ---A- . (...) -- C:\Windows\system32\drivers\ADFUUD.SYS [12634]

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 2008-01-20 - 21:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 2008-01-20 - 21:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 2008-01-20 - 21:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 2008-01-20 - 21:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 2008-01-20 - 21:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 2008-01-20 - 21:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 2008-01-20 - 21:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]

O58 - SDL:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 2011-02-23 - 09:54:55 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544]

O58 - SDL:[MD5.B0F137F664F10829CD2380B0E20E7C29] - 2011-02-23 - 09:55:03 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [53592]

O58 - SDL:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 2011-02-23 - 09:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432]

O58 - SDL:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 2011-02-23 - 09:56:55 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [371544]

O58 - SDL:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 2011-02-23 - 09:56:45 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [301528]

O58 - SDL:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 2011-02-23 - 09:55:49 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [49240]

O58 - SDL:[MD5.BC12F2404BB6F2B6B2FF3C4C246CB752] - 2009-12-11 - 16:20:49 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\Windows\system32\drivers\avgldx86.sys [335240]

O58 - SDL:[MD5.5903D729D4F0C5BCA74123C96A1B29E0] - 2009-12-11 - 16:20:49 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\Windows\system32\drivers\avgmfx86.sys [27784]

O58 - SDL:[MD5.92D8E1E8502E649B60E70074EB29C380] - 2009-12-11 - 16:20:45 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\Windows\system32\drivers\avgtdix.sys [108552]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 2006-11-02 - 03:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 2006-11-02 - 03:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 2006-11-02 - 03:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 2006-11-02 - 03:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 2006-11-02 - 03:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 2006-11-02 - 03:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 2008-01-20 - 21:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 2006-11-02 - 04:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 2008-01-20 - 21:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 2008-01-20 - 21:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]

O58 - SDL:[MD5.B283F1BC1FF852BD232449A4B3E3CE63] - 2006-05-18 - 09:48:50 ---A- . (.FTDI Ltd. - FTDIBUS USB Driver.) -- C:\Windows\system32\drivers\ftdibus.sys [47249]

O58 - SDL:[MD5.678A73F56DDF84A08C31123C386E9967] - 2006-05-18 - 09:49:02 ---A- . (.FTDI Ltd. - FTDIBUS Serial Device Driver.) -- C:\Windows\system32\drivers\ftser2k.sys [61067]

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 2008-01-20 - 21:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]

O58 - SDL:[MD5.FE440536BD98AF772130DC3A6FE1915F] - 2008-05-08 - 04:05:18 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\Windows\system32\drivers\HSXHWBS2.sys [266752]

O58 - SDL:[MD5.72CC6A8CA7891031D6380DB5025C773C] - 2008-05-08 - 04:04:16 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504]

O58 - SDL:[MD5.88749FBF8BEB18C90E7D6626C8C1910B] - 2008-05-08 - 04:03:18 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DP.sys [980992]

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 2008-01-20 - 21:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]

O58 - SDL:[MD5.62F534791AE488A475A3E508D92AF4CC] - 2008-03-25 - 15:44:24 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [2307072]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 2006-11-02 - 04:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 2006-11-02 - 04:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 2006-11-02 - 04:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 2008-01-20 - 21:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 2008-01-20 - 21:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 2008-01-20 - 21:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]

O58 - SDL:[MD5.D395B2DC1705454AA36A34099E066DF0] - 2007-03-06 - 16:49:20 ---A- . (.Labtec Inc. - Labtec Video Driver.) -- C:\Windows\system32\drivers\LV561AV.SYS [491168]

O58 - SDL:[MD5.23F8EF78BB9553E465A476F3CEE5CA18] - 2008-07-26 - 10:26:20 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBSta.sys [41752]

O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 2010-12-20 - 17:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]

O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 2010-12-20 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 2006-06-19 - 09:26:58 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672]

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 2008-01-20 - 21:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 2008-01-20 - 21:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 2006-11-02 - 04:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 2006-11-02 - 04:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 2006-11-02 - 02:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 2008-01-20 - 21:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 2008-01-20 - 21:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]

O58 - SDL:[MD5.3379E7A840DE135FB7A829E03BC9CC25] - 2008-12-18 - 11:16:56 ---A- . (.PC Tools - PC Tools App Monitor Driver.) -- C:\Windows\system32\drivers\PCTAppEvent.sys [73840]

O58 - SDL:[MD5.AA9CFA67850893FBB168B9C4E4C86952] - 2009-04-03 - 10:18:26 ---A- . (.PC Tools - PC Tools KDS Core Driver.) -- C:\Windows\system32\drivers\PCTCore.sys [130936]

O58 - SDL:[MD5.5AA75B88E57AEDF7FDB1F6B5196AD8A6] - 2008-12-10 - 10:36:04 ---A- . (.PC Tools - PC Tools SG Plugin Driver.) -- C:\Windows\system32\drivers\pctplsg.sys [64392]

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 2008-01-20 - 21:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 2006-11-02 - 04:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.5D26CCB06E1F3B5C26E863DF3F4F2611] - 2008-07-03 - 16:03:48 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152088]

O58 - SDL:[MD5.C347A3CDE57077056E7E73D3498F7D7D] - 2007-10-03 - 11:18:12 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [99840]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 2006-11-02 - 01:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 2008-01-20 - 21:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 2006-11-02 - 04:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 2006-11-02 - 04:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 2006-11-02 - 04:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 2008-01-20 - 21:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 2006-11-02 - 04:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 2008-01-20 - 21:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 2008-01-20 - 21:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 2008-01-20 - 21:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]

O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 2007-10-18 - 06:36:54 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2006-11-02 - 02:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2006-11-02 - 02:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 2006-11-02 - 02:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 2006-11-02 - 02:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2006-11-02 - 02:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 2006-11-02 - 02:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2006-11-02 - 02:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2006-11-02 - 02:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2006-11-02 - 02:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2006-11-02 - 02:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 2006-11-02 - 02:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 2006-11-02 - 02:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 2006-11-02 - 02:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 2006-11-02 - 02:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 2006-11-02 - 02:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK

O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI

O64 - Services: CurCS - C:\Windows\system32\Drivers\avgldx86.sys - AVG AVI Loader Driver x86 (AvgLdx86) .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX86

O64 - Services: CurCS - C:\Windows\system32\Drivers\avgmfx86.sys - AVG On-access Scanner Minifilter Driver x86 (AvgMfx86) .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX86

O64 - Services: CurCS - C:\Windows\system32\Drivers\avgtdix.sys - AVG8 Network Redirector (AvgTdiX) .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIX

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(...) - LEGACY_CO_MON

O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(...) - LEGACY_IDSVIX86

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Lbd.sys (.not file.) - Lbd (Lbd) .(...) - LEGACY_LBD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - (.not file.) - Logitech LVPr2Mon Driver (LVPr2Mon) .(...) - LEGACY_LVPR2MON

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR

O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV

O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms (.not file.) - PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) .(...) - LEGACY_PCD5SRVC{BD6912E3-AC9D80E8-05040000}

O64 - Services: CurCS - C:\Windows\System32\drivers\PCTCore.sys - PCTools KDS (PCTCore) .(.PC Tools - PC Tools KDS Core Driver.) - LEGACY_PCTCORE

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS

O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT

O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW

O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(...) - LEGACY_SYMNDISV

O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\xaudio.sys - XAudio (XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {06D5DBFB-0673-4A06-A7F5-C7B1B334E75D} - (Yahoo! Search) - Yahoo! Recherche

O69 - SBI: SearchScopes [HKCU] {5D228923-218C-4703-B63A-B00AB761059A} - (Ask.com) - Ask.com Web Search

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe

O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe

O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe

O87 - FAEL: "{C02764DB-508F-45F2-B682-C695A17EABA5}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe

O87 - FAEL: "{94610ADD-A3F2-4AB2-9056-F9D569DB7824}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{1CF29E06-2485-47EF-883D-4AE24E8B2C4E}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\livecall.exe (.not file.)

O87 - FAEL: "{64D728AE-EBEB-4597-BB74-32DA4407AEDE}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{5DE70C22-4A94-40D5-8324-9A05F132A8D8}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{5C44A879-CC73-45D7-9C5D-3BABCBC2D911}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgupd.exe (.not file.)

O87 - FAEL: "{D0E8FA24-F650-4494-AF92-A0A2B95AABC2}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgemc.exe (.not file.)

O87 - FAEL: "{FFE72D97-A3C5-44D0-AFD6-9F6EBBF2AD26}" | In - Private - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe

O87 - FAEL: "{F99EE220-E4A5-464F-A1D6-7FF594102800}" | In - Private - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe

O87 - FAEL: "{3ED3E828-3A0D-4E3A-BC94-A4F22DA44B3A}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "TCP Query User{C91AC6E3-57EF-4C7F-9B46-8F8D69D1F923}C:\program files\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe

O87 - FAEL: "UDP Query User{D0C8486B-D9E9-4079-AC30-7AA3127256EE}C:\program files\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe

O87 - FAEL: "TCP Query User{4FE8AD4F-8450-4673-AE58-D609EB452026}C:\program files\kodak\kodak easyshare software\bin\easyshare.exe" | In - Private - P6 - TRUE | .(.Eastman Kodak Company.) -- C:\program files\kodak\kodak easyshare software\bin\easyshare.e

O87 - FAEL: "UDP Query User{CF3CB13D-404E-4782-8A31-BAC5BD9BFEBE}C:\program files\kodak\kodak easyshare software\bin\easyshare.exe" | In - Private - P17 - TRUE | .(.Eastman Kodak Company.) -- C:\program files\kodak\kodak easyshare software\bin\easyshare.

O87 - FAEL: "{260EE80B-CE4E-4D97-A8D0-AAFB6A48AE5B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\AVG\AVG8\avgnsx.exe (.not file.)

O87 - FAEL: "{E1258F9E-3EEF-4BF3-8956-73B198EADE1E}" | In - Private - P6 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O87 - FAEL: "{F9D2C759-C807-4C1F-8268-1D8AC076B777}" | In - Private - P17 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O87 - FAEL: "TCP Query User{69595D1F-289D-48D0-98AE-DAC79988F70B}C:\program files\limewire\limewire.exe" | In - Public - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe

O87 - FAEL: "UDP Query User{7DE2F1AD-8290-40BB-BA10-3C996DD0AE31}C:\program files\limewire\limewire.exe" | In - Public - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe

O87 - FAEL: "{8BEE8F4F-358B-432F-AE52-BDD878AAACA1}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{690BA04F-8129-42DA-86F7-5A463E42564D}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{7FD13AC5-A9A3-44FC-8E05-D693CBE80620}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "TCP Query User{A5371F05-89E3-46FF-BD71-86DD68D20E17}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{372BA17C-6D1D-4EE8-B6ED-BB48B9C75023}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe

O87 - FAEL: "{3A3610C6-D26D-4A48-B14F-4EC762FA5ED2}" | In - Public - P6 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

O87 - FAEL: "{7C322B5C-ACDE-4F74-997B-DE5EE983646F}" | In - Public - P17 - TRUE | .(.Radialpoint Inc. - Pas de description.) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

 

 

 

---\\ Scan additionnel (O88)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Auto 0 | (AGWinService) . (...) - C:\Program Files\AGI\common\win32\PythonService.exe

SR - | Auto 2008-02-18 110592 | (Apple Mobile Device) . (.Apple, Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

SR - | Auto 2011-02-23 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SS - | Auto 2011-02-23 0 | (avg8emc) . (...) - C:\PROGRA~1\AVG\AVG8\avgemc.exe

SS - | Auto 2011-02-23 0 | (avg8wd) . (...) - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

SR - | Auto 2008-12-12 238888 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Auto 2010-02-10 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 2007-09-19 65536 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

SR - | Auto 2009-03-17 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

SS - | Demand 2009-03-17 0 | (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) . (...) - C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms

SR - | Auto 2011-01-31 689464 | (ServicepointService) . (.Radialpoint Inc..) - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe

SR - | Auto 2008-01-20 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

SR - | Auto 2007-10-18 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by mimi at 2011-03-24 16:23:30

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys Dot4.sys Dot4Prt.sys

1 ntkrnlpa!IofCallDriver[0x8288E912] -> \Device\Harddisk0\DR0[0x85A84148]

3 CLASSPNP[0x837A18B3] -> ntkrnlpa!IofCallDriver[0x8288E912] -> [0x852C4950]

5 acpi[0x806A06BC] -> ntkrnlpa!IofCallDriver[0x8288E912] -> \Device\Ide\IdeDeviceP0T0L0-0[0x852BF030]

kernel: MBR read successfully

user & kernel MBR OK

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by mimi at 2011-03-24 16:24:40

Use the desktop link 'MBRCheck' to have full report

Dump file Name : C:\PhysicalDisk0_MBR.bin

 

 

 

End of the scan (1069 lines in 03mn 23s)(0)

 

 

Merci

[tournedos]

Bonjour,

 

1- le rapport Zhpdiag fait aujourd'hui

 

2- Vous avez eu un écran bleu avec problème Usb?(BSOD)

Avez vous une icône jaune dans le gestionnaire de périphériques

Gestionnaire-de-peripheriques Vista: non

 

3- Le meilleur pilote logiciel pour votre periphérique est déjà installé.

Windows a d/termin/ que le pilote ligiciel est 'a jour.

 

4- Démarrer->EXécuter->Chkdsk /f/r sous Vista, et 7

Démarrer->Tous les Programmes->Accessoires.

Clic droit sur Invite de commande

et cliquez Exécuter en tant qu'administrateur.

 

au redémarrage il y a un message qui défile très vite, je ne parviens pas de le lire au complet mais ca dit: impossible de lancer....je sais pas la suite

 

il y a un message de 4 lignes

 

Merci de m'aider

[tournedos]

En allant sur le panneau de configuration j,ai vu un crochet vert au dossier rapports et solutions aux problèmes: voici ce qui est écrit:

 

Résolution d''un problème survenu avec un pilote USB: se message n'apparait plus

 

il reste qu'un message c'est: solve a probleme with Quickcam, je ne me sers plus de ma quickcam depuis longtemps alors je l'ai desinstaller, mais malgré tout le message demeure quand je clic pour la solution ca dit : clic to download the solution from Logitech, inc website...mais c'est tout en anglais alors je comprend pas trop.

 

Mais le problême majeur de pilote USB n'apparait plus

[pear]

quand je clic pour la solution ca dit : clic to download the solution from Logitech, inc website...mais c'est tout en anglais alors je comprend pas trop.

Google traduction:

Google Traduction

 

au redémarrage il y a un message qui défile très vite, je ne parviens pas de le lire au complet mais ca dit: impossible de lancer....je sais pas la suite

 

Pour vérifier le disque C, utiliser la commande fsutil dirty query C:

Démarrer->Exécuter->cmd /k fsutil dirty query c:

 

Si la réponse est le volume C: n'est pas intègre.

on doit vérifier et réparer le volume.

 

il y a un message de 4 lignes

 

Que dit-il ?

 

Sélectionner(Ctrl A et Ctrl C) toutes les lignes en vert ci dessous(et seulement elles)

HKCU\Software\AppDataLow\Software\Smart-Shopper]

[HKCU\Software\MGS]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]

O4 - Global Startup: C:\Users\mimi\Desktop\Courrier.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\Desktop\Internet.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Courrier.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mimi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Run.lnk - Clé orpheline

O23 - Service: (AGWinService) - Clé orpheline

O23 - Service: (avg8emc) - Clé orpheline

O23 - Service: (avg8wd) - Clé orpheline

O23 - Service: (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) - Clé orpheline

[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [HPCeeScheduleFormimi] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [WebReg Deskjet F4100 series] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C0F42BB1-69D5-4B89-8476-D0D804D132CE}] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Reminders - mimi] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [MP Scheduled Scan] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [scheduled Maintenance] (.Pas de propriétaire.) -- (.not file.)

[MD5.00000000000000000000000000000000] [APT] [scheduled Maintenance Swap] (.Pas de propriétaire.) -- (.not file.)

O43 - CFD: 2008-09-06 - 23:03:56 - [185795921] ----D- C:\ProgramData\MGS

O58 - SDL:[MD5.AA9CFA67850893FBB168B9C4E4C86952] - 2009-04-03 - 10:18:26 ---A- . (.PC Tools - PC Tools KDS Core Driver.) -- C:\Windows\system32\drivers\PCTCore.sys [130936]

O58 - SDL:[MD5.5AA75B88E57AEDF7FDB1F6B5196AD8A6] - 2008-12-10 - 10:36:04 ---A- . (.PC Tools - PC Tools SG Plugin Driver.) -- C:\Windows\system32\drivers\pctplsg.sys [64392]

O64 - Services: CurCS - C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms (.not file.) - PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) .(...) - LEGACY_PCD5SRVC{BD6912E3-AC9D80E8-05040000}

O69 - SBI: SearchScopes [HKCU] {5D228923-218C-4703-B63A-B00AB761059A} - (Ask.com) - Ask.com Web Search

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing

 

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

 

Collez (Ctrl V) les lignes vertes dans le cadre 1

Cliquez ensuite sur-

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.

Cliquer sur "Tous" puis sur "Nettoyer" 2.

Acceptez de Redémarrer pour achever le nettoyage.

Un rapport apparait:

Copier-coller le rapport de suppression dans la prochaine réponse.

Si le rapport n'apparait pas, Cliquer sur ce bouton:

Modifié le 25 mars 2011 par pear

[tournedos]

Bonjour,

 

1-J'avais essayé avec le traducteur mais c'est pas vraiment expliquer, car quand j'ai vu le message j'ai desinstaller la cam mais j'ai vu qu'il y a encore le fichier de la cam avec pleins de dossier. J,ai les explication pour installer mais pas pour supprimer le programme.

 

2- J,ai un message qui dit: vousdevez avoir le privilège d'administrateur pour executer: FSUTIL

 

3- je vais le faire plus tard dans la journée

 

Merci

[tournedos]

Rapport de ZHPFix 1.12.3260 par Nicolas Coolman, Update du 11/03/2011

Fichier d'export Registre : C:\ZHPExportRegistry-2011-03-25-07-20-01.txt

Run by mimi at 2011-03-25 07:20:01

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Contact : nicolascoolman@yahoo.fr

 

========== Clé(s) du Registre ==========

HKCU\Software\MGS => Clé supprimée avec succès

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} => Clé supprimée avec succès

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} => Clé supprimée avec succès

O23 - Service: (AGWinService) - Clé orpheline => Clé supprimée avec succès

O23 - Service: (avg8emc) - Clé orpheline => Clé supprimée avec succès

O23 - Service: (avg8wd) - Clé orpheline => Clé supprimée avec succès

O23 - Service: (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) - Clé orpheline => Clé supprimée avec succès

O64 - Services: CurCS - C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms (.not file.) - PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) .(...) - LEGACY_PCD5SRVC{BD6912E3-AC9D80E8-05040000} => Clé supprimée avec succès

O69 - SBI: SearchScopes [HKCU] {5D228923-218C-4703-B63A-B00AB761059A} - (Ask.com) - Ask.com Web Search => Clé supprimée avec succès

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing => Clé supprimée avec succès

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0BC6E3FA-78EF-4886-842C-5A1258C4455A} [DefaultScope] - (Search the Web) - Bing => Clé absente

 

========== Dossier(s) ==========

C:\ProgramData\MGS => Supprimé et mis en quarantaine

 

========== Fichier(s) ==========

c:\users\mimi\desktop\courrier.lnk => Supprimé et mis en quarantaine

c:\users\mimi\desktop\internet.lnk => Supprimé et mis en quarantaine

c:\users\mimi\appdata\roaming\microsoft\internet explorer\quick launch\courrier.lnk => Supprimé et mis en quarantaine

c:\users\mimi\appdata\roaming\microsoft\internet explorer\quick launch\run.lnk => Supprimé et mis en quarantaine

c:\windows\system32\drivers\pctcore.sys => Supprimé et mis en quarantaine

c:\windows\system32\drivers\pctplsg.sys => Supprimé et mis en quarantaine

 

========== Tache planifiée ==========

Task : Ad-Aware Update (Weekly) => Tâche supprimée avec succès

Task : GoogleUpdateTaskMachineCore => Tâche supprimée avec succès

Task : GoogleUpdateTaskMachineCore => Tâche supprimée avec succès

Task : GoogleUpdateTaskMachineUA => Tâche supprimée avec succès

Task : HPCeeScheduleFormimi => Tâche supprimée avec succès

Task : Run RoboForm TaskBar Icon => Tâche supprimée avec succès

Task : WebReg Deskjet F4100 series => Tâche supprimée avec succès

Task : {C0F42BB1-69D5-4B89-8476-D0D804D132CE} => Tâche supprimée avec succès

Task : AppleSoftwareUpdate => Tâche supprimée avec succès

Task : Reminders - mimi => Tâche supprimée avec succès

Task : Reminders - mimi => Tâche supprimée avec succès

Task : MP Scheduled Scan => Tâche supprimée avec succès

Task : Scheduled Maintenance => Tâche supprimée avec succès

Task : Scheduled Maintenance => Tâche supprimée avec succès

Task : Scheduled Maintenance Swap => Tâche supprimée avec succès

 

========== Autre ==========

HKCU\Software\AppDataLow\Software\Smart-Shopper] => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

(.not file.) => Format Non supporté

 

 

========== Récapitulatif ==========

11 : Clé(s) du Registre

1 : Dossier(s)

6 : Fichier(s)

15 : Tache planifiée

13 : Autre

 

 

End of the scan

 

 

voici le rapport

Modifié le 25 mars 2011 par tournedos