problème mise à jour KB2446704 [résolu]

[CHOUMJC]

Rapport de ZHPDiag v1.27.1902 par Nicolas Coolman, Update du 16/04/2011

Run by Compaq_Propriétaire at 19/04/2011 22:51:27

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v10.0.648.205 (Defaut)

 

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511.3 MB (4% free)

System Restore: Activé (Enable)

System drive C: has 166 GB (72%) free of 229 GB

 

---\\ Logged in mode

Computer Name: NOM-EB85C523610

User Name: Compaq_Propriétaire

All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HelpAssistant, Compaq_Propriétaire, ASPNET, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Documents and Settings\Compaq_Propriétaire\Application Data

%LocalAppData%=C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data

%StartMenu%=C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 166 Go of 229 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 800 Go of 932 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)

F:\ CD-ROM drive (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]

[MD5.77C66BD5CED4E555919A5FB713322CDD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.23/02/2011 00:05:48.) -- C:\WINDOWS\system32\wininet.dll [916480]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

 

 

 

---\\ Processus lancés

[MD5.8F1BA35B4238610B3F2CB31637E59C2F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696]

[MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592]

[MD5.7207DB389CEAD101251883511A676F91] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [135336]

[MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480]

[MD5.D87ACAED61E417BBA546CED5E7E36D9C] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632]

[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968]

[MD5.D3F9205CC4CB07553F2F9472C767EA87] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.Exe [233472]

[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.6E5DAC168D1FF9843E84A59D51D31107] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [61440]

[MD5.825DDD8DDD89EDE56B52C71CE8BB4E73] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamSvc.exe [187184]

[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [503080]

[MD5.7198BBFBE46C0070257278C536386687] - (.Secunia - Secunia PSI Agent.) -- C:\Program Files\Secunia\PSI\PSIA.exe [993848]

[MD5.D2FCA567F9BE87E29B9A9FA32FFE79CA] - (.Secunia - Secunia Update Agent.) -- C:\Program Files\Secunia\PSI\sua.exe [399416]

[MD5.8B3D67651581347878CD7D8FBF016A64] - (.Hewlett-Packard Company - PS2 EXE.) -- C:\WINDOWS\system32\ps2.exe [98304]

[MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968]

[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]

[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480]

[MD5.D179E1DE532C903AB1D57A4E81342F40] - (.Secunia - Secunia PSI Tray.) -- C:\Program Files\Secunia\PSI\psi_tray.exe [291896]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]

[MD5.1BB21F4C2573A13B9A7E1FC7A4215109] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [1004088]

[MD5.0521F19114CA0ABB8AF7523B83B87F85] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [643584]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll (.not file.)

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G1 - GCS: Preference [user Data\Default] None

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-715473848-753477010-3518425902-1007\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19048 (longhorn_ie8_gdr.110221-1700)) -- C:\WINDOWS\system32\ieframe.dll

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Clé orpheline

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Recguard] . (.Pas de propriétaire - Recguard Application.) -- C:\WINDOWS\SMINST\RECGUARD.exe

O4 - HKLM\..\Run: [PS2] . (.Hewlett-Packard Company - PS2 EXE.) -- C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [ATICustomerCare] . (.Advanced Micro Devices, Inc. - ATI Customer Care.) -- C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-715473848-753477010-3518425902-1007\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Secunia PSI Tray.lnk . (.Secunia.) -- C:\Program Files\Secunia\PSI\psi_tray.exe

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Bridge CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Device Central CS5.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Adobe Device Central CS5\DeviceCentral.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ExtendScript Toolkit CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Extension Manager CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Help.lnk . (...) -- C:\Program Files\Adobe\Adobe Help\Adobe Help.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS5.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA0000000001}\SC_Reader.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\My PC Essentials.lnk . (...) -- C:\hp\VINETLINK\VINETLINK.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Secunia PSI.lnk . (.Secunia.) -- C:\Program Files\Secunia\PSI\psi.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe

O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~4\Office12\EXCEL.exe

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~4\Office12\REFBARH.ICO

O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- C:\PROGRA~1\MICROS~4\Office12\REFBARH.ICO

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~4\Office12\REFBARH.ICO

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

 

 

 

---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)

O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} () - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} () - http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{578F00A0-4168-4CE2-AF17-774BC75AE62F}: NameServer = 8.8.8.8,8.8.8.84

O17 - HKLM\System\CCS\Services\Tcpip\..\{9B699B6D-A20A-431B-8E50-617316BB9B12}: NameServer = 8.8.8.8,8.8.8.84

O17 - HKLM\System\CS1\Services\Tcpip\..\{578F00A0-4168-4CE2-AF17-774BC75AE62F}: NameServer = 8.8.8.8,8.8.8.84

O17 - HKLM\System\CS1\Services\Tcpip\..\{9B699B6D-A20A-431B-8E50-617316BB9B12}: NameServer = 8.8.8.8,8.8.8.84

O17 - HKLM\System\CS2\Services\Tcpip\..\{578F00A0-4168-4CE2-AF17-774BC75AE62F}: NameServer = 8.8.8.8,8.8.8.84

O17 - HKLM\System\CS2\Services\Tcpip\..\{9B699B6D-A20A-431B-8E50-617316BB9B12}: NameServer = 8.8.8.8,8.8.8.84

O17 - HKLM\System\CCS\Services\Tcpip\..\{578F00A0-4168-4CE2-AF17-774BC75AE62F}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{578F00A0-4168-4CE2-AF17-774BC75AE62F}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{578F00A0-4168-4CE2-AF17-774BC75AE62F}: DhcpNameServer = 10.0.0.138

O17 - HKLM\System\CS3\Services\Tcpip\..\{578F00A0-4168-4CE2-AF17-774BC75AE62F}: DhcpDomain = lan

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\Windows\System32\Ati2evxx.dll

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\WINDOWS\system32\FsUsbExService.exe

O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: (Secunia PSI Agent) . (.Secunia - Secunia PSI Agent.) - C:\Program Files\Secunia\PSI\PSIA.exe

O23 - Service: (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - C:\Program Files\Secunia\PSI\sua.exe

O23 - Service: (ServiceLayer) . (.Nokia. - ServiceLayer Module.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: (SwitchBoard) . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-NOM-EB85C523610-Compaq_Propriétaire.job

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\vsdatant.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM] -- {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}

O42 - Logiciel: ATI Control Panel - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}

O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {AFF7E080-1974-45BF-9310-10DE1A1F5ED0}

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}

O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}

O42 - Logiciel: Agere Systems PCI Soft Modem - (.Pas de propriétaire.) [HKLM] -- Agere Systems Soft Modem

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: D-Jix Media - (.D-Jix.) [HKLM] -- {6A6F157F-BAEE-4206-ACCA-10A29F3030B6}

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: EPSON SX210 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX210 Series

O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner

O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Help and Support Additions - (.Pas de propriétaire.) [HKLM] -- Help and Support Additions

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}

O42 - Logiciel: KBD - (.Pas de propriétaire.) [HKLM] -- KBD

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MSXML 6.0 Parser (KB933579) - (.Microsoft Corporation.) [HKLM] -- {0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft LifeCam - (.Microsoft.) [HKLM] -- {6F5D254A-5869-4B94-BF55-D68938FD1CC6}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}

O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}

O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57}

O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}

O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}

O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}

O42 - Logiciel: Nero BurnLite 10 - (.Nero AG.) [HKLM] -- {842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}

O42 - Logiciel: Nero BurnLite 10 - (.Nero AG.) [HKLM] -- {AB627AF2-9C7E-4DBD-816B-3B2646B81E89}

O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM] -- {6DFB899F-17A2-48F0-A533-ED8D6866CF38}

O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM] -- {523B2B1B-D8DB-4B41-90FF-C4D799E2758A}

O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM] -- {2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}

O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}

O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}

O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}

O42 - Logiciel: PS2 - (.Pas de propriétaire.) [HKLM] -- PS2

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F

O42 - Logiciel: Python 2.2 pywin32 extensions (build 203) - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.2

O42 - Logiciel: Python 2.2.3 - (.PythonLabs at Zope Corporation.) [HKLM] -- Python 2.2.3

O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device

O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem

O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0

O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem

O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device

O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device

O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver

O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}

O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}

O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}

O42 - Logiciel: Secunia PSI (2.0.0.3001) - (.Pas de propriétaire.) [HKLM] -- Secunia PSI

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CEF209AB-F96D-404F-B5CC-44057C057CA3}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2464594) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E6B7C11E-21E9-4BA0-9677-29AD603B953C}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: The Lord of the Rings FREE Trial - (.ATI Technologies Inc..) [HKLM] -- {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{EE6BBE8B-DCC9-4A46-BF00-455F3C8ECE69}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2522999) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CC8A81F7-5A36-4DE9-ABB3-5499132062C5}

O42 - Logiciel: VLC media player 1.1.8 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Virtual DJ Pro Full - Atomix Productions - (.Pas de propriétaire.) [HKLM] -- Virtual DJ Pro Full - Atomix Productions

O42 - Logiciel: WinRAR 4.00 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Ze Converter V 1.1 - (.zeconverter.com.) [HKLM] -- Ze Converter_is1

O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm

O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ABBYY]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\AppDataLow\ISWVolatile]

[HKCU\Software\AppDataLow]

[HKCU\Software\Avira]

[HKCU\Software\Caphyon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\D-Jix]

[HKCU\Software\DT Soft]

[HKCU\Software\DiskSoftware]

[HKCU\Software\EPSON]

[HKCU\Software\FileHippo.com]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavalys]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Mobileleader]

[HKCU\Software\Monitored]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Native Instruments]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\SampleView]

[HKCU\Software\Samsung]

[HKCU\Software\Secunia]

[HKCU\Software\VirtualDJ]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Zone Labs]

[HKCU\Software\settings]

[HKLM\Software\ABBYY]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\Agere]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Aureal]

[HKLM\Software\Avance]

[HKLM\Software\Avira]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CheckPoint]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\DT Soft]

[HKLM\Software\DiskSoftware]

[HKLM\Software\EPSON]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\LightScribe]

[HKLM\Software\MCCI]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MarkAny]

[HKLM\Software\Motive]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Native Instruments]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\OldTimer Tools]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PCSuite]

[HKLM\Software\Panda Software]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\Python]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Samsung]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secunia]

[HKLM\Software\SymNRT]

[HKLM\Software\Symantec]

[HKLM\Software\TrendMicro]

[HKLM\Software\VideoLAN]

[HKLM\Software\VirtualDJ]

[HKLM\Software\Wilson WindowWare]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Zone Labs]

[HKLM\Software\ahead]

[HKLM\Software\webtogo]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 14/01/2011 - 11:44:08 - [124489025] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint

O43 - CFD: 08/04/2011 - 19:08:18 - [1019711531] ----D- C:\Program Files\Adobe

O43 - CFD: 29/03/2011 - 01:04:40 - [17870934] ----D- C:\Program Files\ATI

O43 - CFD: 11/01/2011 - 18:26:56 - [16168506] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 29/03/2011 - 10:56:04 - [116981700] ----D- C:\Program Files\Avira

O43 - CFD: 11/01/2011 - 12:38:04 - [146441] ----D- C:\Program Files\CheckPoint

O43 - CFD: 24/01/2011 - 15:22:16 - [93872609] ----D- C:\Program Files\D-Jix

O43 - CFD: 26/01/2011 - 17:02:16 - [17040104] ----D- C:\Program Files\DAEMON Tools Lite

O43 - CFD: 24/01/2011 - 13:12:46 - [795104] ----D- C:\Program Files\DIFX

O43 - CFD: 11/01/2011 - 10:48:34 - [2874214] ----D- C:\Program Files\Easy Internet signup

O43 - CFD: 11/01/2011 - 11:28:28 - [6287446] ----D- C:\Program Files\epson

O43 - CFD: 15/04/2011 - 08:13:02 - [746009842] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 28/03/2011 - 23:50:40 - [381086] ----D- C:\Program Files\FileHippo.com

O43 - CFD: 11/01/2011 - 18:27:42 - [5428745] ----D- C:\Program Files\Help and Support Additions

O43 - CFD: 28/03/2011 - 23:35:06 - [24207701] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 15/04/2011 - 08:30:48 - [4687864] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 28/03/2011 - 23:35:28 - [6612949] ----D- C:\Program Files\InterVideo

O43 - CFD: 22/02/2011 - 11:42:16 - [90669471] ----D- C:\Program Files\Java

O43 - CFD: 16/04/2011 - 10:32:22 - [4922016] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 24/01/2011 - 13:07:10 - [221184] ----D- C:\Program Files\MarkAny

O43 - CFD: 13/01/2011 - 19:46:04 - [2152579] ----D- C:\Program Files\Messenger

O43 - CFD: 11/01/2011 - 12:24:12 - [226432] ----D- C:\Program Files\Microsoft

O43 - CFD: 12/01/2011 - 09:37:32 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 11/01/2011 - 18:29:02 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 28/03/2011 - 08:42:06 - [46154153] ----D- C:\Program Files\Microsoft LifeCam

O43 - CFD: 11/01/2011 - 13:57:04 - [563436825] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 15/02/2011 - 11:13:02 - [38371963] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 11/01/2011 - 13:56:58 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 25/03/2011 - 07:39:30 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 13/01/2011 - 17:03:50 - [3726168] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 11/01/2011 - 13:55:48 - [8152064] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 14/01/2011 - 19:30:26 - [10374874] ----D- C:\Program Files\Movie Maker

O43 - CFD: 13/01/2011 - 18:42:22 - [26521] ----D- C:\Program Files\MSBuild

O43 - CFD: 11/01/2011 - 18:29:04 - [19278399] ----D- C:\Program Files\MSN

O43 - CFD: 11/01/2011 - 18:29:08 - [8745735] ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 13/01/2011 - 18:31:42 - [6849] ----D- C:\Program Files\MSXML 6.0

O43 - CFD: 29/03/2011 - 01:21:32 - [74606163] ----D- C:\Program Files\Nero

O43 - CFD: 13/01/2011 - 19:30:26 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 11/01/2011 - 22:43:00 - [782336] ----D- C:\Program Files\OpenAL

O43 - CFD: 14/01/2011 - 19:14:14 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 25/03/2011 - 09:11:46 - [0] ----D- C:\Program Files\Panda Security

O43 - CFD: 24/01/2011 - 13:12:28 - [9771964] ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD: 28/03/2011 - 23:16:58 - [804366] ----D- C:\Program Files\QuickTime

O43 - CFD: 13/01/2011 - 18:42:08 - [36400897] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 24/01/2011 - 13:13:00 - [199782056] ----D- C:\Program Files\Samsung

O43 - CFD: 28/03/2011 - 22:51:38 - [8388609] ----D- C:\Program Files\Secunia

O43 - CFD: 11/01/2011 - 18:29:42 - [73925682] ----D- C:\Program Files\Services en ligne

O43 - CFD: 05/04/2011 - 12:26:14 - [62586426] ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD: 11/01/2011 - 18:30:06 - [0] ----D- C:\Program Files\Uninstall Information

O43 - CFD: 14/01/2011 - 17:57:14 - [87927109] ----D- C:\Program Files\VideoLAN

O43 - CFD: 27/02/2011 - 18:29:00 - [29549513] ----D- C:\Program Files\VirtualDJ

O43 - CFD: 11/01/2011 - 12:30:38 - [61856425] ----D- C:\Program Files\Windows Live

O43 - CFD: 11/01/2011 - 12:23:26 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 24/01/2011 - 23:21:24 - [3581070] ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD: 25/03/2011 - 07:39:30 - [8621274] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 13/01/2011 - 19:30:20 - [3942655] ----D- C:\Program Files\Windows NT

O43 - CFD: 29/03/2011 - 00:42:44 - [3909277] ----D- C:\Program Files\WinRAR

O43 - CFD: 31/03/2011 - 13:27:28 - [0] ----D- C:\Program Files\Xenocode

O43 - CFD: 11/01/2011 - 18:30:08 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 11/04/2011 - 21:22:30 - [20726256] ----D- C:\Program Files\Ze Converter

O43 - CFD: 19/04/2011 - 22:51:52 - [3844830] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 11/01/2011 - 11:58:32 - [21742386] ----D- C:\Program Files\Zone Labs

O43 - CFD: 07/04/2011 - 21:30:18 - [327874605] ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 08/04/2011 - 18:50:06 - [31116170] ----D- C:\Program Files\Fichiers Communs\Adobe AIR

O43 - CFD: 29/03/2011 - 01:34:10 - [5997568] ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD: 11/01/2011 - 13:56:58 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD: 11/01/2011 - 18:27:18 - [8467340] ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 22/02/2011 - 11:43:30 - [23728325] ----D- C:\Program Files\Fichiers Communs\Java

O43 - CFD: 11/01/2011 - 12:42:32 - [7023722] ----D- C:\Program Files\Fichiers Communs\LightScribe

O43 - CFD: 13/01/2011 - 17:06:00 - [221573529] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 11/01/2011 - 18:27:24 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 27/02/2011 - 18:18:32 - [524800] ----D- C:\Program Files\Fichiers Communs\Native Instruments

O43 - CFD: 29/03/2011 - 01:19:56 - [9193179] ----D- C:\Program Files\Fichiers Communs\Nero

O43 - CFD: 15/04/2011 - 08:13:02 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 11/01/2011 - 18:27:40 - [8106] ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 11/01/2011 - 18:27:24 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 13/01/2011 - 19:30:14 - [41360184] ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 11/01/2011 - 11:58:08 - [64977949] ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 08/04/2011 - 18:20:06 - [18143548] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Adobe

O43 - CFD: 08/04/2011 - 18:21:42 - [54] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Adobe Mini Bridge CS5

O43 - CFD: 10/03/2011 - 11:47:18 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\AdobeUM

O43 - CFD: 16/01/2011 - 15:49:22 - [211654] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Ahead

O43 - CFD: 11/01/2011 - 18:26:52 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Apple Computer

O43 - CFD: 11/01/2011 - 10:54:12 - [296] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\AVG10

O43 - CFD: 29/03/2011 - 11:03:14 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Avira

O43 - CFD: 08/04/2011 - 18:36:34 - [13050] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O43 - CFD: 11/01/2011 - 12:40:22 - [25237] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\CheckPoint

O43 - CFD: 24/01/2011 - 15:18:28 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\D-Jix

O43 - CFD: 24/01/2011 - 20:06:18 - [1680613] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\D-Jix Media

O43 - CFD: 26/01/2011 - 19:09:36 - [1908] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools Lite

O43 - CFD: 05/02/2011 - 12:36:34 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\EPSON

O43 - CFD: 14/03/2011 - 08:46:36 - [786594] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\GlarySoft

O43 - CFD: 07/04/2011 - 18:31:38 - [45] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Identities

O43 - CFD: 11/01/2011 - 11:19:12 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\InstallShield

O43 - CFD: 25/03/2011 - 07:46:38 - [62900] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia

O43 - CFD: 10/02/2011 - 18:28:12 - [7374] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes

O43 - CFD: 16/04/2011 - 13:10:06 - [6919593] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft

O43 - CFD: 29/03/2011 - 07:36:22 - [57015] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Nero

O43 - CFD: 24/01/2011 - 15:19:06 - [354] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\PC Suite

O43 - CFD: 11/01/2011 - 18:26:52 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\SampleView

O43 - CFD: 24/01/2011 - 13:08:34 - [133233075] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Samsung

O43 - CFD: 22/03/2011 - 01:04:52 - [27] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\SoundSpectrum

O43 - CFD: 08/04/2011 - 18:21:42 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

O43 - CFD: 11/01/2011 - 18:26:52 - [34322314] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun

O43 - CFD: 08/04/2011 - 15:39:16 - [1183427] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc

O43 - CFD: 26/01/2011 - 19:17:30 - [12] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\WinRAR

O43 - CFD: 11/04/2011 - 21:24:00 - [485184] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\ZeConverter

O43 - CFD: 08/04/2011 - 18:40:42 - [14839455] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Adobe

O43 - CFD: 13/01/2011 - 16:38:32 - [15356185] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Ahead

O43 - CFD: 11/01/2011 - 18:26:52 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Apple Computer

O43 - CFD: 14/01/2011 - 19:33:20 - [7601] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\ApplicationHistory

O43 - CFD: 24/01/2011 - 14:46:52 - [190101616] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Downloaded Installations

O43 - CFD: 11/01/2011 - 11:37:08 - [858113274] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google

O43 - CFD: 16/04/2011 - 17:52:42 - [747859326] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft

O43 - CFD: 11/01/2011 - 13:51:12 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft Help

O43 - CFD: 28/03/2011 - 22:53:26 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Secunia PSI

O43 - CFD: 03/02/2011 - 10:10:02 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\SoundSpectrum

O43 - CFD: 15/04/2011 - 19:41:10 - [262712] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Temp

O43 - CFD: 20/03/2011 - 19:03:14 - [10752] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\WMTools Downloaded Files

O43 - CFD: 23/01/2011 - 21:47:48 - [2135339] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Xenocode

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.64EF1200F915817C00FCFD7F38F01200] - 19/04/2011 - 21:49:56 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1907227]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/04/2011 - 21:49:21 ---A- . (...) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.64EF1200F915817C00FCFD7F38F01200] - 19/04/2011 - 21:48:10 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.64EF1200F915817C00FCFD7F38F01200] - 19/04/2011 - 21:48:09 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 19/04/2011 - 21:47:28 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.DE964EDA4C8E71CC460D8F128D2EA23A] - 19/04/2011 - 21:44:43 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [756750]

O44 - LFC:[MD5.64EF1200F915817C00FCFD7F38F01200] - 19/04/2011 - 21:43:07 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32510]

O44 - LFC:[MD5.64000F1586DF73EE5D10C78FA35EF015] - 17/04/2011 - 18:05:46 ---A- . (...) -- C:\WINDOWS\wmsetup.log [105082]

O44 - LFC:[MD5.B9FA584D56FD610DEDFB23F445E320A0] - 16/04/2011 - 21:01:15 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158]

O44 - LFC:[MD5.1635C6184FFB38678F9F0BB58EFE0516] - 16/04/2011 - 18:02:38 ---A- . (...) -- C:\WINDOWS\wmsetup10.log [1207]

O44 - LFC:[MD5.3122CE169A947EF0570D7ABBA4FBE445] - 16/04/2011 - 16:47:24 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 16/04/2011 - 09:32:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 16/04/2011 - 09:31:57 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.D617F5EF572E97FE8491965FE4D14A90] - 15/04/2011 - 15:06:27 ---A- . (...) -- C:\WINDOWS\setupapi.log [678552]

O44 - LFC:[MD5.72EDC52A765C0785AB8F0D6BF7096EED] - 15/04/2011 - 07:39:45 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [3570024]

O44 - LFC:[MD5.C02091FD4C5B35E13FBF0F9F392C1BBA] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1446459]

O44 - LFC:[MD5.D0808915AD8250841A15B3E30EB186A4] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\KB2485663.log [14491]

O44 - LFC:[MD5.31DE24B592EA70EBEE5A0E1A1582FF44] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\comsetup.log [365641]

O44 - LFC:[MD5.EA322A7924B1B2DF5A21AD12F320C06E] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\iis6.log [220082]

O44 - LFC:[MD5.79CCEFD3FC7B55AB11FDD8C63B659861] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]

O44 - LFC:[MD5.87F67636FC83C954E44D3B733A3E9F17] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\msgsocm.log [72127]

O44 - LFC:[MD5.A1D5EB89DAE1CA71797403381F57FEA7] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [224914]

O44 - LFC:[MD5.6C5FF56AE12B57EF9568A1944284BA67] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\ocgen.log [728068]

O44 - LFC:[MD5.9D8969A44C60371C95295C9EEE439FA2] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\ocmsn.log [60217]

O44 - LFC:[MD5.43B3266D64C1E0FAE101D5EE632926E5] - 15/04/2011 - 07:32:40 ---A- . (...) -- C:\WINDOWS\tsoc.log [554885]

O44 - LFC:[MD5.076EE9B7EAA5DC93510166A70A82DD9E] - 15/04/2011 - 07:32:30 ---A- . (...) -- C:\WINDOWS\KB2506223.log [20318]

O44 - LFC:[MD5.CCA05CB1C546E3D35665A5D646622883] - 15/04/2011 - 07:32:30 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]

O44 - LFC:[MD5.1B6806D489EA7E760A6DE6AECCD64360] - 15/04/2011 - 07:31:03 ---A- . (...) -- C:\WINDOWS\KB2497640-IE8.log [18526]

O44 - LFC:[MD5.15A3E8F0A15B30EF17EDFC1EB4352DFF] - 15/04/2011 - 07:30:44 ---A- . (...) -- C:\WINDOWS\updspapi.log [212731]

O44 - LFC:[MD5.E3A37F45C7F14659A0A007AA446741B4] - 15/04/2011 - 07:30:00 ---A- . (...) -- C:\WINDOWS\KB2412687.log [7866]

O44 - LFC:[MD5.13BDD7A24EF948D7BDB66173DDDB8582] - 15/04/2011 - 07:28:17 ---A- . (...) -- C:\WINDOWS\KB2508272.log [9936]

O44 - LFC:[MD5.A5D6BAAD2C02835E6FFA19438026955A] - 15/04/2011 - 07:27:52 ---A- . (...) -- C:\WINDOWS\KB2503658.log [14771]

O44 - LFC:[MD5.9BB37770F81CC587724AC57E53D070CE] - 15/04/2011 - 07:25:47 ---A- . (...) -- C:\WINDOWS\KB2507618.log [14776]

O44 - LFC:[MD5.0E49079E8611158851AAC2756EE69324] - 15/04/2011 - 07:25:26 ---A- . (...) -- C:\WINDOWS\KB2508429.log [14577]

O44 - LFC:[MD5.50C1828FF9C1D17BE2878B7F90D71FC5] - 15/04/2011 - 07:25:09 ---A- . (...) -- C:\WINDOWS\KB2511455.log [9570]

O44 - LFC:[MD5.888B3F5C81CA2E31F3FDEF8C34D362E6] - 15/04/2011 - 07:22:45 ---A- . (...) -- C:\WINDOWS\KB2506212.log [13723]

O44 - LFC:[MD5.262BBD50D23ADE89FE85913590D59B3A] - 15/04/2011 - 07:15:48 ---A- . (...) -- C:\WINDOWS\KB2509553.log [14579]

O44 - LFC:[MD5.8AABC82F7C63B92BFE16775E645428BE] - 15/04/2011 - 07:15:31 ---A- . (...) -- C:\WINDOWS\KB2510531-IE8.log [9067]

O44 - LFC:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 31/03/2011 - 12:20:19 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\System32\drivers\avipbb.sys [137656]

O44 - LFC:[MD5.A38EFE4D63E251AD8FFE851B41C241FA] - 01/04/2011 - 05:46:49 ---A- . (...) -- C:\WINDOWS\setupact.log [221063]

O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 29/03/2011 - 09:56:05 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [28520]

O44 - LFC:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 29/03/2011 - 09:56:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [22360]

O44 - LFC:[MD5.5B44C214F9CD9F590BE9125347610380] - 29/03/2011 - 09:56:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\System32\drivers\avgntdd.sys [45416]

O44 - LFC:[MD5.47B879406246FFDCED59E18D331A0E7D] - 29/03/2011 - 09:56:03 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgntflt.sys [61960]

O44 - LFC:[MD5.328C4CADDD7578C5F402F77256CA1899] - 29/03/2011 - 00:00:41 ---A- . (...) -- C:\WINDOWS\KB942288-v3.log [8661]

O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 28/03/2011 - 23:06:39 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116]

O44 - LFC:[MD5.E1034D757709F37F2D1EBD96D5EAD02B] - 28/03/2011 - 22:15:16 ---A- . (...) -- C:\WINDOWS\QTFont.for [1409]

O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 28/03/2011 - 22:15:16 --HA- . (...) -- C:\WINDOWS\QTFont.qfn [54156]

O44 - LFC:[MD5.6AAD537F7F27FDAF45CBFE5B563A5890] - 28/03/2011 - 21:47:51 ---A- . (...) -- C:\WINDOWS\KB892130.log [7902]

O44 - LFC:[MD5.42334C560B1895CFE898C7A839B82E8D] - 28/03/2011 - 21:47:51 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [135638]

O44 - LFC:[MD5.3122CE169A947EF0570D7ABBA4FBE445] - 28/03/2011 - 13:43:01 ---A- . (...) -- C:\PhysicalMBR.bin [512]

O44 - LFC:[MD5.595F35EE22DFF82BFD7EED71B3F92101] - 28/03/2011 - 05:07:16 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [86514]

O44 - LFC:[MD5.CFA0CA04FF12EE5D85B9ADF366866A97] - 28/03/2011 - 05:07:16 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [445506]

O44 - LFC:[MD5.032F75F01ADE5B3F9054D999D915294A] - 28/03/2011 - 05:07:16 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [515048]

O44 - LFC:[MD5.2AC25D19936A4B81A3261FBEC7996874] - 28/03/2011 - 05:07:15 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1133824]

O44 - LFC:[MD5.C7576B21C39D8D0644DACDF8A6727DB9] - 28/03/2011 - 05:07:15 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [72712]

O44 - LFC:[MD5.CEFCEEBA74FDB34E354ED2E86E510CC6] - 26/03/2011 - 12:30:59 ---A- . (...) -- C:\img2-001.raw [921624]

O44 - LFC:[MD5.837B0807A5C72F0F81023A4E01134D46] - 24/03/2011 - 06:50:26 ---A- . (...) -- C:\WINDOWS\KB2524375.log [6159]

O44 - LFC:[MD5.49C72E0498CAAAEDBE1FA1A012F16124] - 22/03/2011 - 06:51:57 ---A- . (...) -- C:\WINDOWS\win.ini [612]

 

 

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

 

 

 

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%ProgramFiles%\iTunes\iTunes.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\iTunes.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

 

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc." . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\ATIPTA [Key] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O53 - SMSR:HKLM\...\startupreg\EPSON SX210 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.exe

O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

O53 - SMSR:HKLM\...\startupreg\hpsysdrv [Key] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\windows\system\hpsysdrv.exe

O53 - SMSR:HKLM\...\startupreg\KBD [Key] . (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.exe

O53 - SMSR:HKLM\...\startupreg\LifeCam [Key] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe

O53 - SMSR:HKLM\...\startupreg\LSBWatcher [Key] . (.Hewlett-Packard Company - LightScribe Burn Watcher.) -- c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O53 - SMSR:HKLM\...\startupreg\Raccourci vers la page des propriétés de High Definition Audio [Key] . (.Windows ® Server 2003 DDK provider - High Definition Audio Property Page Shortcu.) -- C:\Windows\System32\HDAudPropShortcut.exe

O53 - SMSR:HKLM\...\startupreg\VX1000 [Key] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\WINDOWS\vVX1000.exe

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.593AEFC67283D409F34CC1245D00A509] - 29/06/2004 - 18:07:18 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\WINDOWS\system32\drivers\AGRSM.sys [1268204]

O58 - SDL:[MD5.F43601D255762F20D0E23A6D97062B0D] - 04/11/2004 - 05:40:04 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [821248]

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 17/06/2010 - 13:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416]

O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 04/02/2011 - 11:09:08 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [61960]

O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 17/06/2010 - 13:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360]

O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 31/03/2011 - 12:20:19 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [137656]

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 19:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]

O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/04/2008 - 17:36:05 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]

O58 - SDL:[MD5.160B24FD894E79E71C983EA403A6E6E7] - 17/03/2004 - 16:10:40 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Function Driver v1.0.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [113664]

O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 04/08/2004 - 07:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452]

O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 17:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952]

O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]

O58 - SDL:[MD5.07C02C892E8E1A72D6BF35004F0E9C5E] - 19/11/2005 - 02:13:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\PCASp50.sys [20096]

O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 17/09/2007 - 15:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [21632]

O58 - SDL:[MD5.9B793A1FFD480155FE9EE5261153F21B] - 29/07/2002 - 22:43:50 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [23808]

O58 - SDL:[MD5.D24DFD16A1E2A76034DF5AA18125C35D] - 01/09/2010 - 09:30:58 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\WINDOWS\system32\drivers\psi_mf.sys [15544]

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]

O58 - SDL:[MD5.30CBAE0A34359F1CD19D1576245149ED] - 11/01/2011 - 08:49:36 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [20576]

O58 - SDL:[MD5.2EF9C0DC26B30B2318B1FC3FAA1F0AE7] - 04/10/2002 - 18:04:10 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139/810x Family NDIS 5.1 Drv.) -- C:\WINDOWS\system32\drivers\R8139n51.sys [46976]

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]

O58 - SDL:[MD5.93903DDD430DB2FC61CBEEB2BE651E9F] - 23/02/2005 - 00:18:52 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [2522560]

O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 04/08/2004 - 05:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.4C0D673281178CB496011A2E28571FC8] - 10/08/2005 - 13:44:04 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\system32\drivers\sfdrv01.sys [50688]

O58 - SDL:[MD5.15BE2B5E4DC5B8623CF167720682ABC9] - 16/05/2005 - 14:20:39 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\drivers\sfhlp02.sys [6656]

O58 - SDL:[MD5.EFEBBC1D13FDB77A6AF4EDDFC7232EDF] - 10/08/2005 - 15:06:28 ---A- . (.Protection Technology - StarForce Protection Synchronization Driver.) -- C:\WINDOWS\system32\drivers\sfsync02.sys [19968]

O58 - SDL:[MD5.9EF50060CC7E6953BAB83F2A42CCC421] - 29/09/2005 - 18:01:51 ---A- . (.Protection Technology - StarForce Protection VFS Driver.) -- C:\WINDOWS\system32\drivers\sfvfs02.sys [66048]

O58 - SDL:[MD5.3FBB6EF8B5A71A2FA11F5F461BB73219] - 04/08/2004 - 05:31:36 ---A- . (.SiS Corporation - SiS PCI Fast Ethernet Adapter Driver.) -- C:\WINDOWS\system32\drivers\sisnic.sys [32768]

O58 - SDL:[MD5.64EF1200F915817C00FCFD7F38F01200] - 11/01/2011 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [431672]

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/06/2010 - 13:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520]

O58 - SDL:[MD5.EAA66218CD39F5BB1B4853A78C67C787] - 20/03/2009 - 10:01:26 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\WINDOWS\system32\drivers\ss_bbus.sys [90112]

O58 - SDL:[MD5.F8A771C5A63DC641772B7A3B05AF173F] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcm.sys [12160]

O58 - SDL:[MD5.F8A771C5A63DC641772B7A3B05AF173F] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcmnt.sys [12160]

O58 - SDL:[MD5.91765F99914ED8693D8BC76524F21581] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys [14976]

O58 - SDL:[MD5.840E7B738B03C10EE91D9B7D3D6EFF15] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys [121856]

O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwh.sys [12160]

O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwhnt.sys [12160]

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/01/2011 - 13:31:03 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 19:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]

O58 - SDL:[MD5.F73227E8AF8E3EF07AFF7F26B2CDD1F9] - 11/01/2011 - 08:54:34 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13282]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 31/03/2009 - 09:39:36 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608]

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 13/05/2010 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32\vsdatant.sys [532224]

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS

O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP

O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS

O64 - Services: CurCS - C:\WINDOWS\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK

O64 - Services: CurCS - C:\WINDOWS\system32\FsUsbExService.exe - FsUsbExService (FsUsbExService) .(.Teruten - FsUsbDevice.) - LEGACY_FSUSBEXSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service (LightScribeService) .(.Hewlett-Packard Company - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP

O64 - Services: CurCS - C:\Program Files\Nero\Update\NASvc.exe - @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) .(.Nero AG - NeroUpdate.) - LEGACY_NAUPDATE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\psi_mf.sys - PSI (PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP

O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Program Files\Secunia\PSI\PSIA.exe - Secunia PSI Agent (Secunia PSI Agent) .(.Secunia - Secunia PSI Agent.) - LEGACY_SECUNIA_PSI_AGENT

O64 - Services: CurCS - C:\Program Files\Secunia\PSI\sua.exe - Secunia Update Agent (Secunia Update Agent) .(.Secunia - Secunia Update Agent.) - LEGACY_SECUNIA_UPDATE_AGENT

O64 - Services: CurCS - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer (ServiceLayer) .(.Nokia. - ServiceLayer Module.) - LEGACY_SERVICELAYER

O64 - Services: CurCS - C:\Windows\System32\drivers\sfdrv01.sys - StarForce Protection Environment Driver (version 1.x) (sfdrv01) .(.Protection Technology - StarForce Protection Environment Driver.) - LEGACY_SFDRV01

O64 - Services: CurCS - C:\Windows\System32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x) (sfhlp02) .(.Protection Technology - StarForce Protection Helper Driver.) - LEGACY_SFHLP02

O64 - Services: CurCS - C:\Windows\System32\drivers\sfsync02.sys - StarForce Protection Synchronization Driver (version 2.x) (sfsync02) .(.Protection Technology - StarForce Protection Synchronization Driver.) - LEGACY_SFSYNC02

O64 - Services: CurCS - C:\Windows\System32\drivers\sfvfs02.sys - StarForce Protection VFS Driver (version 2.x) (sfvfs02) .(.Protection Technology - StarForce Protection VFS Driver.) - LEGACY_SFVFS02

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - (.not file.) - (.not file.) - MS Software Shadow Copy Provider (SwPrv) .(...) - LEGACY_SWPRV

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI

O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\System32\vsdatant.sys - vsdatant (vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT

O64 - Services: CurCS - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - TrueVector Internet Monitor (vsmon) .(.Check Point Software Technologies LTD - TrueVector Service.) - LEGACY_VSMON

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 5522 - (16/04/2011)

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 04/02/2011 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 31/03/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 04/11/2004 413696 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe

SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SR - | Auto 31/03/2009 233472 | (FsUsbExService) . (.Teruten.) - C:\WINDOWS\system32\FsUsbExService.exe

SR - | Auto 02/02/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe

SR - | Auto 19/10/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

SR - | Auto 04/05/2010 503080 | C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe

SR - | Auto 10/01/2011 993848 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\PSIA.exe

SR - | Auto 10/01/2011 399416 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\sua.exe

SS - | Demand 07/04/2008 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe

SR - | Auto 18/02/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Compaq_Propriétaire at 19/04/2011 22:55:33

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys sfsync02.sys hal.dll atapi.sys sptd.sys intelide.sys PCIIDEX.SYS

C:\WINDOWS\system32\drivers\sfsync02.sys Protection Technology StarForce Protection System

C:\WINDOWS\system32\drivers\sptd.sys

1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk1\DR1[0x82575AB8]

3 CLASSPNP[0xF86D5FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP1T1L0-17[0x82566D98]

kernel: MBR read successfully

user & kernel MBR OK

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Compaq_Propriétaire at 19/04/2011 22:55:35

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O58 - SDL:[MD5.64EF1200F915817C00FCFD7F38F01200] - 11/01/2011 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [431672]

 

 

 

End of the scan (1070 lines in 04mn 08s)(0)

[CHOUMJC]

ah en fait ça a l'air bon pour la mise à jour, enfin en ce qui concerne secunia parceque sinon windows update veux toujours me la reproposer

je vais la masquer alors si tu me dis que c bon comme ça

Modifié le 19 avril 2011 par CHOUMJC

[Apollo]

Si tu as réussi à installer ta mise à jour, normalement il y a celle-ci à faire aussi sauf si tu l'as déjà bien sûr.

 

Détails du téléchargement : Microsoft .NET Framework 4 (programme d'installation Web)

 

Perso, Microsoft Update a échoué à l'installation et j'ai dû aller par le centre de téléchargement de Microsoft pour pouvoir l'installer.

 

Une fois installée, Microsoft Update m'a proposé une mise à jour de sécurité pour Net.Framework 4.

 

@++

[Apollo]

Fais cette analyse/désinfection:

 

Désactive le teatimer de Spybot en passant par les options de Spybot: une fois dans le logiciel, il faut aller dans le menu "Mode" => coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" . Tu ne dois plus voir l'icône du Teatimer dans la barre de tâches!

Ne fais pas l'impasse sur cette étape, car ça peut faire échouer la procédure de désinfection !

 

Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

 

http://www.teamxscript.org/adremoverTelechargement.html

 

Ferme toutes les applications ouvertes pour l'installer.

 

Sous XP: Double-clique, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur Nettoyer sans passer par Scanner.

 

 

Le rapport se trouve aussi sous C:\Ad-Report Clean.

Copie/colle-le dans ta réponse stp.

 

La page d'accueil sera peut-être changée; il suffit de remettre sa page habituelle via les options internet.

 

Refais ensuite un ZHPDiag mais héberge le rapport cette fois sur ci-joint et donne-moi le lien.

 

@++

[CHOUMJC]

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 08:04:10 le 20/04/2011, Mode normal

 

Microsoft Windows XP Édition familiale Service Pack 3 (X86)

Compaq_Propriétaire@NOM-EB85C523610 ( )

 

============== ACTION(S) ==============

 

 

 

(!) -- Fichiers temporaires supprimés.

 

 

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Google Chrome Version [10.0.648.205] ****

 

 

-- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Activé: true) (?)

Preferences - homepage:

Preferences - homepage_is_newtabpage: true

 

========================================

 

**** Internet Explorer Version [8.0.6001.18702] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)

HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)

HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)

BHO\{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - "ECarteBleueBrowserHelper Class" (C:\WINDOWS\system32\BhoECart.dll)

BHO\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (?)

BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} (?)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 20/04/2011 08:05:12 (1728 Octet(s))

 

Fin à: 08:05:52, 20/04/2011

 

============== E.O.F ==============

[CHOUMJC]

Les boules, antivir a détecté un logiciel malveillant "ADWARE/GamePlayLabs.A.48", ça s'est installé avec ad remover?????

[Apollo]

Non hein un outil de désinfection ne va pas t'en coller une autre lol.

 

Ne fais pas une jaunisse pour un adware, flanque-le en quarantaine avec Antivir.

 

D'ailleurs Ad-Remover doit être désinstallé par son interface, bouton désinstaller.

 

@++

[CHOUMJC]

Je peux mettre [résolu] alors???

[Apollo]

Bonjour.

 

Si tu n'as plus de problème, oui mais Fais ces vérifications de sécurité stp:

 

Apollo Et Compagnie A vérifier de temps en temps, important!

 

+++

[CHOUMJC]

Merci beaucoup pour ton aide précieuse Apollo. Heureusement que toi et tes collègues êtes là pour dépanner les béotiens dans mon genre.