mon pc est infecté aussi

PIPLAPAL · le 10 avril 2011

Bonjour,

J'ai des pbs avec mon pc.

J'ai un rapport de ZHPDiag qui donne ceci :

Rapport de ZHPDiag v1.27.1864 par Nicolas Coolman, Update du 08/04/2011

Run by Administrateur at 09/04/2011 15:35:42

Web site : ZHPDiag Outil de diagnostic

---\\ Web Browser

MSIE: Internet Explorer v6.0.2900.2180 (Defaut)

GCIE: Google Chrome v10.0.648.204

---\\ System Information

Windows XP Professional Service Pack 2 (Build 2600)

Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1907 MB (53% free)

System Restore: Activé (Enable)

System drive C: has 31 GB (63%) free of 49 GB

---\\ Logged in mode

Computer Name: FREVRYM1776384

User Name: Administrateur

All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ Environnement Variables

%AppData%=C:\Documents and Settings\Administrateur\Application Data

%LocalAppData%=C:\Documents and Settings\Administrateur\Local Settings\Application Data

%StartMenu%=C:\Documents and Settings\Administrateur\Menu Démarrer

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 31 Go of 49 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 49 Go of 184 Go)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.2A7BD330924252A2FD80344FC949BB72] - (.Microsoft Corporation - Explorateur Windows.) (.02/03/2006 04:00:00.) -- C:\WINDOWS\Explorer.exe [1036288]

[MD5.AD9AB4386AE234EA5C8EED51CD934C44] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/02/2009 09:15:39.) -- C:\WINDOWS\system32\wininet.dll [672256]

[MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.02/03/2006 04:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368]

[MD5.2218E3FD674DC284CE98C807086CAB14] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/04/2007 11:39:42.) -- C:\WINDOWS\system32\drivers\atapi.sys [96384]

[MD5.2490B30D416A96AC96603D7844CA5C0F] - (.Microsoft Corporation - NT File System Driver.) (.15/11/2004 18:11:59.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574592]

---\\ Processus lancés

[MD5.06AF18300C5B511A3D85C3E0B7909C10] - (.Lenovo. - ThinkPad Power Management Service.) -- C:\WINDOWS\system32\ibmpmsvc.exe [38248]

[MD5.BD254601A3977C4BCF39FDC942A38217] - (.Intel® Corporation - Intel® Wireless Management Service.) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [954368]

[MD5.5E32D63B71495A8EDA09F05BD153A537] - (.Symantec Corporation - Symantec Settings Manager Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [169576]

[MD5.73A35AD810CB750367CC01564A44B0E7] - (.Symantec Corporation - Symantec Event Manager Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [192104]

[MD5.8A09AB7A1FD856ACC469BD0CD4E98351] - (.Symantec Corporation - SPBBC Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe [1181016]

[MD5.7B0E3E21CE33C48AF63B01AE9A3847A4] - (.Pas de propriétaire - Application Policy Service.) -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe [5329408]

[MD5.7F7EFCC3EF73160147B27A8270B4CB9E] - (.Symantec Corporation - Virus Definition Daemon.) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe [31160]

[MD5.A839258E58CF58F05DE1799FFC7F2634] - (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [858384]

[MD5.A7AD70A504FAC41492A95FE1D567CB52] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [268824]

[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]

[MD5.7FF9BA6D0BFBCD31DDF23EAF982D7069] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Program Files\lotus\notes\ntmulti.exe [57393]

[MD5.7382BC560C92710210352941F4086D44] - (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [473360]

[MD5.92554F1D5037033146501F72C74B4D9F] - (.symantec - SAVRoam.) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe [116664]

[MD5.7AC1FCCC7976857AAC3906D45A81D77B] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe [1822648]

[MD5.C81B8635DEE0D3EF5F64B3DD643023A5] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912]

[MD5.40C7C20D2D1798EEB68EEFD606C20689] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2320920]

[MD5.2FE6F76ADB634D4ED7EF9EAE726BC654] - (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmiprvse.exe [218112]

[MD5.B43CC0F07752D456038CD0268E4D84E9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544]

[MD5.64EF13006915817C00FCFD7F38F01300] - (...) -- C:\Documents and Settings\Administrateur\Application Data\dwm.exe [174592]

[MD5.DD181421F649C9A819EC78C98A049730] - (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [52840]

[MD5.84ECADFA3C9A62768C6711A3FD8991BD] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\PROGRA~1\SYMANT~1\VPTray.exe [125368]

[MD5.33321E7AACEEB66583B805D94168455C] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [174616]

[MD5.201840334B0CFD4C9F9AD38449D1AEDD] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [145432]

[MD5.5827B14B4E84DA4144D8215883E05177] - (.Microsoft Corporation - NTVDM.EXE.) -- C:\WINDOWS\system32\ntvdm.exe [420864]

[MD5.99055F25DCDFB3DDE1251FB629A8D96F] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664]

[MD5.B8DA797CEA896C42F5BAD9E08E21AF9F] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1052672]

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]

[MD5.18FC77C6FD225D31F02806A349228F04] - (.Synaptics Incorporated - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [128296]

[MD5.896A1DB9A972AD2339C2E8569EC926D1] - (.Safer Networking Limited - System settings protector.) -- D:\programme\Spybot - Search & Destroy\TeaTimer.exe [2144088]

[MD5.81EDFB5230A8428F3A31D135CA84E05B] - (.Pas de propriétaire - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe [634880]

[MD5.82D1FC5B93E0B1DA104AB2D9C992319B] - (.Intel Corporation - Intel® Management and Security Status.) -- C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1098264]

[MD5.385D1644E676C96EB07848ADA63E37FA] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [93184]

[MD5.64EF13006915817C00FCFD7F38F01300] - (...) -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\conhost.exe [164864]

[MD5.64EF13006915817C00FCFD7F38F01300] - (...) -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\csrss.exe [184832]

[MD5.FB784E1B24CD06EEC019F26EF79527AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642560]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G2 - GCE: Preference [user Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.3441.119 (Activé)

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation

R0 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Carrefour Group

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google

R1 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:61798

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\programme\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [run] Clé orpheline

O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

O4 - HKLM\..\Run: [vptray] . (.Symantec Corporation - Symantec AntiVirus.) -- C:\PROGRA~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [smartAudio] . (.Pas de propriétaire - SAIICpl MFC Application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [iMSS] . (.Pas de propriétaire - PIconStartup application.) -- C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe

O4 - HKLM\..\Run: [uniPrint] . (.INGENICA UK Ltd. - Pas de description.) -- C:\Program Files\UniPrint\Client\SetDfltSettings.exe

O4 - HKLM\..\Run: [Essbase] . (.Microsoft Corporation - Microsoft Systems Management Server Install.) -- C:\essbase\User_EssbaseXP.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] . (...) -- C:\WINDOWS\system32\PSDrvCheck.exe

O4 - HKLM\..\Run: [conhost] . (...) -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\conhost.exe

O4 - HKCU\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- D:\programme\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [spybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- D:\programme\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-21-3812990255-2316810431-2618131703-500\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk . (.Avanquest Software.) -- C:\Program Files\Digital Line Detect\DLG.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Configuration Utility HW.14.lnk . (...) -- C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 8.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Vuze\Azureus.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.)

O9 - Extra button: Console Java (Sun) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra button: Console Java (Sun) - {c95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Service client pour le fournisseur NetWare et DLL d'authentification.) -- C:\WINDOWS\system32\nwprovau.dll

---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)

O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://webfile.carrefour.com/welcome/

---\\ Site dans la Zone de confiance d'Internet Explorer (O15)

O15 - Trusted Zone: [HKCU\...\Domains] http.carrefour.com

O15 - Trusted Zone: [HKCU\...\Domains\www] http.carrefour.com

O15 - Trusted Zone: [HKCU\...\Domains] http.cisco.com

O15 - Trusted Zone: [HKCU\...\Domains\www] http.cisco.com

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpNameServer = 10.49.197.89 10.49.197.161 10.48.241.1 10.48.241.2

O17 - HKLM\System\CCS\Services\Tcpip\..\{9BADAA65-4B2E-44CB-B57F-AB556120FF52}: DhcpNameServer = 192.168.1.1 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpNameServer = 10.49.197.89 10.49.197.161 10.48.241.1 10.48.241.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{9BADAA65-4B2E-44CB-B57F-AB556120FF52}: DhcpNameServer = 192.168.1.1 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpNameServer = 10.49.197.89 10.49.197.161 10.48.241.1 10.48.241.2

O17 - HKLM\System\CS3\Services\Tcpip\..\{9BADAA65-4B2E-44CB-B57F-AB556120FF52}: DhcpNameServer = 192.168.1.1 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpDomain = dg.carrefour.com

O17 - HKLM\System\CS1\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpDomain = dg.carrefour.com

O17 - HKLM\System\CS3\Services\Tcpip\..\{835B9D40-4234-4076-A7CB-D11ABDE8F80B}: DhcpDomain = dg.carrefour.com

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ho.fr.wcorp.carrefour.com

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

O20 - Winlogon Notify: NavLogon . (.Symantec Corporation - Symantec AntiVirus Logon Notification.) -- C:\WINDOWS\system32\NavLogon.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (Application Policy Service) . (.Pas de propriétaire - Application Policy Service.) - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe

O23 - Service: (ccEvtMgr) . (.Symantec Corporation - Symantec Event Manager Service.) - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: (ccSetMgr) . (.Symantec Corporation - Symantec Settings Manager Service.) - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: (DefWatch) . (.Symantec Corporation - Virus Definition Daemon.) - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: (EvtEng) . (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: (IBMPMSVC) . (.Lenovo. - ThinkPad Power Management Service.) - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: (LiveUpdate) . (.Symantec Corporation - LiveUpdate Engine COM Module.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe

O23 - Service: (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: (mchInjDrv) - Clé orpheline

O23 - Service: (Multi-user Cleanup Service) . (.IBM Corp - IBM Lotus Notes/Domino.) - C:\Program Files\lotus\notes\ntmulti.exe

O23 - Service: (RegSrvc) . (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: (S24EventMonitor) . (.Intel® Corporation - Intel® Wireless Management Service.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe

O23 - Service: (SavRoam) . (.symantec - SAVRoam.) - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: (ServiceLayer) . (.Nokia. - ServiceLayer Module.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: (SNDSrvc) . (.Symantec Corporation - Network Driver Service.) - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: (SPBBCSvc) . (.Symantec Corporation - SPBBC Service.) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: (Symantec AntiVirus) . (.Symantec Corporation - Symantec AntiVirus.) - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

O23 - Service: (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500Core.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500UA.job

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500Core] (.Google Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3812990255-2316810431-2618131703-500UA] (.Google Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (lenovo.smi) . (.Lenovo Group Limited - SMI Driver for Lenovo system.) - C:\Windows\System32\DRIVERS\smiif32.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys

O41 - Driver: (SAVRT) . (.Symantec Corporation - AutoProtect.) - C:\Program Files\Symantec AntiVirus\savrt.sys

O41 - Driver: (SAVRTPEL) . (.Symantec Corporation - SAVRTPEL.) - C:\Program Files\Symantec AntiVirus\Savrtpel.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys

O41 - Driver: (SPBBCDrv) . (.Symantec Corporation - SPBBC Driver.) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys

O41 - Driver: (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\WINDOWS\system32\Drivers\SYMTDI.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\Windows\System32\DRIVERS\wmiacpi.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: 7-Zip - (.Homologation Carrefour France.) [HKLM] -- {8EC35958-6E60-44E8-A740-A2F9DE5F4C2C}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader 8.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81000000003}

O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}

O42 - Logiciel: Analyseur MSXML 6.0 - (.Microsoft Corporation.) [HKLM] -- {5903C48B-E953-47B8-A651-B9222C483057}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1

O42 - Logiciel: CSWRLD32.EXE custom database - (.Pas de propriétaire.) [HKLM] -- {29519cc5-4a16-42a8-9765-7915adb2082f}.sdb

O42 - Logiciel: Canon PIXMA iP1500 - (.Pas de propriétaire.) [HKLM] -- CANONBJ_Deinstall_CNMCP5y.DLL

O42 - Logiciel: Citrix ICA Web Client - (.Pas de propriétaire.) [HKLM] -- Citrix ICA Web Client

O42 - Logiciel: Citrix_CLT_ICAWeb - (.Pas de propriétaire.) [HKLM] -- Citrix_CLT_ICAWeb

O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine

O42 - Logiciel: Conexant 20585 SmartAudio HD - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA

O42 - Logiciel: Deluxe Pacman version 1.82 - (.Pas de propriétaire.) [HKLM] -- Deluxe Pacman_is1

O42 - Logiciel: DolbyFiles - (.Nero AG.) [HKLM] -- {B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}

O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2

O42 - Logiciel: Hitman Pro - (.Mark Loman.) [HKLM] -- {9B77AF57-F7B2-488F-8B75-1DDDCC447545}_is1

O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}

O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}

O42 - Logiciel: Intel® Network Connections Drivers - (.Intel.) [HKLM] -- PROSet

O42 - Logiciel: Java 2 Runtime Environment, SE v1.4.2_12 - (.Sun Microsystems, Inc..) [HKLM] -- {7148F0A8-6813-11D6-A77B-00B0D0142120}

O42 - Logiciel: Lenovo System Interface Driver - (.Pas de propriétaire.) [HKLM] -- LENOVO.SMIIF

O42 - Logiciel: Les Petits Débrouillards - (.Pas de propriétaire.) [HKLM] -- Les Petits Débrouillards

O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Lotus Notes 6.5.5 fr - (.IBM.) [HKLM] -- {D3F0AD62-295F-4632-9CD8-32B6456979D6}

O42 - Logiciel: Mais où se cache Carmen - V.2 - (.Pas de propriétaire.) [HKLM] -- {690C2599-F489-4C0C-87B5-5E9969394652}

O42 - Logiciel: Micro Application - En route vers la lecture - (.Micro Application.) [HKLM] -- {AA03AA43-E4A5-45AF-9693-77E9EB7AF91F}

O42 - Logiciel: Micro Application - Tout pour réussir son année de CE2 - (.Micro Application.) [HKLM] -- {D84C5BD0-FB71-44E9-85B7-60454F4E528E}

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 - (.Microsoft Corporation.) [HKLM] -- {B508B3F1-A24A-32C0-B310-85786919EF28}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 - (.Microsoft Corporation.) [HKLM] -- {2BA00471-0328-3743-93BD-FA813353A783}

O42 - Logiciel: Microsoft .NET Framework 3.5 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5

O42 - Logiciel: Microsoft .NET Framework 3.5 - (.Microsoft Corporation.) [HKLM] -- {2FC099BD-AC9B-33EB-809C-D332E1B27C40}

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: NATHAN Vacances CE1 V.1.00 (D:) - (.Pas de propriétaire.) [HKLM] -- NATHAN Vacances CE1 V.1.00 (D:)

O42 - Logiciel: Nathan Français CE2 - (.Pas de propriétaire.) [HKLM] -- Nathan Français CE2

O42 - Logiciel: Nathan Mathématiques CE2 - (.Pas de propriétaire.) [HKLM] -- Nathan Mathématiques CE2

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}

O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}

O42 - Logiciel: OXPDFCreator - (.TaoRuan.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PC Connectivity Solution Lite - (.Nokia.) [HKLM] -- {90DE9737-9E45-4942-A34B-FC31C2B3C642}

O42 - Logiciel: PDF Editeur 3 - (.Pas de propriétaire.) [HKLM] -- PDF Editeur 3

O42 - Logiciel: PDF-XChange 3 Pro - (.Tracker Software.) [HKLM] -- PDF-XChange 3 Pro_is1

O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}

O42 - Logiciel: RICOH R5U230 Media Driver ver.2.02.02.01 - (.RICOH.) [HKLM] -- {022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}

O42 - Logiciel: STM TPM Driver 1.0.4.15 - 32 bits - (.STMicroelectronics.) [HKLM] -- {04EB530D-EFBE-4624-BC83-611E557B9F03}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2

O42 - Logiciel: Symantec AntiVirus - (.Symantec Corporation.) [HKLM] -- {2085C617-589C-40F8-BE40-EDBC9E2CA2EB}

O42 - Logiciel: TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility - (.Pas de propriétaire.) [HKLM] -- InstallShield_{C43421C0-0DCB-4F26-8A3B-BF16155F9879}

O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM] -- ThinkPad FullScreen Magnifier

O42 - Logiciel: ThinkPad Modem Adapter - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF

O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM] -- Power Management Driver

O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: UniPrint Client 3.6.1 - (.Pas de propriétaire.) [HKLM] -- UniPrint Client 3.6.1

O42 - Logiciel: Uninstall La Malediction - (.Pas de propriétaire.) [HKLM] -- Uninstall La Malediction

O42 - Logiciel: Utilitaire ThinkPad UltraNav - (.Lenovo.) [HKLM] -- {17CBC505-D1AE-459D-B445-3D2000A85842}

O42 - Logiciel: VLC media player 1.1.8 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226

O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -- Vuze_Remote Toolbar

O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC

O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2

O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

---\\ HKCU & HKLM Software Keys

[HKCU\Software\7-ZIP]

[HKCU\Software\AC3Filter]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Azureus]

[HKCU\Software\Canneverbe Limited]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Conduit]

[HKCU\Software\Conexant]

[HKCU\Software\Digital River]

[HKCU\Software\EPSON]

[HKCU\Software\EasySystems]

[HKCU\Software\Google]

[HKCU\Software\Hitman Pro]

[HKCU\Software\Hyperion Solutions]

[HKCU\Software\IBM]

[HKCU\Software\Intel]

[HKCU\Software\JP595IR86O]

[HKCU\Software\JavaSoft]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Lotus]

[HKCU\Software\MDO]

[HKCU\Software\Macromedia]

[HKCU\Software\MicroApp]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nokia]

[HKCU\Software\ODBC]

[HKCU\Software\OfferBox]

[HKCU\Software\PDFCreator]

[HKCU\Software\PDFEdit]

[HKCU\Software\PepiMK Software]

[HKCU\Software\Pinnacle Systems]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\SFX TEAM]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Smartcode Software]

[HKCU\Software\Softonic]

[HKCU\Software\SpywareBlaster]

[HKCU\Software\Synaptics]

[HKCU\Software\Sysinternals]

[HKCU\Software\Tracker Software]

[HKCU\Software\Unity]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VOB]

[HKCU\Software\Vuze_Remote]

[HKCU\Software\WHMDNR9LKK]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\XML]

[HKCU\Software\conduitEngine]

[HKCU\Software\eMule]

[HKCU\Software\ej-technologies]

[HKLM\Software\7-Zip]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\AviSynth]

[HKLM\Software\Azureus]

[HKLM\Software\BORLAND]

[HKLM\Software\BVRP Software, Inc]

[HKLM\Software\Bandoo]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CXT]

[HKLM\Software\Canneverbe Limited]

[HKLM\Software\Canon]

[HKLM\Software\Carrefour]

[HKLM\Software\Citrix]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conduit]

[HKLM\Software\Conexant Systems]

[HKLM\Software\Conexant]

[HKLM\Software\EPSON]

[HKLM\Software\Fellowes]

[HKLM\Software\GEAR Software]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\Hitman Pro]

[HKLM\Software\Hyperion Solutions]

[HKLM\Software\IBM]

[HKLM\Software\INTEL]

[HKLM\Software\InstallMonetizer]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\JavaSoft]

[HKLM\Software\La_Malediction]

[HKLM\Software\Lenovo]

[HKLM\Software\Lotus]

[HKLM\Software\MDC]

[HKLM\Software\Macromedia]

[HKLM\Software\Micro Application]

[HKLM\Software\MicroApp]

[HKLM\Software\Mindscape]

[HKLM\Software\Montparnasse Multimedia - France Télécom]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Nero]

[HKLM\Software\Nokia]

[HKLM\Software\ODBC]

[HKLM\Software\OfferBox]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\Pinnacle Systems]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\Prolific Technology INC]

[HKLM\Software\RICOH]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLanP]

[HKLM\Software\RtWlan]

[HKLM\Software\RtlWake]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\Set8187B]

[HKLM\Software\SpywareBlaster]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\The Silicon Realms Toolworks]

[HKLM\Software\Tracker Software]

[HKLM\Software\TrendMicro]

[HKLM\Software\UIU]

[HKLM\Software\UniPrint]

[HKLM\Software\VOB]

[HKLM\Software\VideoLAN]

[HKLM\Software\Vuze_Remote]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\eRightSoft]

[HKLM\Software\ej-technologies]

[HKLM\Software\magnet]

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 11/06/2010 - 23:02:12 - [1982702] ----D- C:\Program Files\7-Zip

O43 - CFD: 28/05/2010 - 18:31:48 - [200406760] ----D- C:\Program Files\Adobe

O43 - CFD: 12/11/2010 - 09:26:00 - [0] ----D- C:\Program Files\Canon

O43 - CFD: 08/12/2010 - 12:42:18 - [3501304] ----D- C:\Program Files\CCleaner

O43 - CFD: 16/03/2011 - 19:07:48 - [12574847] ----D- C:\Program Files\CDBurnerXP

O43 - CFD: 28/05/2010 - 18:02:06 - [14121410] ----D- C:\Program Files\Citrix

O43 - CFD: 31/12/2010 - 23:20:54 - [809644] ----D- C:\Program Files\Common Files

O43 - CFD: 24/04/2009 - 12:20:50 - [0] ----D- C:\Program Files\ComPlus Applications

O43 - CFD: 21/02/2011 - 17:54:56 - [634976] ----D- C:\Program Files\Conduit

O43 - CFD: 21/02/2011 - 17:54:52 - [4416349] ----D- C:\Program Files\ConduitEngine

O43 - CFD: 28/05/2010 - 16:01:30 - [24095724] ----D- C:\Program Files\CONEXANT

O43 - CFD: 06/12/2010 - 10:40:10 - [795104] ----D- C:\Program Files\DIFX

O43 - CFD: 28/05/2010 - 16:29:26 - [260192] ----D- C:\Program Files\Digital Line Detect

O43 - CFD: 13/11/2010 - 12:54:26 - [43161230] ----D- C:\Program Files\eMule

O43 - CFD: 12/11/2010 - 11:41:14 - [6784705] ----D- C:\Program Files\epson

O43 - CFD: 23/02/2011 - 22:51:48 - [791148442] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 08/12/2010 - 12:42:06 - [15569028] ----D- C:\Program Files\Google

O43 - CFD: 09/04/2011 - 15:19:06 - [7174551] ----D- C:\Program Files\Hitman Pro

O43 - CFD: 29/12/2010 - 22:27:28 - [68993] ----D- C:\Program Files\icons

O43 - CFD: 15/02/2011 - 17:33:32 - [24626453] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 28/05/2010 - 18:12:14 - [75734431] ----D- C:\Program Files\Intel

O43 - CFD: 06/04/2011 - 19:09:02 - [18828992] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 24/04/2009 - 15:08:44 - [35497772] ----D- C:\Program Files\Java

O43 - CFD: 28/05/2010 - 16:16:28 - [379495] ----D- C:\Program Files\Lenovo

O43 - CFD: 24/04/2009 - 14:29:16 - [386315234] ----D- C:\Program Files\Lotus

O43 - CFD: 24/04/2009 - 12:20:06 - [2118787] ----D- C:\Program Files\Messenger

O43 - CFD: 15/02/2011 - 17:33:32 - [967920022] ----D- C:\Program Files\Micro Application

O43 - CFD: 24/04/2009 - 12:28:32 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 10/08/2010 - 12:27:14 - [219719066] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 24/04/2009 - 14:20:26 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 10/08/2010 - 12:27:14 - [4728150] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 28/05/2010 - 18:15:38 - [315392] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 01/01/2011 - 00:25:26 - [1679893] ----D- C:\Program Files\Mindscape

O43 - CFD: 24/04/2009 - 12:22:18 - [10371290] ----D- C:\Program Files\Movie Maker

O43 - CFD: 28/05/2010 - 15:51:48 - [23758] ----D- C:\Program Files\MSBuild

O43 - CFD: 24/04/2009 - 12:28:32 - [0] ----D- C:\Program Files\msn gaming zone

O43 - CFD: 24/04/2009 - 14:18:48 - [17340] ----D- C:\Program Files\MSXML 6.0

O43 - CFD: 21/02/2011 - 18:27:46 - [94285792] ----D- C:\Program Files\Nathan

O43 - CFD: 24/04/2009 - 12:22:36 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 28/05/2010 - 16:27:16 - [5170098] ----D- C:\Program Files\NetWaiting

O43 - CFD: 24/04/2009 - 13:26:38 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 06/12/2010 - 10:40:06 - [2916694] ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD: 24/04/2009 - 14:28:20 - [26746853] ----D- C:\Program Files\PDFCreator

O43 - CFD: 09/01/2011 - 19:04:02 - [6212096] ----D- C:\Program Files\qvPDF

O43 - CFD: 28/05/2010 - 15:51:44 - [31308314] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 29/10/2010 - 11:53:20 - [55617239] ---AD- C:\Program Files\sav10.1.7.7000

O43 - CFD: 24/04/2009 - 12:23:38 - [1025] ----D- C:\Program Files\Services en ligne

O43 - CFD: 28/05/2010 - 18:07:56 - [690100] ----D- C:\Program Files\STMicroelectronics

O43 - CFD: 28/05/2010 - 17:59:14 - [1233769] ----D- C:\Program Files\SuperCopier2

O43 - CFD: 24/04/2009 - 15:35:00 - [16441499] ----D- C:\Program Files\Symantec

O43 - CFD: 09/04/2011 - 14:39:52 - [9551651] ----D- C:\Program Files\Symantec AntiVirus

O43 - CFD: 28/05/2010 - 18:23:58 - [21981742] ----D- C:\Program Files\Synaptics

O43 - CFD: 28/05/2010 - 16:30:04 - [3175792] ----D- C:\Program Files\ThinkPad

O43 - CFD: 24/12/2010 - 00:40:56 - [11880] ----D- C:\Program Files\TrendMicro

O43 - CFD: 12/11/2010 - 09:10:44 - [6774012] ----D- C:\Program Files\TRENDnet

O43 - CFD: 24/04/2009 - 14:24:24 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 28/05/2010 - 18:02:34 - [7381615] ----D- C:\Program Files\UniPrint

O43 - CFD: 14/11/2010 - 17:38:08 - [93132157] ----D- C:\Program Files\VideoLAN

O43 - CFD: 21/02/2011 - 17:55:30 - [111670933] ----D- C:\Program Files\Vuze

O43 - CFD: 21/02/2011 - 17:54:46 - [4497722] ----D- C:\Program Files\Vuze_Remote

O43 - CFD: 23/02/2011 - 19:19:26 - [4100973] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 24/04/2009 - 12:28:32 - [1369088] ----D- C:\Program Files\Windows NT

O43 - CFD: 29/12/2010 - 22:41:08 - [985488] ----D- C:\Program Files\Windows Searchqu Toolbar

O43 - CFD: 24/04/2009 - 12:23:44 - [0] --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 12/11/2010 - 10:08:32 - [3886175] ----D- C:\Program Files\WinRAR

O43 - CFD: 24/04/2009 - 12:28:32 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 09/04/2011 - 15:35:48 - [4691988] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 31/12/2010 - 23:20:54 - [643312] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 28/05/2010 - 17:41:02 - [166332] ----D- C:\Program Files\Common Files\postureAgent

O43 - CFD: 12/11/2010 - 12:06:54 - [794732] ----D- C:\Documents and Settings\Administrateur\Application Data\Adobe

O43 - CFD: 30/01/2011 - 20:03:58 - [115814123] ----D- C:\Documents and Settings\Administrateur\Application Data\Apple Computer

O43 - CFD: 23/02/2011 - 19:23:30 - [28581552] ----D- C:\Documents and Settings\Administrateur\Application Data\Azureus

O43 - CFD: 09/01/2011 - 19:21:38 - [101] ----D- C:\Documents and Settings\Administrateur\Application Data\CAD-KAS

O43 - CFD: 23/02/2011 - 23:05:32 - [1665] ----D- C:\Documents and Settings\Administrateur\Application Data\Canneverbe Limited

O43 - CFD: 08/12/2010 - 12:43:12 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Google

O43 - CFD: 12/11/2010 - 13:15:56 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Help

O43 - CFD: 28/05/2010 - 18:01:34 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\ICAClient

O43 - CFD: 24/04/2009 - 14:24:26 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Identities

O43 - CFD: 28/05/2010 - 16:27:02 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\InstallShield

O43 - CFD: 28/05/2010 - 16:25:30 - [1176] ----D- C:\Documents and Settings\Administrateur\Application Data\Intel

O43 - CFD: 11/06/2010 - 23:04:26 - [2607629] ----D- C:\Documents and Settings\Administrateur\Application Data\Macromedia

O43 - CFD: 09/04/2011 - 15:14:06 - [3108655] -S--D- C:\Documents and Settings\Administrateur\Application Data\Microsoft

O43 - CFD: 23/02/2011 - 22:19:32 - [240] ----D- C:\Documents and Settings\Administrateur\Application Data\Nero

O43 - CFD: 02/02/2011 - 19:28:38 - [240914] ----D- C:\Documents and Settings\Administrateur\Application Data\OfferBox

O43 - CFD: 02/02/2011 - 19:27:46 - [873304] ----D- C:\Documents and Settings\Administrateur\Application Data\OpenCandy

O43 - CFD: 06/12/2010 - 10:40:08 - [118] ----D- C:\Documents and Settings\Administrateur\Application Data\PC Suite

O43 - CFD: 24/04/2009 - 15:08:46 - [570802] ----D- C:\Documents and Settings\Administrateur\Application Data\Sun

O43 - CFD: 07/03/2011 - 20:59:46 - [7958] ----D- C:\Documents and Settings\Administrateur\Application Data\Unity

O43 - CFD: 19/03/2011 - 16:33:16 - [1046445] ----D- C:\Documents and Settings\Administrateur\Application Data\vlc

O43 - CFD: 16/11/2010 - 22:01:40 - [12] ----D- C:\Documents and Settings\Administrateur\Application Data\WinRAR

O43 - CFD: 12/11/2010 - 12:07:06 - [39646586] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe

O43 - CFD: 30/01/2011 - 19:59:10 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple

O43 - CFD: 09/03/2011 - 15:19:48 - [62725045] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple Computer

O43 - CFD: 28/05/2010 - 16:27:14 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\BVRP Software

O43 - CFD: 21/02/2011 - 17:54:56 - [38496] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit

O43 - CFD: 21/02/2011 - 17:54:56 - [4167928] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\ConduitEngine

O43 - CFD: 02/03/2011 - 11:57:26 - [399942698] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google

O43 - CFD: 12/11/2010 - 13:15:56 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Help

O43 - CFD: 11/01/2011 - 14:11:04 - [7575329] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft

O43 - CFD: 28/05/2010 - 18:19:34 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft Help

O43 - CFD: 02/02/2011 - 19:30:22 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\OpenCandy

O43 - CFD: 24/04/2009 - 15:36:42 - [11914] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Symantec

O43 - CFD: 06/04/2011 - 16:34:48 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Temp

O43 - CFD: 20/03/2011 - 18:49:16 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity

O43 - CFD: 21/02/2011 - 17:54:56 - [4164927] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Vuze_Remote

O43 - CFD: 01/01/2011 - 01:09:06 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\WMTools Downloaded Files

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.9126148414BA91736C3C953E9AE88965] - 09/04/2011 - 13:43:53 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.TMP [4172]

O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:40:51 ---A- . (...) -- C:\WINDOWS\RTacDbg.txt [55983]

O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:54 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [768]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/04/2011 - 13:39:51 ---A- . (...) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:28 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0]

O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:28 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.64EF13006915817C00FCFD7F38F01300] - 09/04/2011 - 13:39:28 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 09/04/2011 - 13:39:03 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.03C1963EFB000AD91671A718A937FA6E] - 09/04/2011 - 12:53:20 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [161]

O44 - LFC:[MD5.DADC7DC77EFCABCB0D00B5C7CB6E3215] - 09/04/2011 - 12:53:14 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [457598]

O44 - LFC:[MD5.BEED859862DD30EC68C84C61AB7417EB] - 09/04/2011 - 12:46:55 ---A- . (...) -- C:\WINDOWS\setupact.log [120]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/04/2011 - 12:22:29 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]

O44 - LFC:[MD5.9EB838E4491861D1A2E01D4249092610] - 09/04/2011 - 12:21:50 ---A- . (...) -- C:\WINDOWS\wininit.ini [607]

O44 - LFC:[MD5.DF614AEA27276759CDB22FFD845D444B] - 09/04/2011 - 12:18:46 -SHA- . (...) -- C:\boot.ini [246]

O44 - LFC:[MD5.92E28653856BE97E5FFD435B68AFF64B] - 09/04/2011 - 09:49:16 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2184]

O44 - LFC:[MD5.5E90A223E744A6CF8DB789B39987B818] - 20/03/2011 - 17:46:50 ---A- . (...) -- C:\WINDOWS\System32\mapisvc.inf [995]

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\Program Files\Vuze\Azureus.exe" [Enabled] .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{36277bb8-1533-11e0-9764-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\RECYCLER\S-1-5-21-5311846712-4121495154-682003330-5111\system.exe (.not file.)

O51 - MPSK:{53a11d1a-0114-11e0-9733-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\NokiaPCIA_Autorun.exe (.not file.)

O51 - MPSK:{7008fe4f-021b-11e0-973a-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\RECYCLER\S-1-5-21-5311846712-4121495154-682003330-5111\system.exe (.not file.)

O51 - MPSK:{7e48927c-759c-11df-9e81-00231497fad8}\AutoRun\command. (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe

O51 - MPSK:{f6c1eb85-ee2b-11df-9e8e-00231497fad8}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\RECYCLER\S-1-5-21-5311846712-4121495154-682003330-5111\system.exe (.not file.)

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"MSACM.CTRXAUD"="ctrxaud.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"VIDC.CTRX"="ctrxvid.drv" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"ctrxvid.drv"="Citrix Scalable Video Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ctrxaud.acm"="Citrix Audio Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "LogonType"=0

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Home"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Fullscreen"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Tools"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Print"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Edit"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Cut"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Copy"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Paste"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "Btn_Encoding"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "ForceStartMenuLogOff"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktopCleanupWizard"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWelcomeScreen"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFolderOptions"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoMSAppLogo5ChannelNotify"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoToolbarCustomize"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoBandCustomize"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=149

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoWelcomeScreen"=1

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.30BB1BDE595CA65FD5549462080D94E5] - 12/11/2010 - 08:11:01 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21035]

O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 17/08/2001 - 20:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys [5248]

O58 - SDL:[MD5.675C16A3C1F8482F85EE4A97FC0DDE3D] - 03/08/2004 - 22:07:44 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\AMDAGP.SYS [43008]

O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 17/08/2001 - 20:52:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys [26496]

O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 17/08/2001 - 20:51:58 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys [14848]

O58 - SDL:[MD5.34E172AA5C7ABC4146346CD20233EE32] - 31/03/2010 - 00:58:18 ---A- . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\CHDAU32.sys [1756216]

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 02/03/2006 - 04:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]

O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 23/08/2001 - 16:04:44 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys [6656]

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 02/03/2006 - 04:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]

O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 17/08/2001 - 20:52:16 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys [179584]

O58 - SDL:[MD5.9F7AE949202F0EF6B17DD3CC5C117AD3] - 10/12/2009 - 08:33:34 ---A- . (.Intel Corporation - Intel® Gigabit Adapter NDIS 5.x driver.) -- C:\WINDOWS\system32\drivers\e1k5132.sys [167080]

O58 - SDL:[MD5.3FCC124B6E08EE0E9351F717DD136939] - 07/01/2005 - 16:07:18 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys [138752]

O58 - SDL:[MD5.2A013E7530BEAB6E569FAA83F517E836] - 07/01/2005 - 16:07:16 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [145920]

O58 - SDL:[MD5.A88485DC6A7136C10D9A6C7E38FDFE3C] - 17/09/2009 - 11:54:14 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\WINDOWS\system32\drivers\HECI.sys [41088]

O58 - SDL:[MD5.0D13842210353435FC1FB35CA7807644] - 30/06/2009 - 10:58:00 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys [210304]

O58 - SDL:[MD5.E08CA06BD56B66D6565123445ADB37A6] - 30/06/2009 - 10:58:00 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys [731264]

O58 - SDL:[MD5.8BC605518B1052DB7011E5C4CC8417BF] - 30/06/2009 - 10:59:00 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys [986240]

O58 - SDL:[MD5.39F7C9AEEE865FE8E98CF3EDD2B4BB4A] - 15/01/2010 - 12:06:56 ---A- . (.Intel Corporation - Intel Rapid Storage Technology - x86.) -- C:\WINDOWS\system32\drivers\iaStor.sys [433176]

O58 - SDL:[MD5.400D7095D5AE08970F839BCAC1843106] - 18/11/2009 - 13:03:36 ---A- . (.Lenovo. - ThinkPad Power Management Driver.) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys [26608]

O58 - SDL:[MD5.CF580905F0963521ACB3F88583466BB2] - 23/02/2010 - 15:06:32 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [1987456]

O58 - SDL:[MD5.03C0D99BC2913226F1CEA7CB0D984659] - 10/02/2010 - 14:01:10 ---A- . (.Intel Corporation - Intel® Turbo Boost Technology Driver.) -- C:\WINDOWS\system32\drivers\Impcd.sys [132352]

O58 - SDL:[MD5.A58A567B601866BEE62D8DDA78E6E101] - 19/01/2010 - 03:50:10 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\WINDOWS\system32\drivers\IntcDAud.sys [235520]

O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 18/06/2006 - 21:26:00 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [12672]

O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 17/08/2001 - 20:52:12 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys [17280]

O58 - SDL:[MD5.3BC15801F7B9DD2D16897A38A962CE56] - 13/01/2010 - 07:24:42 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\system32\drivers\NETw5x32.sys [6598656]

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 02/03/2006 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]

O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 17/09/2007 - 14:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [21632]

O58 - SDL:[MD5.B4079D61B5C6B4919BDE17C38202E236] - 28/05/2010 - 16:29:39 ---A- . (...) -- C:\WINDOWS\system32\drivers\pmxdrv.sys [816792]

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 02/03/2006 - 04:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]

O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 17/08/2001 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys [40320]

O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 17/08/2001 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys [45312]

O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 17/08/2001 - 20:52:18 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys [49024]

O58 - SDL:[MD5.571E6AE8D33F6AAAF342D0919630F901] - 12/02/2009 - 13:43:00 ---A- . (.REDC - RICOH MS Driver.) -- C:\WINDOWS\system32\drivers\rimspe86.sys [45056]

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 02/03/2006 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 02/03/2006 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]

O58 - SDL:[MD5.180A0296BF259C1AEEB8DC100CC87A31] - 04/05/2007 - 20:40:22 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\WINDOWS\system32\drivers\RTL8187B.sys [215040]

O58 - SDL:[MD5.E7958E8ACDA7CA20127EF5F2235F25CC] - 10/08/2009 - 23:46:38 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- C:\WINDOWS\system32\drivers\s24trans.sys [13952]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.DE0A165D9F8EA295E62EA702EF2F8125] - 20/11/2007 - 18:35:48 ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\WINDOWS\system32\drivers\ser2pl.sys [49792]

O58 - SDL:[MD5.732D859B286DA692119F286B21A2A114] - 03/08/2004 - 22:07:44 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\SISAGP.SYS [41088]

O58 - SDL:[MD5.3D7EF286E806F9BD9339AA52E28DCD67] - 02/10/2002 - 09:57:12 ---A- . (.Windows ® 2000 DDK provider - Sample NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\drivers\SjyPkt.sys [13532]

O58 - SDL:[MD5.3C3F7F424E324C6971632C5DE5FF458F] - 12/05/2008 - 17:04:02 ---A- . (.Lenovo Group Limited - SMI Driver for Lenovo system.) -- C:\WINDOWS\system32\drivers\smiif32.sys [13480]

O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 17/08/2001 - 21:07:44 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys [19072]

O58 - SDL:[MD5.8AFA1B80366276F8345A6B61E0DF2F3E] - 08/06/2007 - 08:58:46 ---A- . (.STMicroelectronics, INC - TPM Device Driver.) -- C:\WINDOWS\system32\drivers\stm_tpm.sys [21504]

O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 17/08/2001 - 21:07:34 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys [16256]

O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 17/08/2001 - 21:07:36 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys [32640]

O58 - SDL:[MD5.4BB2650C21AFDE8ED0F62E99631AE3AF] - 27/08/2007 - 16:13:16 ---A- . (.Symantec Corporation - DNS Filter Driver.) -- C:\WINDOWS\system32\drivers\symdns.sys [12680]

O58 - SDL:[MD5.49B20B430A4F219173F823536944474A] - 24/04/2009 - 14:34:57 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS [110952]

O58 - SDL:[MD5.DBBB6661E0950DB4FC9CBC74F579EE96] - 27/08/2007 - 16:13:20 ---A- . (.Symantec Corporation - Firewall Filter Driver.) -- C:\WINDOWS\system32\drivers\symfw.sys [97672]

O58 - SDL:[MD5.B6A34050D093A0274FFCA9491C9C3C7F] - 27/08/2007 - 16:13:28 ---A- . (.Symantec Corporation - IDS Filter Driver.) -- C:\WINDOWS\system32\drivers\symids.sys [31624]

O58 - SDL:[MD5.1D064D62AB3DC621E9796CF470779901] - 27/08/2007 - 16:13:24 ---A- . (.Symantec Corporation - NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\symndis.sys [28040]

O58 - SDL:[MD5.E919F0922248A826964428F479A3DC24] - 27/08/2007 - 16:13:32 ---A- . (.Symantec Corporation - Redirector Filter Driver.) -- C:\WINDOWS\system32\drivers\symredrv.sys [23944]

O58 - SDL:[MD5.C177D5A655AF572C456EC977582B9BC0] - 27/08/2007 - 16:13:36 ---A- . (.Symantec Corporation - Network Dispatch Driver.) -- C:\WINDOWS\system32\drivers\symtdi.sys [189320]

O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 17/08/2001 - 21:07:40 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys [28384]

O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 17/08/2001 - 21:07:42 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys [30688]

O58 - SDL:[MD5.0953D53A2D272DE4C4BE1E6C6A2C90D4] - 03/12/2009 - 16:45:24 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [230832]

O58 - SDL:[MD5.3724DFF72B0F5307CF761CC91C2BB9F7] - 26/03/2008 - 13:21:06 ---A- . (.Intel Corporation - Intel® Trusted Platform Module Driver.) -- C:\WINDOWS\system32\drivers\tpm.sys [13824]

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 02/03/2006 - 04:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]

O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 17/08/2001 - 20:52:22 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys [36736]

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 02/03/2006 - 04:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]

O58 - SDL:[MD5.55A928C40C11870DF5B90300BA329878] - 01/07/2006 - 03:27:02 ---A- . (.VMware, Inc. - VMware SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\vmscsi.sys [10880]

O58 - SDL:[MD5.070BA202806EA135B8AB5FC1622CAA19] - 01/07/2006 - 03:27:04 ---A- . (.VMware, Inc. - VMware PCI Ethernet Adapter.) -- C:\WINDOWS\system32\drivers\vmxnet.sys [22528]

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 02/03/2006 - 04:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.4.5.0 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP

O64 - Services: CurCS - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe - Application Policy Service (Application Policy Service) .(.Pas de propriétaire - Application Policy Service.) - LEG

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe - Symantec Event Manager (ccEvtMgr) .(.Symantec Corporation - Symantec Event Manager Service.) - LEGACY_CCEVTMGR

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe - Symantec Settings Manager (ccSetMgr) .(.Symantec Corporation - Symantec Settings Manager Service.) - LEGACY_CCSETMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS

O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP

O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\DefWatch.exe - Symantec AntiVirus Definition Watcher (DefWatch) .(.Symantec Corporation - Virus Definition Daemon.) - LEGACY_DEFWATCH

O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL

O64 - Services: CurCS - (.not file.) - EraserUtilDrv11010 (EraserUtilDrv11010) .(...) - LEGACY_ERASERUTILDRV11010

O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(...) - LEGACY_ERASERUTILDRVI7

O64 - Services: CurCS - (.not file.) - EraserUtilDrvI9 (EraserUtilDrvI9) .(...) - LEGACY_ERASERUTILDRVI9

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV

O64 - Services: CurCS - C:\Program Files\Intel\WiFi\bin\EvtEng.exe - Intel® PROSet/Wireless Event Log (EvtEng) .(.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - LEGACY_EVTENG

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE

O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\I2OMGMT.sys - i2omgmt (i2omgmt) .(...) - LEGACY_I2OMGMT

O64 - Services: CurCS - C:\WINDOWS\system32\ibmpmsvc.exe - ThinkPad PM Service (IBMPMSVC) .(.Lenovo. - ThinkPad Power Management Service.) - LEGACY_IBMPMSVC

O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\smiif32.sys - Lenovo System Interface Driver (lenovo.smi) .(.Lenovo Group Limited - SMI Driver for Lenovo system.) - LEGACY_LENOVO.SMI

O64 - Services: CurCS - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe - LiveUpdate (LiveUpdate) .(.Symantec Corporation - LiveUpdate Engine COM Module.) - LEGACY_LIVEUPDATE

O64 - Services: CurCS - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe - Intel® Management and Security Application Local Management Service (LMS) .(.Intel Corporation - Local Manageability Service.) - LEGACY_LMS

O64 - Services: CurCS - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc2B.tmp (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\Program Files\lotus\notes\ntmulti.exe - Multi-user Cleanup Service (Multi-user Cleanup Service) .(.IBM Corp - IBM Lotus Notes/Domino.) - LEGACY_MULTI-USER_CLEANUP_SERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - mup (mup) .(...) - LEGACY_MUP

O64 - Services: CurCS - C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20110406.003\naveng.sys - NAVENG (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG

O64 - Services: CurCS - C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20110406.003\navex15.sys - NAVEX15 (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - ndis (ndis) .(...) - LEGACY_NDIS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\pmxdrv.sys - pmxdrv (pmxdrv) .(...) - LEGACY_PMXDRV

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\RDPWD.sys - RDPWD (RDPWD) .(...) - LEGACY_RDPWD

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe - Intel® PROSet/Wireless Registry Service (RegSrvc) .(.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - LEGACY_REGSRVC

O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS

O64 - Services: CurCS - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe - Intel® PROSet/Wireless WiFi Service (S24EventMonitor) .(.Intel® Corporation - Intel® Wireless Management Service.) - LEGACY_S24EVENTMONITOR

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\s24trans.sys - Transport RLAN (s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS

O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\SavRoam.exe - SAVRoam (SavRoam) .(.symantec - SAVRoam.) - LEGACY_SAVROAM

O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\savrt.sys - SAVRT (SAVRT) .(.Symantec Corporation - AutoProtect.) - LEGACY_SAVRT

O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\Savrtpel.sys - SAVRTPEL (SAVRTPEL) .(.Symantec Corporation - SAVRTPEL.) - LEGACY_SAVRTPEL

O64 - Services: CurCS - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer (ServiceLayer) .(.Nokia. - ServiceLayer Module.) - LEGACY_SERVICELAYER

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SjyPkt.sys - SjyPkt (SjyPkt) .(.Windows ® 2000 DDK provider - Sample NDIS 5.0 Protocol Driver.) - LEGACY_SJYPKT

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys - SPBBCDrv (SPBBCDrv) .(.Symantec Corporation - SPBBC Driver.) - LEGACY_SPBBCDRV

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe - Symantec SPBBCSvc (SPBBCSvc) .(.Symantec Corporation - SPBBC Service.) - LEGACY_SPBBCSVC

O64 - Services: CurCS - C:\Program Files\Symantec AntiVirus\Rtvscan.exe - Symantec AntiVirus (Symantec AntiVirus) .(.Symantec Corporation - Symantec AntiVirus.) - LEGACY_SYMANTEC_ANTIVIRUS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SYMEVENT.sys - SymEvent (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SYMREDRV.sys - SYMREDRV (SYMREDRV) .(.Symantec Corporation - Redirector Filter Driver.) - LEGACY_SYMREDRV

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SYMTDI.sys - SYMTDI (SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TDTCP.sys - TDTCP (TDTCP) .(...) - LEGACY_TDTCP

O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE

O64 - Services: CurCS - (.not file.) - TPHKDRV (TPHKDRV) .(...) - LEGACY_TPHKDRV

O64 - Services: CurCS - (.not file.) - Incrustation (TPHKSVC) .(...) - LEGACY_TPHKSVC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS

O64 - Services: CurCS - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe - Intel® Management & Security Application User Notification Service (UNS) .(.Intel Corporation - User Notification Service.) - LEGACY_UNS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA

O64 - Services: CurCS - (.not file.) - vobiw (vobiw) .(...) - LEGACY_VOBIW

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) -

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.BB293FCB20C81ADE8F67706D3CDE2768] [sPRF] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\mbam-setup-1.50.1.1100.exe [117129]

[MD5.00000000000000000000000000000000] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\dwm.exe [174592]

[MD5.B9B0ABB41ABA16E2562B261F5F9D9323] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\init.dll [701]

[MD5.B9B0ABB41ABA16E2562B261F5F9D9323] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\sound.dll [701]

[MD5.E1B2F0D273D1E47E4A18ABBBE8139A62] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Application Data\SYSTEM32.dll [6]

---\\ Scan Additionnel (O88)

Database Version : 4762 - (08/04/2011)

[HKCR\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo

[HKCR\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}] =>Adware.Bandoo

[HKCU\Software\microsoft\handle] =>Malware.Trace

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit

[HKLM\Software\Canneverbe Limited\OpenCandy] =>Adware.OpenCandy

[HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.bandoocore] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.bandoocore.1] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.resourcesmngr] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.resourcesmngr.1] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.settingsmngr] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.settingsmngr.1] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.statisticmngr] =>Adware.Bandoo

[HKLM\Software\Classes\bandoocore.statisticmngr.1] =>Adware.Bandoo

[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit

[HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo

[HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo

[HKLM\Software\Classes\Toolbar.ct2504091] =>Adware.Agent

[HKLM\Software\Classes\TypeLib\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971}] =>Adware.Bandoo

[HKLM\Software\Conduit] =>Toolbar.Conduit

[HKLM\Software\conduitEngine] =>Toolbar.Conduit

[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit

C:\Documents and Settings\Administrateur\Application Data\\OfferBox =>PUP.OfferBox

C:\Documents and Settings\Administrateur\Application Data\\OpenCandy =>Adware.OpenCandy

C:\Program Files\Windows Searchqu Toolbar =>Adware.Bandoo

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 06/04/2011 5329408 | (Application Policy Service) . (...) - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Application Policy Service\svchost.exe

SR - | Auto 29/05/2007 192104 | (ccEvtMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

SR - | Auto 29/05/2007 169576 | (ccSetMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

SR - | Auto 07/10/2007 31160 | (DefWatch) . (.Symantec Corporation.) - C:\Program Files\Symantec AntiVirus\DefWatch.exe

SS - | Demand 02/03/2006 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SR - | Auto 19/01/2010 858384 | (EvtEng) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

SS - | Auto 08/12/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 08/12/2010 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 18/11/2009 38248 | (IBMPMSVC) . (.Lenovo..) - C:\WINDOWS\system32\ibmpmsvc.exe

SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

SS - | Demand 28/08/2007 2999664 | (LiveUpdate) . (.Symantec Corporation.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe

SR - | Auto 09/12/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

SS - | Disabled 09/12/2009 0 | C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc2B.tmp (mchInjDrv) . (...) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc2B.tmp

SR - | Auto 01/12/2005 57393 | (Multi-user Cleanup Service) . (.IBM Corp.) - C:\Program Files\lotus\notes\ntmulti.exe

SR - | Auto 19/01/2010 473360 | (RegSrvc) . (.Intel® Corporation.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe

SR - | Auto 19/01/2010 954368 | (S24EventMonitor) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe

SR - | Auto 07/10/2007 116664 | (SavRoam) . (.symantec.) - C:\Program Files\Symantec AntiVirus\SavRoam.exe

SS - | Demand 12/02/2008 353792 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

SS - | Demand 27/08/2007 214408 | (SNDSrvc) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

SR - | Auto 26/07/2007 1181016 | (SPBBCSvc) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

SR - | Auto 07/10/2007 1822648 | (Symantec AntiVirus) . (.Symantec Corporation.) - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

SR - | Auto 09/12/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Administrateur at 09/04/2011 15:36:55

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys

C:\WINDOWS\system32\drivers\iaStor.sys Intel Corporation Intel Rapid Storage Technology

1 ntkrnlpa!IofCallDriver[0x804EF1A0] -> \Device\Harddisk0\DR0[0x89CBCAB8]

3 CLASSPNP[0xB98E905B] -> ntkrnlpa!IofCallDriver[0x804EF1A0] -> \Device\00000075[0x89CC49A8]

5 ACPI[0xB977E620] -> ntkrnlpa!IofCallDriver[0x804EF1A0] -> \Device\Ide\IAAStorageDevice-1[0x89CE0028]

kernel: MBR read successfully

user & kernel MBR OK

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13,

Run by Administrateur at 09/04/2011 15:36:57

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

********* Dump File Header *********

Windows Version: Windows XP Professional

Windows Information: Service Pack 2 (build 2600)

Logical Drives Mask: 0x0000001c

********* Dump File Analysis *********

Windows XP MBR code detected

End of the scan (1091 lines in 01mn 15s)(0)

Quelqu'un peut-il m'aider ?

Merci

lance_yien · le 11 avril 2011

Bonjour PIPLAPAL,

Très Important!

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

>>> Que faire à la réception de nouvelles instructions,

Lire la totalité du message.
TOUS LES UTILITAIRES doivent être lancés depuis le Bureau (sauf indication spécifique). Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout et OK.

Il y a beaucoup à faire sur cette machine.

--

>>> Programmes P2P: Avant d'aller plus loin, lire attentivement Le danger des P2P et prendre la sage résolution de désinstaller "emule" et "Vuze" ainsi que tout autre programme de ce type.

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

Malware Bytes Anti-Malware depuis ici.
Security Check (par screen317) depuis ici ou ici.

>>> Utiliser Malwarebytes' Anti-Malware: Fermer tout et double-cliquer sur mbam-setup.exe (pour Vista/ Windows7, cliquer-droit dessus => "Exécuter en tant qu'Administrateur"). Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

Patienter jusqu'à la fin (affichage du message ci-dessous)

Cliquer sur OK, pour fermer ce message.

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

Rapports demandés:

Malwarebytes Anti-Malware log
checkup.txt

Connexion

Pas encore inscrit ?

mon pc est infecté aussi

Messages recommandés

PIPLAPAL

lance_yien

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer