Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] PC infecté par Hotmail

speck41

Par speck41
dans Analyses et éradication malwares

 Partager

Messages recommandés

speck41 Mega Power Member

speck41

Posté(e)
Posté(e) (modifié)

Bonjour cher spécialistes, j'ai des problèmes avec mon hotmail. Il y a déja 2 ou 3 semaines que des virus sont envoyés sur la forme de liens (url) à tous les destinataires de ma liste de contacts. J'ai essayé de fermer mon compte live messenger - Hotmail et ça ne fonctionne pas. J'ai envoyé un mail a Hotmail et je n'ai pas de réponse.

J'ai essayé avec malwarebytes et il ne trouve rien.

À l'aide svp car ceux qui ont pris le contrôle de mon hotmail en envoient encore.

Merci,

Speck41

 

 

P.S.: voici un lien du post précédent que j'avais débuté dans la section sécurisation prévention:

 

http://forum.zebulon.fr/hotmail-live-messenger-a-laide-svp-t185494.html

 

Aussi un lien ci-joint pour le rapport ZHPDiag:

 

Cijoint.fr - Service gratuit de dépôt de fichiers

Modifié par speck41

speck41 Mega Power Member

speck41

Posté(e)
  • Auteur
Posté(e)

Je me demandais si ça pouvais aider.... voici un log Hijackthis

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:14:46, on 2011-05-24

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

D:\Program Files (X86)\Pure Networks\Network Magic\nmapp.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Opera\opera.exe

C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe

C:\Users\Daniel\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\Program Files (X86)\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - D:\PROGRA~1\COPERN~1\COPERN~1.DLL

R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

O1 - Hosts: 65.54.239.80 messenger.hotmail.com

O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - D:\Program Files (X86)\Copernic Agent\CopernicAgentExt.dll

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [nmapp] "D:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [blackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKCU\..\Run: [Peii] rundll32 "C:\Users\Daniel\AppData\Roaming\KBDICR.dll",Phfh

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Chercher avec Copernic Agent - res://D:\Program Files (X86)\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{C8051B18-CFF9-4043-82C7-D079B980A82E}: NameServer = 64.18.160.73,64.18.160.74

O18 - Protocol: intu-ir2010 - {A344EB2D-3A0F-48FA-A073-2E649BAEC9B3} - C:\Program Files (x86)\ImpotRapide 2010\ic2010pp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Composant de commande centrale Trend Micro (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 27025 bytes

 

---------------------------------------------------------------------------------------------------------------------------------------

 

Voila, merci

Speck41

Apollo Devil Member !

Apollo

Posté(e)
Posté(e) (modifié)

Bonjour,

 

Hosts corrompu.

 

:arrow: Télécharge HostsXpert de funkytoad et enregistre le sur ton bureau.

C'est un utilitaire qui va réinitialiser ton fichier Hosts.

 

 

  • Décompresse-le (Clic droit sur le fichier téléchargé puis Extraire tout)
     
  • Désactive l'antivirus, le temps de la manipulation.
     
     
  • Si tu es sous Vista/Seven Clique droit sur HostsXpert.exe et choisis Exécuter en tant qu'administrateur
    Si tu es sous XP, Double-clique sur HostsXpert.exe
     
  • Vérifie que le cadenas en haut à gauche de la fenêtre est bien ouvert:
     
    001image-2314.jpg
     
     
  • Si c'est le cas, clique sur le bouton Restore MS Hosts File. Un message te demandant confirmation va s'afficher. Confirme la restauration du fichier Hosts par défaut de Microsoft en cliquant sur OK puis ferme le programme.

 

Réactive ton antivirus.

 

---------------------------------------

Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

 

http://www.teamxscript.org/adremoverTelechargement.html

 

Ferme toutes les applications ouvertes pour l'installer.

 

Sous XP: Double-clique, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur scanner

 

Ad-Remover1.jpg

 

Le rapport se trouve aussi sous C:\Ad-Report Scan.

Copie/colle-le dans ta réponse stp.

 

 

----------------------------------------------------

 

Relance Ad-Remover et cette fois, clique sur Nettoyer

 

Le bureau va disparaître, c'est normal.

 

Le rapport à poster sera sur C:\Ad-Report Clean.

 

*** Poste les deux rapports stp.

 

-------------------------------------------

 

Relance Ad-Remover et clique sur Désinstaller.

 

-----------------------------

Refais un scan ZHPDiag stp et héberge le rapport.

 

@++

Modifié par Apollo
speck41 Mega Power Member

speck41

Posté(e)
  • Auteur
Posté(e)

Bonjour et merci Apollo de prendre mon cas encore une fois.

Voici les rapports demandés:

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 10:46:30 le 25/05/2011, Mode normal

 

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)

Daniel@PORTABLE-DANIEL (ASUSTeK Computer Inc. K50IJ)

 

============== RECHERCHE ==============

 

 

Dossier trouvé: C:\Users\Daniel\AppData\LocalLow\PriceGong

 

Clé trouvée: HKLM\Software\Classes\Conduit.Engine

Clé trouvée: HKLM\Software\Classes\Toolbar.CT1060933

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKCU\Software\Ask.com

Clé trouvée: HKCU\Software\Conduit

Clé trouvée: HKCU\Software\AppDataLow\Software\AskToolbar

Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong

Clé trouvée: HKCU\Software\AppDataLow\Software\Toolbar

Clé trouvée: HKLM\Software\DigitalVolcano\OpenCandy

Clé trouvée: HKLM\Software\Wow6432Node\DigitalVolcano\OpenCandy

 

 

============== SCAN ADDITIONNEL ==============

 

-- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\hdla3c4t.default --

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://asus.msn.com

HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKCU_Main|Start Page - hxxp://www.google.ca/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKCU_URLSearchHooks|{BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - "?" (D:\PROGRA~1\COPERN~1\COPERN~1.DLL)

HKCU_URLSearchHooks|{1392b8d2-5c05-419f-a8f6-b9f15a596612} (x)

HKCU_SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - "?" (?)

HKCU_Toolbar\WebBrowser|{1392B8D2-5C05-419F-A8F6-B9F15A596612} (x)

HKLM_Toolbar|{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} (D:\Program Files (X86)\Copernic Agent\CopernicAgentExt.dll)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{09B74B5E-2912-48de-9167-D80158E2A379} - C:\Program Files (x86)\CA VMN Anti-Spyware\CA_VMN_antispyware.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files (x86)\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)

HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

HKLM_Extensions\{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - "?" (?)

HKLM_Extensions\{688DC797-DC11-46A7-9F1B-445F4F58CE6E} - "Copernic Agent" (D:\Program Files (X86)\Copernic Agent\Web\IEToolbarIcon.ico)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

 

C:\Ad-Report-SCAN[1].txt - 25/05/2011 10:46:45 (3905 Octet(s))

 

Fin à: 10:48:05, 25/05/2011

 

============== E.O.F ==============

---------------------------------------------------------------------------------------------------------------------------------------------------

 

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 10:50:42 le 25/05/2011, Mode normal

 

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)

Daniel@PORTABLE-DANIEL (ASUSTeK Computer Inc. K50IJ)

 

============== ACTION(S) ==============

 

 

Dossier supprimé: C:\Users\Daniel\AppData\LocalLow\PriceGong

 

(!) -- Fichiers temporaires supprimés.

 

 

Clé supprimée: HKLM\Software\Classes\Conduit.Engine

Clé supprimée: HKLM\Software\Classes\Toolbar.CT1060933

Clé supprimée: HKLM\Software\Conduit

Clé supprimée: HKCU\Software\Ask.com

Clé supprimée: HKCU\Software\Conduit

Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar

Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong

Clé supprimée: HKCU\Software\AppDataLow\Software\Toolbar

Clé supprimée: HKLM\Software\DigitalVolcano\OpenCandy

 

 

============== SCAN ADDITIONNEL ==============

 

-- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\hdla3c4t.default --

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|{BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - "?" (D:\PROGRA~1\COPERN~1\COPERN~1.DLL)

HKCU_URLSearchHooks|{1392b8d2-5c05-419f-a8f6-b9f15a596612} (x)

HKCU_SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - "?" (?)

HKCU_Toolbar\WebBrowser|{1392B8D2-5C05-419F-A8F6-B9F15A596612} (x)

HKLM_Toolbar|{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} (D:\Program Files (X86)\Copernic Agent\CopernicAgentExt.dll)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{09B74B5E-2912-48de-9167-D80158E2A379} - C:\Program Files (x86)\CA VMN Anti-Spyware\CA_VMN_antispyware.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files (x86)\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)

HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

HKLM_Extensions\{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - "?" (?)

HKLM_Extensions\{688DC797-DC11-46A7-9F1B-445F4F58CE6E} - "Copernic Agent" (D:\Program Files (X86)\Copernic Agent\Web\IEToolbarIcon.ico)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 28 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 25/05/2011 10:50:45 (4103 Octet(s))

C:\Ad-Report-SCAN[1].txt - 25/05/2011 10:46:45 (4043 Octet(s))

 

Fin à: 10:51:58, 25/05/2011

 

============== E.O.F ==============

 

 

---------------------------------------------------------------------------------------------------------------------

 

 

Rapport de ZHPDiag v1.27.207 par Nicolas Coolman, Update du 20/05/2011

Run by Daniel at 25/05/2011 10:58:15

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

OPIE: Opera v11.11 (Defaut)

MFIE: Mozilla Firefox v3.6.13 (fr)

GCIE: Google Chrome v11.0.696.68

 

---\\ System Information

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3037 MB (48% free)

System Restore: Activé (Enable)

System drive C: has 76 GB (65%) free of 116 GB

 

---\\ Logged in mode

Computer Name: PORTABLE-DANIEL

User Name: Daniel

All Users Names: HomeGroupUser$, Daniel, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\Daniel\AppData\Roaming

%LocalAppData%=C:\Users\Daniel\AppData\Local

%StartMenu%=C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 76 Go of 116 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 261 Go of 333 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 01:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.13/07/2009 20:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.30/03/2011 17:44:43.) -- C:\Windows\system32\wininet.dll [1126912]

 

 

 

---\\ Processus lancés

[MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768]

[MD5.868E3486E7EC522330344152A5535783] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720]

[MD5.BDD790326FABC31FB635130810245062] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440]

[MD5.852EE4F61139A1B3F44EDAA0D5B3FC14] - (...) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [53888]

[MD5.6DA7C93AB37B4A204BFCAE9FA07FF48D] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544]

[MD5.3ECCDD3FE310DD8F82D085447089ADB0] - (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952]

[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016]

[MD5.32F43BE36AAC4E10C88EC24B34770C0D] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392]

[MD5.5666955DC9FD455A003D86A21E0483A9] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624]

[MD5.F46F1EBC3F9DC2559B24AEEFC3D8206C] - (.Cisco Systems, Inc. - Network Magic Application.) -- D:\Program Files (X86)\Pure Networks\Network Magic\nmapp.exe [472112]

[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064]

[MD5.B114DB354D13A21C1AC2B1807EE2F500] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [273544]

[MD5.55EEFBB5C722789C38639AD8429A397B] - (.Research In Motion Limited - RIM Auto Update.) -- C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [648536]

[MD5.52D28AE9E168BA60F2DFA00EDD101B14] - (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192]

[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304]

[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720]

[MD5.5A42370A885E2629A7C46BF743CE9CC9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe [941936]

[MD5.0D2E386BC6D282C9DA7B40271D31CCB7] - (.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe [490112]

[MD5.E97EF15BBA0628281EFDF81B9A9C358B] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [656896]

 

 

 

---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)

B0 - SPO: operaprefs.ini [Daniel] Home URL=http://www.google.ca/

B1 - OSP: search.ini [Daniel] URL=http://www.google.com/search?q=%s&sourceid=opera&num=%i&ie=utf-8&oe=utf-8&channel=suggest

B1 - OSP: search.ini [Daniel] URL=http://www.google.ca

P1 - OPN:Opera Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Opera\Program\Plugins\nppl3260.dll

P1 - OPN:Opera Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files (x86)\Opera\Program\Plugins\nprjplug.dll

P1 - OPN:Opera Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.647.) -- C:\Program Files (x86)\Opera\Program\Plugins\nprpjplug.dll

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- D:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.dll

M2 - MFEP: prefs.js [Daniel - hdla3c4t.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.8.3 (.Michel Gutierrez.)

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKUS\S-1-5-21-279159176-2999597518-1161301331-1001\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: (no name) [64Bits] - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} . (.Copernic Technologies Inc. - Copernic Agent Extensions.) (6.1.2.0) -- D:\PROGRA~1\COPERN~1\COPERN~1.DLL

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) [64Bits] - {1392b8d2-5c05-419f-a8f6-b9f15a596612} Clé orpheline

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi

O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Google Dictionary Compression sdch [64Bits] - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (.Google Inc. - Fast Search.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [ufSeAgnt.exe] . (.Trend Micro Inc. - Trend Micro Server Agent.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe

O4 - HKLM\..\Run: [Eraser] . (.The Eraser Project - Eraser.) -- D:\PROGRA~2\Eraser\Eraser.exe

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe (.not file.)

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (.not file.)

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (.not file.)

O4 - HKCU\..\Run: [Peii] rundll32 "C:\Users\Daniel\AppData\Roaming\KBDICR.dll (.not file.)

O4 - HKCU\..\Run: [iSUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe

O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Wow6432Node\Run: [switchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Wow6432Node\Run: [nmapp] . (.Cisco Systems, Inc. - Network Magic Application.) -- D:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

O4 - HKLM\..\Wow6432Node\Run: [blackBerryAutoUpdate] . (.Research In Motion Limited - RIM Auto Update.) -- C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

O4 - HKLM\..\Wow6432Node\Run: [RoxWatchTray] . (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

O4 - HKLM\..\Wow6432Node\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [bCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-279159176-2999597518-1161301331-1001\..\Run: [Peii] rundll32 "C:\Users\Daniel\AppData\Roaming\KBDICR.dll (.not file.)

O4 - HKUS\S-1-5-21-279159176-2999597518-1161301331-1001\..\Run: [iSUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download Manager.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe

O4 - Global Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Daniel\Desktop\Desktop Manager.lnk . (.Research In Motion Limited.) -- D:\Program Files (X86)\Research In Motion\BlackBerry\DesktopMgr.exe

O4 - Global Startup: C:\Users\Daniel\Desktop\ZHPDiag.lnk . (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe

O4 - Global Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Copernic Agent Basic.lnk . (.Copernic Technologies Inc..) -- D:\Program Files (X86)\Copernic Agent\CopernicAgent.exe

O4 - Global Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

O4 - Global Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- D:\Program Files (X86)\Mozilla Firefox\firefox.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll

O8 - Extra context menu item: Chercher avec Copernic Agent . (.Copernic Technologies Inc. - Copernic Agent Extensions.) -- D:\Program Files (X86)\Copernic Agent\CopernicAgentExt.rdl

O8 - Extra context menu item: E&xport to Microsoft Excel - (.not file.) - C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\Office14\EXCEL.exe

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll

O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{C8051B18-CFF9-4043-82C7-D079B980A82E}: NameServer = 64.18.160.73,64.18.160.74

O17 - HKLM\System\CS1\Services\Tcpip\..\{C8051B18-CFF9-4043-82C7-D079B980A82E}: NameServer = 64.18.160.73,64.18.160.74

O17 - HKLM\System\CS2\Services\Tcpip\..\{C8051B18-CFF9-4043-82C7-D079B980A82E}: NameServer = 64.18.160.73,64.18.160.74

 

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: pure-go [64Bits] - {4746C79A-2042-4332-8650-48966E44ABA8} . (.Cisco Systems, Inc. - Pure Service Provider DLL (64-bit).) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Pas de propriétaire - Pas de description.) -- igfxdev.dll

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (ADSMService) . (.ASUSTek Computer Inc. - ADSMSrv.) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) - C:\Windows\system32\FBAgent.exe

O23 - Service: (ASLDRService) . (.ASUS - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: (ATKGFNEXSrv) . (.Pas de propriétaire - GFNEXSrv.) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: (cbVSCService) . (.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) - D:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: (maconfservice) . (.CybelSoft - Service de détection matériel.) - D:\Program Files\ma-config.com\x64\maconfservice.exe

O23 - Service: (NBService) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: (nmservice) . (.Cisco Systems, Inc. - Pure Networks Platform Service.) - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: (Roxio UPnP Renderer 9) . (.Sonic Solutions - Roxio LiveShare Service.) - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: (Roxio Upnp Server 9) . (.Sonic Solutions - RoxioUpnpService9 Module.) - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: (RoxLiveShare9) . (.Sonic Solutions - Roxio LiveShare Service.) - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: (RoxMediaDB9) . (.Sonic Solutions - RoxMediaDB9 Module.) - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: (RoxWatch9) . (.Sonic Solutions - RoxSniffer9 Module.) - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: (SandraAgentSrv) . (.SiSoftware - SiSoftware Deployment Agent Service (NT)(Un.) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\RpcAgentSrv.exe

O23 - Service: (SfCtlCom) . (.Trend Micro Inc. - Manages all components of Trend Micro Inter.) - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: (SwitchBoard) . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: (TMBMServer) . (.Trend Micro Inc. - Manages the Trend Micro unauthorized change.) - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: (TmPfw) . (.Trend Micro Inc. - Trend Micro Personal Firewall Service.) - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe

O23 - Service: (TmProxy) . (.Trend Micro Inc. - Trend Micro Proxy Service.) - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: Trend Micro NDIS 6.0 Filter Driver (tmlwf) . (.Trend Micro Inc. - Trend Micro NDIS 6.0 Filter Driver (amd64-f.) - C:\Windows\System32\DRIVERS\tmlwf.sys

O41 - Driver: (tmtdi) . (.Trend Micro Inc. - Trend Micro TDI Driver (amd64-fre).) - C:\Windows\System32\DRIVERS\tmtdi.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ALTools Update - (.ESTsoft Corp..) [HKLM][64Bits] -- ALUpdate_is1

O42 - Logiciel: ALZip - (.ESTsoft Corp..) [HKLM][64Bits] -- ALZip_is1

O42 - Logiciel: ASUS AI Recovery - (.ASUS.) [HKLM][64Bits] -- {06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}

O42 - Logiciel: ASUS AP Bank - (.ASUSTEK.) [HKLM][64Bits] -- ASUS AP Bank_is1

O42 - Logiciel: ASUS CopyProtect - (.ASUS.) [HKLM][64Bits] -- {6B77A7F6-DD63-4F13-A6FF-83137A5AC354}

O42 - Logiciel: ASUS Data Security Manager - (.ASUS.) [HKLM][64Bits] -- {FA2092C5-7979-412D-A962-6485274AE1EE}

O42 - Logiciel: ASUS FancyStart - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {2B81872B-A054-48DA-BE3B-FA5C164C303A}

O42 - Logiciel: ASUS LifeFrame3 - (.ASUS.) [HKLM][64Bits] -- {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}

O42 - Logiciel: ASUS MultiFrame - (.ASUS.) [HKLM][64Bits] -- {9D48531D-2135-49FC-BC29-ACCDA5396A76}

O42 - Logiciel: ASUS Power4Gear Hybrid - (.ASUS.) [HKLM] -- {91EFE3A1-585E-4F66-B5F6-F118F56C4C47}

O42 - Logiciel: ASUS SmartLogon - (.ASUS.) [HKLM][64Bits] -- {64452561-169F-4A36-A2FF-B5E118EC65F5}

O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64Bits] -- {0969AF05-4FF6-4C00-9406-43599238DE0D}

O42 - Logiciel: ASUS Virtual Camera - (.asus.) [HKLM][64Bits] -- {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}

O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage

O42 - Logiciel: ASUS_Screensaver - (.Pas de propriétaire.) [HKLM][64Bits] -- ASUS_Screensaver

O42 - Logiciel: ATK Generic Function Service - (.ATK.) [HKLM][64Bits] -- {D3D54F3E-C5C3-443D-978F-87A72E5616E8}

O42 - Logiciel: ATK Hotkey - (.ASUS.) [HKLM][64Bits] -- {7C05592D-424B-46CB-B505-E0013E8E75C9}

O42 - Logiciel: ATK Media - (.ASUS.) [HKLM][64Bits] -- {D1E5870E-E3E5-4475-98A6-ADD614524ADF}

O42 - Logiciel: ATKOSD2 - (.ASUS.) [HKLM][64Bits] -- {3B05F2FB-745B-4012-ADF2-439F36B2E70B}

O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX 64

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}

O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}

O42 - Logiciel: Advanced SystemCare 3 - (.IObit.) [HKLM][64Bits] -- Advanced SystemCare 3_is1

O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM][64Bits] -- InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}

O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM][64Bits] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1

O42 - Logiciel: Barre pour les dys ( pour word 2007) - (.Pierrick Courilleau.) [HKCU] -- 422D56ACE77600CFB3380BE09A1D62EBCDC6AD8E

O42 - Logiciel: Bit Che - (.Convivea, Inc..) [HKLM][64Bits] -- {D9DA5C41-964F-455F-B5E7-3664519440E8}_is1

O42 - Logiciel: BlackBerry Desktop Software 5.0.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- BlackBerry_{F11E0BBC-5CB9-4D64-A942-6B64043BED97}

O42 - Logiciel: BlackBerry Desktop Software 5.0.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- {F11E0BBC-5CB9-4D64-A942-6B64043BED97}

O42 - Logiciel: BlackBerry Device Software Updater - (.Research In Motion Ltd.) [HKLM][64Bits] -- {B0A92733-C870-415C-A494-DF72C2C58402}

O42 - Logiciel: BlackBerry® Media Sync - (.Research In Motion.) [HKLM][64Bits] -- {40A594D0-1490-4979-9382-D2B764F949C6}

O42 - Logiciel: Bullzip PDF Printer 7.1.0.1195 - (.Bullzip.) [HKLM] -- Bullzip PDF Printer_is1

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Canon Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM][64Bits] -- Easy-PhotoPrint EX

O42 - Logiciel: Canon iP3300 - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300

O42 - Logiciel: Cobian Backup 10 - (.Pas de propriétaire.) [HKLM][64Bits] -- CobBackup10

O42 - Logiciel: Conseiller de mise à niveau vers Windows 7 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D10CB57-B085-44c3-B435-2D193BA153F0}

O42 - Logiciel: ControlDeck - (.ASUS.) [HKLM][64Bits] -- {5B65EF64-1DFA-414A-8C94-7BB726158E21}

O42 - Logiciel: ConvertXtoDVD 4.1.4.338 - (.Pas de propriétaire.) [HKLM][64Bits] -- {DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1

O42 - Logiciel: Copernic Agent Basic - (.Copernic.) [HKLM][64Bits] -- Copernic Agent Basic

O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}

O42 - Logiciel: Download Manager - (.skatecanada.contentdirect.tv.) [HKCU] -- 3517368364.skatecanada.contentdirect.tv

O42 - Logiciel: Duplicate Cleaner 2.0 - (.DigitalVolcano.) [HKLM][64Bits] -- Duplicate Cleaner

O42 - Logiciel: ETDWare PS/2-x64 7.0.5.9_WHQL - (.Pas de propriétaire.) [HKLM] -- Elantech

O42 - Logiciel: Eraser 6.0.7.1893 - (.The Eraser Project.) [HKLM] -- {8CBBBC4D-B0B6-49DB-A421-98C65080D8EE}

O42 - Logiciel: FLV Player - (.Martijn de Visser Software.) [HKLM][64Bits] -- FLV Player2.0.25

O42 - Logiciel: FTP Expert 3 - (.Pas de propriétaire.) [HKLM][64Bits] -- FTP Expert 3

O42 - Logiciel: Fast Boot - (.ASUS.) [HKLM] -- {13F4A7F3-EABC-4261-AF6B-1317777F0755}

O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {13A5E785-5197-4EAD-8EE3-D660271E49BC}

O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {90024193-9F13-4877-89D5-A1CDF0CBBF28}

O42 - Logiciel: Free Mp3 Wma Converter V 1.91 - (.Koyote Soft.) [HKLM][64Bits] -- Free Mp3 Wma Converter_is1

O42 - Logiciel: Free Video Converter V 2.9 - (.Koyote Soft.) [HKLM][64Bits] -- Free Video Converter_is1

O42 - Logiciel: GPL Ghostscript Lite 8.70 - (.Pas de propriétaire.) [HKLM][64Bits] -- GPL Ghostscript Lite_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Game Park Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1

O42 - Logiciel: Glary Utilities 2.31.0.1098 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM][64Bits] -- Guitar Pro 5_is1

O42 - Logiciel: ImpôtRapide 2010 - (.Intuit Canada.) [HKLM][64Bits] -- {4D6B46F2-A261-44CA-A7F5-1FEA4EFBEB59}

O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}

O42 - Logiciel: Java 6 Update 23 (64-bit) - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416023FF}

O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM][64Bits] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44}

O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM] -- {CACF8330-7FDD-42BD-8D51-54EDB3DC86FC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}

O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00BA-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.PROPLUSR

O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM][64Bits] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM][64Bits] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}

O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - (.Microsoft Corporation.) [HKLM] -- {BD430C50-784F-32CD-87E7-A8C47EE6107F}

O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM][64Bits] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}

O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM] -- {925D058B-564A-443A-B4B2-7E90C6432E55}

O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM][64Bits] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}

O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM][64Bits] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45}

O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM][64Bits] -- {D1A19B02-817E-4296-A45B-07853FD74D57}

O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}

O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM][64Bits] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}

O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM] -- {8557397C-A42D-486F-97B3-A2CBC2372593}

O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM][64Bits] -- {08D2E121-7F6A-43EB-97FD-629B44903403}

O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}

O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM][64Bits] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}

O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: Médialexie - Barre d'outils Médialexie - (.Médialexie.) [HKLM][64Bits] -- Barre Médialexie_is1

O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM][64Bits] -- {CF097717-F174-4144-954A-FBC4BF301033}

O42 - Logiciel: Network Magic - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Network MagicUninstall

O42 - Logiciel: Opera 11.11 - (.Opera Software ASA.) [HKLM][64Bits] -- Opera 11.11.2109

O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}

O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM][64Bits] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 12.0

O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}

O42 - Logiciel: Replay Media Catcher 4 - (.Applian Technologies.) [HKLM] -- {CC1C287E-B0BB-421A-8F13-09F9A834F2A4}

O42 - Logiciel: Revo Uninstaller 1.91 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller

O42 - Logiciel: Roxio Media Manager - (.Roxio.) [HKLM][64Bits] -- {B98BE95C-E76F-4246-B8E6-BEB8EE791D06}

O42 - Logiciel: SRS Premium Sound Control Panel - (.SRS Labs, Inc..) [HKLM] -- {E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2466146) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4D3B2D30-46D3-4DC0-BA73-85306B10E0AE}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{1D1A4F08-2F17-475B-BA72-476CE5992FEE}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289161) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F134C2C6-30B3-4169-A325-58482B4CE6FC}

O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}

O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{C3C277D5-36E3-4B1A-926A-175B2BC019CF}

O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}

O42 - Logiciel: SiSoftware Sandra Lite 2011c - (.SiSoftware.) [HKLM] -- {C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1

O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM][64Bits] -- {F7FC9307-374E-4017-8E9D-DE1154780480}

O42 - Logiciel: Trend Micro Internet Security - (.Trend Micro Inc..) [HKLM] -- {718D791F-F4E8-4aa7-98A6-15FDED17BDD0}

O42 - Logiciel: Trend Micro Internet Security - (.Trend Micro Inc..) [HKLM] -- {9D2B0322-44AE-460E-9283-4D2D7A9205AE}

O42 - Logiciel: USB 2.0 1.3M UVC WebCam - (.Pas de propriétaire.) [HKLM] -- USB 2.0 1.3M UVC WebCam

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228

O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{556146F7-74AE-4E0A-B64F-5B8B93469F61}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B5516874-E926-4BFD-B412-D0E70112F244}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D6CE7280-6EE3-419A-8F47-DB111C040B1B}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{309EEC22-83CE-4109-B019-BA9392FAA322}

O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2441641) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}

O42 - Logiciel: Update for Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (KB982305) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD430C50-784F-32CD-87E7-A8C47EE6107F}.KB982305

O42 - Logiciel: VD64Inst - (.Roxio, Inc..) [HKLM] -- {22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}

O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}

O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D}

O42 - Logiciel: Winamp (remove only) - (.Pas de propriétaire.) [HKLM][64Bits] -- Winamp

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FE4BE0BD-1EDB-4D24-9614-847B3C472887}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live OneCare safety scanner - (.Pas de propriétaire.) [HKLM] -- Windows Live OneCare safety scanner

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Wireless Console 3 - (.ASUS.) [HKLM][64Bits] -- {20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}

O42 - Logiciel: mIRC - (.Pas de propriétaire.) [HKLM][64Bits] -- mIRC

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ASUS]

[HKCU\Software\ATK0100]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\Antanda]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\ApplianTechnologies]

[HKCU\Software\Applian]

[HKCU\Software\Ask&Record]

[HKCU\Software\Auslogics]

[HKCU\Software\Binary Noise]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Copernic]

[HKCU\Software\CyberLink]

[HKCU\Software\DivXNetworks]

[HKCU\Software\ECAREME]

[HKCU\Software\ESET]

[HKCU\Software\ESTsoft]

[HKCU\Software\Elantech]

[HKCU\Software\Eraser]

[HKCU\Software\Foxit Software]

[HKCU\Software\FreeCDRIP]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\InstallShield]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MMTWN]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Medialexie]

[HKCU\Software\Médialexie]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Opera Software]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Pure Networks]

[HKCU\Software\RealNetworks]

[HKCU\Software\Replay Media Catcher 4]

[HKCU\Software\Research In Motion]

[HKCU\Software\Roxio]

[HKCU\Software\SiSoftware]

[HKCU\Software\SoftVTU]

[HKCU\Software\Softonic]

[HKCU\Software\Sonic Solutions]

[HKCU\Software\Sonic]

[HKCU\Software\Syjrzybog]

[HKCU\Software\Synapse Developpement]

[HKCU\Software\System Requirements Lab]

[HKCU\Software\Toshiba]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VS Revo Group]

[HKCU\Software\VSO]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\Winamp]

[HKCU\Software\Wintertree]

[HKCU\Software\Wow6432Node]

[HKCU\Software\cybelsoft]

[HKCU\Software\mIRC]

[HKLM\Software\ASPG]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATK0100]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Applian Technologies]

[HKLM\Software\Arobas Music]

[HKLM\Software\AsLdr]

[HKLM\Software\BSProductManage]

[HKLM\Software\Bullzip]

[HKLM\Software\CDDB]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CobianSoft]

[HKLM\Software\Copernic]

[HKLM\Software\CoreSecurity]

[HKLM\Software\CyberLink]

[HKLM\Software\Dantz]

[HKLM\Software\Debug]

[HKLM\Software\DigitalVolcano]

[HKLM\Software\ECAREME]

[HKLM\Software\ESET]

[HKLM\Software\ESTsoft]

[HKLM\Software\Foxit Software]

[HKLM\Software\Google]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\IObit]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Medialexie]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Médialexie]

[HKLM\Software\Nero]

[HKLM\Software\Netscape]

[HKLM\Software\ODBC]

[HKLM\Software\Oberon Media]

[HKLM\Software\Opera Software]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Pure Networks]

[HKLM\Software\QSound Labs, Inc.]

[HKLM\Software\RealNetworks]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Research In Motion]

[HKLM\Software\Roxio]

[HKLM\Software\SONIX]

[HKLM\Software\SRS Labs]

[HKLM\Software\SiSoftware]

[HKLM\Software\Sonic]

[HKLM\Software\TOSHIBA]

[HKLM\Software\The Silicon Realms Toolworks]

[HKLM\Software\Toshiba]

[HKLM\Software\TrendMicro]

[HKLM\Software\VIA Technologies, Inc]

[HKLM\Software\VSO]

[HKLM\Software\Visicom Media]

[HKLM\Software\Volatile]

[HKLM\Software\WidCommUpdate]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\cybelsoft]

[HKLM\Software\mozilla.org]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 04/05/2010 - 22:52:48 - [1518195] ----D- C:\Program Files\ASUS

O43 - CFD: 04/05/2010 - 22:45:16 - [464496] ----D- C:\Program Files\ATKGFNEX

O43 - CFD: 07/04/2011 - 17:44:26 - [16248268] ----D- C:\Program Files\Bullzip

O43 - CFD: 01/01/2011 - 17:20:12 - [7873427] --H-D- C:\Program Files\CanonBJ

O43 - CFD: 11/05/2011 - 16:59:42 - [7278424] ----D- C:\Program Files\CCleaner

O43 - CFD: 07/04/2011 - 17:44:32 - [180183618] ----D- C:\Program Files\Common Files

O43 - CFD: 16/03/2011 - 17:29:46 - [90256916] ----D- C:\Program Files\DVD Maker

O43 - CFD: 04/05/2010 - 21:51:26 - [7127936] ----D- C:\Program Files\Elantech

O43 - CFD: 27/12/2010 - 20:32:22 - [2772564] ----D- C:\Program Files\EMC Corporation

O43 - CFD: 04/05/2010 - 22:16:10 - [318960] ----D- C:\Program Files\Google

O43 - CFD: 30/03/2011 - 18:49:34 - [6228017] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 06/02/2011 - 18:04:02 - [80890861] ----D- C:\Program Files\Java

O43 - CFD: 14/07/2009 - 03:45:56 - [149237810] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 16/05/2011 - 19:53:38 - [7299127] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 24/12/2010 - 18:59:50 - [2327282] ----D- C:\Program Files\mIRC

O43 - CFD: 04/05/2010 - 22:53:02 - [12522726] ----D- C:\Program Files\P4G

O43 - CFD: 14/07/2009 - 01:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 01/05/2011 - 01:04:30 - [141048] ----D- C:\Program Files\Roxio

O43 - CFD: 14/01/2011 - 23:21:04 - [106748545] ----D- C:\Program Files\SiSoftware

O43 - CFD: 04/05/2010 - 22:44:12 - [2086352] ----D- C:\Program Files\SRS Labs

O43 - CFD: 31/01/2011 - 17:19:40 - [1007790729] ----D- C:\Program Files\Trend Micro

O43 - CFD: 14/07/2009 - 01:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 16/03/2011 - 17:29:46 - [4039680] ----D- C:\Program Files\Windows Defender

O43 - CFD: 16/03/2011 - 17:29:46 - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 24/12/2010 - 09:32:38 - [275698] ----D- C:\Program Files\Windows Live

O43 - CFD: 31/01/2011 - 16:48:34 - [1253492] ----D- C:\Program Files\Windows Live Safety Center

O43 - CFD: 16/03/2011 - 17:29:46 - [6667776] ----D- C:\Program Files\Windows Mail

O43 - CFD: 16/03/2011 - 17:29:46 - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 14/07/2009 - 01:32:40 - [12627636] ----D- C:\Program Files\Windows NT

O43 - CFD: 16/03/2011 - 17:29:46 - [5516056] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 16/03/2011 - 17:29:46 - [244736] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 16/03/2011 - 17:29:46 - [11374579] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 15/02/2011 - 21:06:02 - [51709920] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 07/04/2011 - 17:44:32 - [34672] ----D- C:\Program Files\Common Files\Bullzip

O43 - CFD: 04/05/2010 - 22:38:12 - [18392064] ----D- C:\Program Files\Common Files\Intel

O43 - CFD: 16/05/2011 - 19:54:48 - [97241201] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 13/07/2009 - 23:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 13/07/2009 - 23:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 23/03/2011 - 19:00:20 - [12194291] ----D- C:\Program Files\Common Files\System

O43 - CFD: 05/03/2011 - 17:12:36 - [152775678] ----D- C:\ProgramData\Adobe

O43 - CFD: 23/05/2011 - 12:27:56 - [3704] ----D- C:\ProgramData\Ahead

O43 - CFD: 04/05/2010 - 22:41:00 - [495] ----D- C:\ProgramData\AmUStor

O43 - CFD: 14/07/2009 - 01:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 23/12/2010 - 20:28:42 - [3798] ----D- C:\ProgramData\ASUS

O43 - CFD: 01/01/2011 - 17:20:48 - [16980805] --H-D- C:\ProgramData\CanonBJ

O43 - CFD: 01/01/2011 - 17:43:08 - [0] --H-D- C:\ProgramData\CanonEPP

O43 - CFD: 01/01/2011 - 17:43:08 - [0] --H-D- C:\ProgramData\CanonIJEPPEX2

O43 - CFD: 04/05/2010 - 22:09:54 - [34445] ----D- C:\ProgramData\CyberLink

O43 - CFD: 14/07/2009 - 01:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 01:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 27/01/2011 - 18:19:02 - [1713229] ----D- C:\ProgramData\EmailNotifier

O43 - CFD: 23/12/2010 - 22:03:24 - [8483] ----D- C:\ProgramData\ESET

O43 - CFD: 23/12/2010 - 21:40:08 - [883232] ----D- C:\ProgramData\ESTsoft

O43 - CFD: 14/07/2009 - 01:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 04/05/2010 - 22:16:12 - [12707] ----D- C:\ProgramData\Google

O43 - CFD: 01/05/2011 - 01:04:24 - [2273] ----D- C:\ProgramData\InstallShield

O43 - CFD: 08/02/2011 - 22:07:48 - [10564] ----D- C:\ProgramData\Intuit Canada

O43 - CFD: 31/01/2011 - 10:53:48 - [44628] ----D- C:\ProgramData\ma-config.com

O43 - CFD: 29/12/2010 - 10:13:28 - [6724904] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 07/04/2011 - 21:27:32 - [8427] ----D- C:\ProgramData\Medialexie

O43 - CFD: 16/05/2011 - 20:00:26 - [753799580] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 18/05/2011 - 10:20:54 - [205792] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 24/12/2010 - 20:21:30 - [1354688] ----D- C:\ProgramData\Nero

O43 - CFD: 04/05/2010 - 22:27:04 - [17536868] ----D- C:\ProgramData\OberonGameConsole

O43 - CFD: 13/03/2011 - 14:01:00 - [2090] ----D- C:\ProgramData\P4G

O43 - CFD: 19/01/2011 - 18:49:26 - [695] ----D- C:\ProgramData\Partner

O43 - CFD: 23/12/2010 - 21:45:06 - [141494193] ----D- C:\ProgramData\Pure Networks

O43 - CFD: 16/04/2011 - 22:55:00 - [1415993] ----D- C:\ProgramData\Real

O43 - CFD: 13/02/2011 - 11:34:34 - [1709] ----D- C:\ProgramData\regid.1986-12.com.adobe

O43 - CFD: 01/05/2011 - 00:59:14 - [956436] ----D- C:\ProgramData\Research In Motion

O43 - CFD: 27/12/2010 - 20:59:32 - [807775] ----D- C:\ProgramData\RetroExp

O43 - CFD: 28/12/2010 - 09:51:44 - [1966148] ----D- C:\ProgramData\Retrospect

O43 - CFD: 02/05/2011 - 20:05:40 - [5422845] ----D- C:\ProgramData\Roxio

O43 - CFD: 01/05/2011 - 01:04:16 - [1033] ----D- C:\ProgramData\Sonic

O43 - CFD: 14/07/2009 - 01:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 16/04/2011 - 22:52:46 - [119] ----D- C:\ProgramData\Sun

O43 - CFD: 04/05/2010 - 22:09:08 - [143502] ----D- C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 01:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 30/01/2011 - 13:57:08 - [12487] ----D- C:\ProgramData\TOSHIBA

O43 - CFD: 31/01/2011 - 17:21:42 - [129850] ----D- C:\ProgramData\Trend Micro

O43 - CFD: 25/12/2010 - 18:22:20 - [47] ----D- C:\ProgramData\vsosdk

O43 - CFD: 05/03/2011 - 17:11:52 - [5686468] ----D- C:\Users\Daniel\AppData\Roaming\Adobe

O43 - CFD: 23/05/2011 - 12:43:50 - [149918] ----D- C:\Users\Daniel\AppData\Roaming\Ahead

O43 - CFD: 15/02/2011 - 21:06:04 - [40960] ----D- C:\Users\Daniel\AppData\Roaming\Asus WebStorage

O43 - CFD: 31/12/2010 - 00:30:42 - [305006] ----D- C:\Users\Daniel\AppData\Roaming\Auslogics

O43 - CFD: 02/01/2011 - 13:47:10 - [0] ----D- C:\Users\Daniel\AppData\Roaming\Canon

O43 - CFD: 26/01/2011 - 11:02:44 - [2560] ----D- C:\Users\Daniel\AppData\Roaming\Classes de site

O43 - CFD: 23/12/2010 - 20:38:40 - [808329] ----D- C:\Users\Daniel\AppData\Roaming\Convivea

O43 - CFD: 29/03/2011 - 20:12:20 - [784686] ----D- C:\Users\Daniel\AppData\Roaming\Copernic

O43 - CFD: 26/01/2011 - 10:54:56 - [109199] ----D- C:\Users\Daniel\AppData\Roaming\Dynamique

O43 - CFD: 23/12/2010 - 21:40:44 - [10285321] ----D- C:\Users\Daniel\AppData\Roaming\ESTsoft

O43 - CFD: 04/02/2011 - 19:24:14 - [3276] ----D- C:\Users\Daniel\AppData\Roaming\Foxit Software

O43 - CFD: 13/02/2011 - 00:50:32 - [292] ----D- C:\Users\Daniel\AppData\Roaming\FreeAudioPack

O43 - CFD: 13/02/2011 - 00:51:44 - [435] ----D- C:\Users\Daniel\AppData\Roaming\FreeCDRipper

O43 - CFD: 05/02/2011 - 23:31:54 - [838] ----D- C:\Users\Daniel\AppData\Roaming\FreeVideoConverter

O43 - CFD: 16/02/2011 - 10:58:24 - [9270] ----D- C:\Users\Daniel\AppData\Roaming\GlarySoft

O43 - CFD: 23/12/2010 - 20:18:50 - [0] ----D- C:\Users\Daniel\AppData\Roaming\Identities

O43 - CFD: 01/05/2011 - 01:04:24 - [293] ----D- C:\Users\Daniel\AppData\Roaming\InstallShield

O43 - CFD: 08/02/2011 - 22:09:32 - [52332] ----D- C:\Users\Daniel\AppData\Roaming\Intuit Canada

O43 - CFD: 24/01/2011 - 19:40:28 - [2302107] ----D- C:\Users\Daniel\AppData\Roaming\IObit

O43 - CFD: 23/12/2010 - 21:02:38 - [8318] ----D- C:\Users\Daniel\AppData\Roaming\Macromedia

O43 - CFD: 29/12/2010 - 10:13:40 - [8017804] ----D- C:\Users\Daniel\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 03:44:40 - [0] ----D- C:\Users\Daniel\AppData\Roaming\Media Center Programs

O43 - CFD: 16/05/2011 - 21:07:14 - [21016794] -S--D- C:\Users\Daniel\AppData\Roaming\Microsoft

O43 - CFD: 24/02/2011 - 14:43:02 - [1590996] ----D- C:\Users\Daniel\AppData\Roaming\Mozilla

O43 - CFD: 24/02/2011 - 14:23:08 - [960924] ----D- C:\Users\Daniel\AppData\Roaming\Opera

O43 - CFD: 23/12/2010 - 21:12:12 - [2819] ----D- C:\Users\Daniel\AppData\Roaming\PFStaticIP

O43 - CFD: 13/03/2011 - 14:01:02 - [502] ----D- C:\Users\Daniel\AppData\Roaming\PhotoFiltre

O43 - CFD: 16/04/2011 - 22:55:00 - [1017789] ----D- C:\Users\Daniel\AppData\Roaming\Real

O43 - CFD: 22/01/2011 - 13:25:24 - [1032192] ----D- C:\Users\Daniel\AppData\Roaming\Reasonable Software House Ltd

O43 - CFD: 01/05/2011 - 01:13:28 - [36702844] ----D- C:\Users\Daniel\AppData\Roaming\Research In Motion

O43 - CFD: 02/05/2011 - 20:02:00 - [1077330] ----D- C:\Users\Daniel\AppData\Roaming\Roxio

O43 - CFD: 26/01/2011 - 11:01:30 - [1057280] ----D- C:\Users\Daniel\AppData\Roaming\Sites

O43 - CFD: 23/05/2011 - 10:58:12 - [3782130] ----D- C:\Users\Daniel\AppData\Roaming\uTorrent

O43 - CFD: 30/03/2011 - 17:26:48 - [1699146] ----D- C:\Users\Daniel\AppData\Roaming\vlc

O43 - CFD: 23/05/2011 - 12:26:42 - [220297] ----D- C:\Users\Daniel\AppData\Roaming\Vso

O43 - CFD: 24/12/2010 - 15:48:56 - [295] ----D- C:\Users\Daniel\AppData\Roaming\Windows Live Writer

O43 - CFD: 25/02/2011 - 21:29:20 - [15390038] ----D- C:\Users\Daniel\Appdata\Local\Adobe

O43 - CFD: 24/12/2010 - 20:31:12 - [2043726] ----D- C:\Users\Daniel\Appdata\Local\Ahead

O43 - CFD: 23/12/2010 - 20:05:02 - [0] -SH-D- C:\Users\Daniel\Appdata\Local\Application Data

O43 - CFD: 21/02/2011 - 19:14:38 - [225347] ----D- C:\Users\Daniel\Appdata\Local\Apps

O43 - CFD: 21/02/2011 - 19:15:12 - [96574] ----D- C:\Users\Daniel\Appdata\Local\assembly

O43 - CFD: 23/12/2010 - 20:28:42 - [1373754] ----D- C:\Users\Daniel\Appdata\Local\ASUS

O43 - CFD: 11/03/2011 - 12:02:26 - [62404] ----D- C:\Users\Daniel\Appdata\Local\Canon Easy-PhotoPrint EX

O43 - CFD: 23/05/2011 - 22:01:24 - [0] ----D- C:\Users\Daniel\Appdata\Local\Deployment

O43 - CFD: 13/03/2011 - 11:03:20 - [9805169] ----D- C:\Users\Daniel\Appdata\Local\Diagnostics

O43 - CFD: 13/03/2011 - 21:53:20 - [1105157] ----D- C:\Users\Daniel\Appdata\Local\ElevatedDiagnostics

O43 - CFD: 29/01/2011 - 12:04:06 - [10897] ----D- C:\Users\Daniel\Appdata\Local\Eraser 6

O43 - CFD: 24/12/2010 - 20:19:04 - [483902] ----D- C:\Users\Daniel\Appdata\Local\ESET

O43 - CFD: 24/02/2011 - 17:16:06 - [488622119] ----D- C:\Users\Daniel\Appdata\Local\FLVService

O43 - CFD: 31/01/2011 - 12:47:04 - [61] ----D- C:\Users\Daniel\Appdata\Local\Google

O43 - CFD: 23/12/2010 - 20:05:02 - [0] -SH-D- C:\Users\Daniel\Appdata\Local\Historique

O43 - CFD: 24/02/2011 - 17:51:58 - [62844] ----D- C:\Users\Daniel\Appdata\Local\Jaksta_Pty_Ltd

O43 - CFD: 24/02/2011 - 18:22:06 - [6259712] ----D- C:\Users\Daniel\Appdata\Local\mdnslib

O43 - CFD: 16/05/2011 - 20:17:22 - [293102468] ----D- C:\Users\Daniel\Appdata\Local\Microsoft

O43 - CFD: 08/01/2011 - 16:33:30 - [13238] ----D- C:\Users\Daniel\Appdata\Local\Microsoft Corporation

O43 - CFD: 15/05/2011 - 18:34:30 - [237812] ----D- C:\Users\Daniel\Appdata\Local\Microsoft Games

O43 - CFD: 23/03/2011 - 20:16:36 - [169664] ----D- C:\Users\Daniel\Appdata\Local\Microsoft Help

O43 - CFD: 24/02/2011 - 14:42:48 - [25213548] ----D- C:\Users\Daniel\Appdata\Local\Mozilla

O43 - CFD: 24/02/2011 - 14:23:08 - [24261291] ----D- C:\Users\Daniel\Appdata\Local\Opera

O43 - CFD: 23/12/2010 - 20:05:22 - [40960] ----D- C:\Users\Daniel\Appdata\Local\Power2Go

O43 - CFD: 22/01/2011 - 13:25:48 - [2911] ----D- C:\Users\Daniel\Appdata\Local\Reasonable_Software_House

O43 - CFD: 28/12/2010 - 19:32:40 - [0] ----D- C:\Users\Daniel\Appdata\Local\Safe mirror

O43 - CFD: 23/12/2010 - 20:20:48 - [7353] ----D- C:\Users\Daniel\Appdata\Local\SRS Labs

O43 - CFD: 25/05/2011 - 10:57:26 - [10262118] ----D- C:\Users\Daniel\Appdata\Local\Temp

O43 - CFD: 23/12/2010 - 20:05:02 - [0] -SH-D- C:\Users\Daniel\Appdata\Local\Temporary Internet Files

O43 - CFD: 30/01/2011 - 13:57:08 - [2479] ----D- C:\Users\Daniel\Appdata\Local\Toshiba

O43 - CFD: 31/01/2011 - 17:09:12 - [0] ----D- C:\Users\Daniel\Appdata\Local\Trend Micro

O43 - CFD: 25/02/2011 - 19:09:58 - [9762977] ----D- C:\Users\Daniel\Appdata\Local\VirtualStore

O43 - CFD: 31/01/2011 - 16:17:30 - [183115598] ----D- C:\Users\Daniel\Appdata\Local\VS Revo Group

O43 - CFD: 25/05/2011 - 10:29:18 - [90112] ----D- C:\Users\Daniel\Appdata\Local\Windows Live

O43 - CFD: 01/01/2011 - 18:25:56 - [374134] ----D- C:\Users\Daniel\Appdata\Local\Windows Live Writer

O43 - CFD: 04/05/2010 - 22:07:50 - [12683094] ----D- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites

O43 - CFD: 25/02/2011 - 21:30:52 - [124587398] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 04/05/2010 - 22:41:02 - [3036551] ----D- C:\Program Files (x86)\AmIcoSingLun

O43 - CFD: 04/05/2010 - 22:54:06 - [142315521] ----D- C:\Program Files (x86)\ASUS

O43 - CFD: 01/01/2011 - 17:42:40 - [167649] ----D- C:\Program Files (x86)\Canon

O43 - CFD: 16/05/2011 - 20:04:14 - [1208920771] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 04/05/2010 - 22:09:50 - [266949787] ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 23/12/2010 - 21:40:08 - [2452730] ----D- C:\Program Files (x86)\ESTsoft

O43 - CFD: 02/02/2011 - 10:18:22 - [2420768] ----D- C:\Program Files (x86)\Feedback Tool

O43 - CFD: 04/02/2011 - 19:24:12 - [209] ----D- C:\Program Files (x86)\Foxit Software

O43 - CFD: 13/02/2011 - 01:09:06 - [23071778] ----D- C:\Program Files (x86)\Free Audio Pack

O43 - CFD: 04/05/2010 - 22:16:22 - [481622869] ----D- C:\Program Files (x86)\Google

O43 - CFD: 21/03/2011 - 10:18:02 - [88100698] ----D- C:\Program Files (x86)\ImpotRapide 2010

O43 - CFD: 04/05/2010 - 22:53:00 - [28950803] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 04/05/2010 - 22:38:14 - [5703866] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 30/03/2011 - 18:49:34 - [5160994] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 16/04/2011 - 22:51:44 - [88362781] ----D- C:\Program Files (x86)\Java

O43 - CFD: 16/02/2011 - 11:08:52 - [433755] ----D- C:\Program Files (x86)\jv16 PowerTools 2010

O43 - CFD: 07/04/2011 - 17:43:24 - [15051818] ----D- C:\Program Files (x86)\Medialexie

O43 - CFD: 24/12/2010 - 10:43:12 - [2664525] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 16/05/2011 - 19:53:00 - [39848379] ----D- C:\Program Files (x86)\Microsoft Analysis Services

O43 - CFD: 25/03/2011 - 10:20:14 - [800662] ----D- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 16/05/2011 - 20:03:54 - [884189584] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 21/04/2011 - 17:12:26 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 16/05/2011 - 20:03:54 - [3635637] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 16/05/2011 - 20:04:14 - [326800] ----D- C:\Program Files (x86)\Microsoft Synchronization Services

O43 - CFD: 24/12/2010 - 10:53:14 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 08/01/2011 - 16:33:14 - [7377360] ----D- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor

O43 - CFD: 16/05/2011 - 20:03:54 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 16/05/2011 - 19:59:24 - [25757] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 13/03/2011 - 15:31:14 - [0] ----D- C:\Program Files (x86)\MSECACHE

O43 - CFD: 04/05/2010 - 22:33:54 - [154033] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 24/12/2010 - 20:21:30 - [374086092] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 21/05/2011 - 09:02:50 - [30235071] ----D- C:\Program Files (x86)\Opera

O43 - CFD: 08/03/2011 - 21:06:16 - [51] ----D- C:\Program Files (x86)\ProgicielCES

O43 - CFD: 13/03/2011 - 15:59:12 - [1442864] ----D- C:\Program Files (x86)\Pure Networks

O43 - CFD: 16/04/2011 - 22:54:36 - [91635235] ----D- C:\Program Files (x86)\Real

O43 - CFD: 14/07/2009 - 01:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 01/05/2011 - 00:59:14 - [5979664] ----D- C:\Program Files (x86)\Research In Motion

O43 - CFD: 27/12/2010 - 21:03:30 - [632] ----D- C:\Program Files (x86)\Retrospect

O43 - CFD: 01/05/2011 - 01:03:00 - [134104359] ----D- C:\Program Files (x86)\Roxio

O43 - CFD: 09/01/2011 - 22:36:50 - [718080] ----D- C:\Program Files (x86)\SystemRequirementsLab

O43 - CFD: 30/01/2011 - 13:45:40 - [0] ----D- C:\Program Files (x86)\Toshiba

O43 - CFD: 14/07/2009 - 00:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 04/05/2010 - 22:44:02 - [77399999] ----D- C:\Program Files (x86)\VIA

O43 - CFD: 13/03/2011 - 14:55:56 - [6766627] ----D- C:\Program Files (x86)\VS Revo Group

O43 - CFD: 25/12/2010 - 17:15:28 - [3482172] ----D- C:\Program Files (x86)\VSO

O43 - CFD: 26/12/2010 - 12:20:28 - [524800] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 30/03/2011 - 10:08:30 - [157776556] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 16/03/2011 - 17:29:48 - [6181376] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 16/03/2011 - 17:29:48 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 01:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 16/03/2011 - 17:29:48 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 16/03/2011 - 17:29:48 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 16/03/2011 - 17:29:48 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 25/05/2011 - 10:58:28 - [4890440] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 25/02/2011 - 21:31:02 - [159485896] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 13/02/2011 - 11:26:34 - [32159844] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 24/12/2010 - 20:22:06 - [111900480] ----D- C:\Program Files (x86)\Common Files\Ahead

O43 - CFD: 04/05/2010 - 22:48:00 - [53563] ----D- C:\Program Files (x86)\Common Files\ControlDeck

O43 - CFD: 29/03/2011 - 20:12:20 - [961705] ----D- C:\Program Files (x86)\Common Files\Copernic

O43 - CFD: 16/05/2011 - 20:04:14 - [99136] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 01/05/2011 - 01:02:48 - [11785649] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 04/05/2010 - 22:38:12 - [14237696] ----D- C:\Program Files (x86)\Common Files\Intel

O43 - CFD: 03/03/2011 - 20:45:08 - [3245613] ----D- C:\Program Files (x86)\Common Files\Intuit

O43 - CFD: 16/04/2011 - 22:52:42 - [1247175] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 16/05/2011 - 20:12:00 - [219039241] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 04/05/2010 - 22:25:42 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media

O43 - CFD: 23/12/2010 - 21:43:38 - [41120458] ----D- C:\Program Files (x86)\Common Files\Pure Networks Shared

O43 - CFD: 01/05/2011 - 01:03:08 - [2363296] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 01/05/2011 - 00:57:32 - [54268700] ----D- C:\Program Files (x86)\Common Files\Research In Motion

O43 - CFD: 01/05/2011 - 01:03:08 - [104411580] ----D- C:\Program Files (x86)\Common Files\Roxio Shared

O43 - CFD: 13/07/2009 - 23:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 01/05/2011 - 01:03:08 - [4070251] ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 13/07/2009 - 23:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 16/05/2011 - 20:11:16 - [20425731] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 23/12/2010 - 20:06:24 - [385881192] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 16/04/2011 - 22:54:30 - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.14000000000000000000000064EF1800] - 25/05/2011 - 09:57:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1466649]

O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 25/05/2011 - 09:53:55 ---A- . (...) -- C:\Windows\SysNative\acovcnt.exe [45056]

O44 - LFC:[MD5.D970403841ACA24A69C168D521487F00] - 25/05/2011 - 09:53:42 ---A- . (...) -- C:\Windows\setupact.log [1176]

O44 - LFC:[MD5.AEB74F8379B1AA1B45775C36521E3279] - 25/05/2011 - 09:53:41 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.3BB961B76468FAD8C42947566894083C] - 25/05/2011 - 09:39:08 ---A- . (...) -- C:\Windows\TMFilter.log [615]

O44 - LFC:[MD5.88ECCA5F525F3AE656C43EB385CCC08B] - 21/05/2011 - 12:27:27 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.0BB3F18106F9F633449F64DB2EA4E6C5] - 20/05/2011 - 04:14:31 ---A- . (...) -- C:\rkill.log [312]

O44 - LFC:[MD5.F9F9E8AF0B4297353BFDFD73E990D722] - 19/05/2011 - 17:47:53 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [109176]

O44 - LFC:[MD5.7F6983ADDD8F79FFF6B220DDC1A8B816] - 19/05/2011 - 17:47:53 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [133712]

O44 - LFC:[MD5.C4F6D089E5953E7500C32C650379A767] - 19/05/2011 - 17:47:53 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [623054]

O44 - LFC:[MD5.227F148648E8FACFC2EE6AC186F795E1] - 19/05/2011 - 17:47:53 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [711608]

O44 - LFC:[MD5.31D1CA73B5C1E95D7B15D50E12D3586B] - 19/05/2011 - 17:47:52 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1570168]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/05/2011 - 19:50:54 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.31D1CA73B5C1E95D7B15D50E12D3586B] - 17/05/2011 - 15:52:33 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1590764]

O44 - LFC:[MD5.433D7679E95A175004041F0AB193287C] - 16/05/2011 - 19:19:55 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [5088560]

O44 - LFC:[MD5.E13F489F0B1E52319A86BDD996263F4B] - 16/05/2011 - 19:11:18 ---A- . (...) -- C:\Windows\win.ini [478]

O44 - LFC:[MD5.CF0A06F9D165D938CC764BF672FA3F70] - 01/05/2011 - 00:10:03 ---A- . (...) -- C:\Windows\SysNative\ServiceFilter.ini [1372]

O44 - LFC:[MD5.EA9E37EE7F0D60E67B6351218BB900AD] - 01/05/2011 - 00:09:27 ---A- . (...) -- C:\Windows\SysNative\AutoRunFilter.ini [2310]

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{0cb80835-176d-11e0-b5ea-485b3964ccff}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\LaunchU3.exe (.not file.)

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\ADSMTray [Key] . (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

O53 - SMSR:HKLM\...\startupreg\AmIcoSinglun64 [Key] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector [Key] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe

O53 - SMSR:HKLM\...\startupreg\ASUS WebStorage [Key] . (...) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe

O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

O53 - SMSR:HKLM\...\startupreg\ETDWare [Key] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe

O53 - SMSR:HKLM\...\startupreg\HDAudDeck [Key] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\ie9installer [Key] . (...) -- C:\Users\Daniel\AppData\Local\Temp\iesetup-win7-x64.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Malwarebytes' Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- D:\Program Files (X86)\Malwarebytes' Anti-Malware\mbam.exe

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O53 - SMSR:HKLM\...\startupreg\nmapp [Key] . (.Cisco Systems, Inc. - Network Magic Application.) -- D:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe

O53 - SMSR:HKLM\...\startupreg\nmctxth [Key] . (.Cisco Systems, Inc. - Pure Networks Platform Assistant.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe

O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Setwallpaper [Key] . (...) -- c:\programdata\SetWallpaper.cmd (.not file.)

O53 - SMSR:HKLM\...\startupreg\UfSeAgnt.exe [Key] . (...) -- D:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\UpdateLBPShortCut [Key] . (...) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe2.5 (.not file.)

O53 - SMSR:HKLM\...\startupreg\UpdateP2GoShortCut [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

O53 - SMSR:HKLM\...\startupreg\WinampAgent [Key] . (...) -- D:\Program Files (x86)\Winamp\Winampa.exe

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 13/07/2009 - 20:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 20:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 20:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 13/07/2009 - 20:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 01:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 13/07/2009 - 20:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 01:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.9C7F164B49CADC658D1B3C575782F346] - 21/08/2009 - 01:48:17 ---A- . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\system32\drivers\AmUStor.sys [44032]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 20:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 20:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.88FBC8BEBFD38566235EAA5E4DBC4E05] - 04/05/2010 - 21:46:50 ---A- . (.ASUSTek Computer Inc - Data Security Manager Driver.) -- C:\Windows\system32\drivers\AsDsm.sys [35384]

O58 - SDL:[MD5.0ACC06FCF46F64ED4F11E57EE461C1F4] - 04/10/2009 - 20:33:59 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1542656]

O58 - SDL:[MD5.032D35C996F21D19A205A7C8F0B76F3C] - 12/05/2009 - 20:07:19 ---A- . (.ASUS - ATK0100 ACPI Utility.) -- C:\Windows\system32\drivers\ATK64AMD.sys [15928]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 15:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 15:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 15:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 13/07/2009 - 20:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 15:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 15:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 15:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.8DBC710FB16A406CF85839407C0B7DFC] - 31/07/2008 - 20:45:44 ---A- . (.IVT Corporation. - Bluetooth HID BUS Driver.) -- C:\Windows\system32\drivers\BtHidBus.sys [24328]

O58 - SDL:[MD5.40AAAB64465E42C72B6411AAEB3EEF0F] - 07/12/2008 - 12:44:56 ---A- . (...) -- C:\Windows\system32\drivers\btnetBus.sys [35848]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 15:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 13/07/2009 - 20:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 20:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.3C38648375B7F3988691F53A7AAE10A9] - 15/10/2009 - 04:23:19 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\system32\drivers\ETD.sys [117760]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 15:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 15:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 08:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.BBB3B6DF1ABB0FE35802EDE85CC1C011] - 06/08/2009 - 16:24:13 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [408600]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 01:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.C6238C6ABD6AC99F5D152DA4E9439A3D] - 11/02/2011 - 18:16:38 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys [10628640]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 20:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1C6D68A0BF108A5B3D40B2E84AE3CCDA] - 02/07/2008 - 14:58:50 ---A- . (.IVT Corporation. - IVT Bluetooth Bus Device Driver.) -- C:\Windows\system32\drivers\IvtBtBus.sys [31624]

O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 04:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\system32\drivers\kbfiltr.sys [15416]

O58 - SDL:[MD5.B8E670D7EF61615FA03104552854FAC9] - 23/08/2009 - 00:08:07 ---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20.) -- C:\Windows\system32\drivers\L1E62x64.sys [56320]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 20:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 20:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 20:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 20:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.085435AE1A124361304044029B5CC644] - 18/06/2009 - 14:18:10 ---A- . (.Windows ® Win 7 DDK provider - ASUS CopyProtect driver.) -- C:\Windows\system32\drivers\lullaby.sys [15928]

O58 - SDL:[MD5.3D3C4B63F11F63F50253E734F0ACE9F2] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24152]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 13/07/2009 - 20:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 20:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 20:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 01:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 01:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.FB83B6C62DFF5ABE36304351D2BED581] - 07/07/2009 - 14:48:44 ---A- . (.Cisco Systems, Inc. - Address Resolution Protocol Driver.) -- C:\Windows\system32\drivers\pnarp.sys [33328]

O58 - SDL:[MD5.1B3434642CE3C26E6F24D3A76D749C2A] - 07/07/2009 - 14:48:44 ---A- . (.Cisco Systems, Inc. - NDIS Relay Driver.) -- C:\Windows\system32\drivers\purendis.sys [35376]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 13/07/2009 - 20:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 20:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.C903D49655B4AAE46673F0AAA6BE0F58] - 09/01/2009 - 15:02:08 ---A- . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\system32\drivers\RimSerial_AMD64.sys [31744]

O58 - SDL:[MD5.71B48DDAF5E9C2B40E64DE5C405F5AAC] - 16/02/2011 - 17:23:46 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\system32\drivers\RimUsb_AMD64.sys [74240]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 15:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.1BC348CF6BAA90EC8E533EF6E6A69933] - 10/06/2009 - 15:35:57 ---A- . (.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device.) -- C:\Windows\system32\drivers\SiSG664.sys [56832]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 13/07/2009 - 20:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 20:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.19D8F6FF8344C47872BA351D04A190DD] - 05/06/2009 - 05:15:55 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\system32\drivers\sncduvc.sys [42176]

O58 - SDL:[MD5.1D8474722CDFFBB8FCA5FA12C50A05A2] - 05/06/2009 - 05:15:55 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\system32\drivers\snp2uvc.sys [1806400]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 20:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.7CCD346AF4AD6CA05D48A57395B7192E] - 31/01/2011 - 16:14:49 ---A- . (.Trend Micro Inc. - Trend Micro NDIS 6.0 Filter Driver (amd64-fre).) -- C:\Windows\system32\drivers\tmlwf.sys [201232]

O58 - SDL:[MD5.803EE35DF92815EA5D41CEE7410C8CC1] - 30/07/2010 - 12:30:20 ---A- . (.Trend Micro Inc. - Pre-Filter For AMD64.) -- C:\Windows\system32\drivers\tmpreflt.sys [42576]

O58 - SDL:[MD5.21CC12B7F8B44E91D03EAD5B17AAF0B2] - 31/01/2011 - 16:14:50 ---A- . (.Trend Micro Inc. - Trend Micro TDI Driver (amd64-fre).) -- C:\Windows\system32\drivers\tmtdi.sys [107536]

O58 - SDL:[MD5.7E64526E21731DE9F7DC2BE0B7251561] - 31/01/2011 - 16:14:50 ---A- . (.Trend Micro Inc. - Trend Micro WFP callout Driver (amd64-fre).) -- C:\Windows\system32\drivers\tmwfp.sys [339984]

O58 - SDL:[MD5.9BD32132A3470CEFB3CBEA5FA492BD6F] - 30/07/2010 - 12:30:26 ---A- . (.Trend Micro Inc. - Post Filter For AMD64.) -- C:\Windows\system32\drivers\tmxpflt.sys [309840]

O58 - SDL:[MD5.8021F63311797085949FA387F7C83583] - 17/06/2009 - 12:01:00 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys [54664]

O58 - SDL:[MD5.9D33204858E26CF6858BB3602BE399D2] - 12/12/2010 - 00:09:08 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys [291760]

O58 - SDL:[MD5.90F0B1745ABF13F44C2A6ED79F7CE9FB] - 11/11/2010 - 10:27:00 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys [50864]

O58 - SDL:[MD5.9E4E65EA51E34647340BD6007467AC54] - 29/11/2010 - 11:47:00 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys [82224]

O58 - SDL:[MD5.7D2467D3EB9BAA4B69AE4A28C83DE57A] - 30/08/2010 - 10:48:00 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys [94528]

O58 - SDL:[MD5.B6FDC3C76FFE9C5171EEA9C37EA367C2] - 24/07/2009 - 11:33:00 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys [26472]

O58 - SDL:[MD5.7052B10E54B48AF12BD5606596A8E039] - 26/04/2010 - 11:48:00 ---A- . (.TOSHIBA Corporation - Bluetooth Audio Driver (WDM).) -- C:\Windows\system32\drivers\TosRfSnd.sys [63488]

O58 - SDL:[MD5.C0837ACD637A55CD789179E123212B94] - 02/12/2010 - 19:30:00 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys [67384]

O58 - SDL:[MD5.8F69C38A8BA725F891F26AAC8888696E] - 04/08/2010 - 21:17:14 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\viahduaa.sys [1342064]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 13/07/2009 - 20:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.B01CE1F5A44126892240D179A6DBD43F] - 30/07/2010 - 12:24:14 ---A- . (.Trend Micro Inc. - VsapiNT for AMD64.) -- C:\Windows\system32\drivers\vsapint.sys [1988176]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 13/07/2009 - 20:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [38224]

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Windows\system32\Drivers\ASDSM.sys - AsDsm (AsDsm) .(...) - LEGACY_ASDSM

O64 - Services: CurCS - C:\Program Files\ATKGFNEX\ASMMAP64.sys - ASMMAP64 (ASMMAP64) .(...) - LEGACY_ASMMAP64

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - (.not file.) - cpuz134 (cpuz134) .(...) - LEGACY_CPUZ134

O64 - Services: CurCS - 30/08/2010 - D:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys - driverhardwarev2x64(driverhardwarev2x64) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64

O64 - Services: CurCS - (.not file.) - eamon (eamon) .(...) - LEGACY_EAMON

O64 - Services: CurCS - (.not file.) - ehdrv (ehdrv) .(...) - LEGACY_EHDRV

O64 - Services: CurCS - (.not file.) - epfwwfpr (epfwwfpr) .(...) - LEGACY_EPFWWFPR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\iaStor.sys - Intel AHCI Controller(iaStor) .(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) - LEGACY_IASTOR

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\lullaby.sys - lullaby(lullaby) .(.Windows ® Win 7 DDK provider - ASUS CopyProtect driver.) - LEGACY_LULLABY

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\pnarp.sys - Pure Networks Device Discovery Driver(pnarp) .(.Cisco Systems, Inc. - Address Resolution Protocol Driver.) - LEGACY_PNARP

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\purendis.sys - Pure Networks Wireless Driver(purendis) .(.Cisco Systems, Inc. - NDIS Relay Driver.) - LEGACY_PURENDIS

O64 - Services: CurCS - 07/08/2009 - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\WNt500x64\Sandra.sys - SANDRA(SANDRA) .(.SiSoftware - Sandra Device Driver (x64)(Unicode).) - LEGACY_SANDRA

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\tmlwf.sys - Trend Micro NDIS 6.0 Filter Driver(tmlwf) .(.Trend Micro Inc. - Trend Micro NDIS 6.0 Filter Driver (amd64-f.) - LEGACY_TMLWF

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\tmpreflt.sys - tmpreflt(tmpreflt) .(.Trend Micro Inc. - Pre-Filter For AMD64.) - LEGACY_TMPREFLT

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\tmtdi.sys - Trend Micro TDI Driver(tmtdi) .(.Trend Micro Inc. - Trend Micro TDI Driver (amd64-fre).) - LEGACY_TMTDI

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\tmwfp.sys - Trend Micro WFP Callout Driver(tmwfp) .(.Trend Micro Inc. - Trend Micro WFP callout Driver (amd64-fre).) - LEGACY_TMWFP

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\tmxpflt.sys - tmxpflt(tmxpflt) .(.Trend Micro Inc. - Post Filter For AMD64.) - LEGACY_TMXPFLT

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\vsapint.sys - vsapint(vsapint) .(.Trend Micro Inc. - VsapiNT for AMD64.) - LEGACY_VSAPINT

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <Opera.HTML>[HKCR\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {8E02D41C-5924-4816-9490-33CCD28BEB72} - (Yahoo! Search) - Yahoo! Search - Web Search

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.4553627597CAD15DDC01FF6C2EB08CF2] [sPRF] (.Xftjtumru Vucauysdjzh - Direct3D Progressive Mesh DLL.) -- C:\Users\Daniel\AppData\Roaming\KBDICR.dll [105472]

[MD5.DE9F921C91E59EB1ED4028D340F0DD4C] [sPRF] (.Opera Software - Opera Internet Browser.) -- C:\Users\Daniel\AppData\Roaming\spread.exe [944496]

[MD5.ECA231E339A24B911C5D19B5ED2F34D9] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Daniel\AppData\Roaming\Sys2662.Config.Repository.bin [22]

[MD5.17B0E09D658A1A47719E8A353BEDFBCF] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Daniel\AppData\Roaming\Sys6925.Config Collection.sys [22]

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{CB7C2277-323C-413B-86A5-87D0910343C5}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "TCP Query User{3C0B4D9E-A319-4D44-AA78-AF1FEB77FE3D}D:\dossier du bureau\install\p2p\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- D:\dossier du bureau\install\p2p\utorrent.exe

O87 - FAEL: "UDP Query User{EBC1A419-144A-434F-A5B6-9F76E2B38319}D:\dossier du bureau\install\p2p\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- D:\dossier du bureau\install\p2p\utorrent.exe

O87 - FAEL: "{264F792B-9DCD-4C5F-B69C-450C4FAF6795}" | In - Private - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{9834753E-7D7D-4EAA-8F08-5F6545DFC62F}" | In - Private - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{ED7C6252-74C1-4DAF-BD95-042B0153A795}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "TCP Query User{0A502F7F-2D41-42E8-8E9B-EC44D8D02121}C:\program files\mirc\mirc.exe" | In - Private - P6 - TRUE | .(.mIRC Co. Ltd. - mIRC.) -- C:\program files\mirc\mirc.exe

O87 - FAEL: "UDP Query User{49E1F07B-01E1-4675-9D90-5892AFC08C71}C:\program files\mirc\mirc.exe" | In - Private - P17 - TRUE | .(.mIRC Co. Ltd. - mIRC.) -- C:\program files\mirc\mirc.exe

O87 - FAEL: "{AFCE0DEB-1700-4F34-91C9-189520CA4F55}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- D:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "{9C6897A1-5E1F-4C17-A553-2CD42826D68C}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- D:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "{5B076028-3F70-4B78-AFC6-A26AAC3F1D6D}" | In - Domain - P6 - TRUE | .(.SiSoftware - SiSoftware Deployment Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\RpcAgentSrv.exe

O87 - FAEL: "{2DC89590-2AF4-43BC-BDD1-D80AD3440EA5}" | In - Domain - P6 - TRUE | .(.SiSoftware - SiSoftware Sandra Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\WNt500x64\RpcSandraSrv.exe

O87 - FAEL: "{FD7778EC-0E6A-4C20-8A1A-EE3EE41D7E7B}" |In - Public - P6 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)

O87 - FAEL: "{B593314A-9F58-4662-B4B3-5E8A4FAAD6E1}" |In - Public - P17 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)

O87 - FAEL: "{D0EAEEC4-3054-420E-8EBA-1DA9A921B0A6}" |In - Private - P6 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)

O87 - FAEL: "{7A0E756C-0558-4141-A40A-41148A0F9660}" |In - Private - P17 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)

O87 - FAEL: "TCP Query User{8092F9F4-9435-4272-B0E1-C5C419360AC5}D:\raccourcis du bureau\p2p\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- D:\raccourcis du bureau\p2p\utorrent.exe

O87 - FAEL: "UDP Query User{9C24BAD2-C829-4687-AEA2-12B06A0471BC}D:\raccourcis du bureau\p2p\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- D:\raccourcis du bureau\p2p\utorrent.exe

O87 - FAEL: "{BA98700F-D785-416F-9C44-D6D70A878975}" | In - Public - P6 - TRUE | .(.Cisco Systems, Inc. - Pure Networks Platform Service.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O87 - FAEL: "{132D0F25-5AB1-4A10-ABFF-6A58782126FA}" | In - Public - P17 - TRUE | .(.Cisco Systems, Inc. - Pure Networks Platform Service.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 7931 - (20/05/2011)

Clés trouvées (Keys found) : 1

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

 

[HKCU\Software\Ask&Record] =>Toolbar.Agent

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

SR - | Auto 31/03/2008 0 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe

SR - | Auto 15/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

SS - | Disabled 23/09/2010 67584 | (cbVSCService) . (.CobianSoft, Luis Cobian.) - D:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe

SS - | Auto 04/05/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 04/05/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Disabled 04/05/2010 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

SS - | Disabled 09/01/2011 420864 | (maconfservice) . (.CybelSoft.) - D:\Program Files\ma-config.com\x64\maconfservice.exe

SS - | Disabled 29/06/2007 800040 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

SS - | Disabled 27/06/2007 279848 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

SR - | Auto 07/07/2009 647216 | (nmservice) . (.Cisco Systems, Inc..) - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

SS - | Demand 06/12/2007 88560 | (Roxio UPnP Renderer 9) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

SS - | Auto 06/12/2007 362992 | (Roxio Upnp Server 9) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe

SS - | Auto 08/07/2009 313840 | (RoxLiveShare9) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

SS - | Demand 08/07/2009 1108464 | (RoxMediaDB9) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

SS - | Auto 08/07/2009 170480 | (RoxWatch9) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

SS - | Disabled 10/08/2009 93848 | (SandraAgentSrv) . (.SiSoftware.) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\RpcAgentSrv.exe

SR - | Auto 08/11/2010 836504 | (SfCtlCom) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

SR - | Demand 31/01/2011 570632 | (TMBMServer) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

SR - | Demand 31/01/2011 595960 | (TmPfw) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe

SR - | Demand 31/01/2011 917768 | (TmProxy) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

SR - | Auto 13/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Daniel at 25/05/2011 11:03:20

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Daniel at 25/05/2011 11:03:22

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

 

 

 

End of the scan (1277 lines in 05mn 07s)(0)

 

 

-----------------------------------------------------------------------------------------------------------------

 

 

Merci et bonne journée,

Speck41

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Re,

 

Chrome: Viruslist.com - Google Chrome Multiple Vulnerabilities

 

ZHPFix :

 

  • Ferme toutes les applications ouvertes
     
  • Double-clique sur ZHPFix, raccourci installé par ZHPDiag sur le Bureau
    Important:
    Sous Vista et Windows 7 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur.
     
  • Copie les lignes ci-dessous dans la fenêtre

 

O4 - HKCU\..\Run: [Peii] rundll32 "C:\Users\Daniel\AppData\Roaming\KBDICR.dll (.not file.) 
O4 - HKUS\S-1-5-21-279159176-2999597518-1161301331-1001\..\Run: [Peii] rundll32 "C:\Users\Daniel\AppData\Roaming\KBDICR.dll (.not file.)      
O43 - CFD: 19/01/2011 - 18:49:26 - [695] ----D- C:\ProgramData\Partner      
O43 - CFD: 13/02/2011 - 11:34:34 - [1709] ----D- C:\ProgramData\regid.1986-12.com.adobe  
O53 - SMSR:HKLM\...\startupreg\ie9installer [Key] . (...) -- C:\Users\Daniel\AppData\Local\Temp\iesetup-win7-x64.exe (.not file.)      
O53 - SMSR:HKLM\...\startupreg\Setwallpaper [Key] . (...) -- c:\programdata\SetWallpaper.cmd (.not file.)    
O87 - FAEL: "{FD7778EC-0E6A-4C20-8A1A-EE3EE41D7E7B}" |In - Public - P6 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)      
O87 - FAEL: "{B593314A-9F58-4662-B4B3-5E8A4FAAD6E1}" |In - Public - P17 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)      
O87 - FAEL: "{D0EAEEC4-3054-420E-8EBA-1DA9A921B0A6}" |In - Private - P6 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)      
O87 - FAEL: "{7A0E756C-0558-4141-A40A-41148A0F9660}" |In - Private - P17 - TRUE | .(...) -- D:\Program Files (X86)\BlueSoleil\BlueSoleilCS.exe (.not file.)      
[HKCU\Software\Ask&Record]    
emptyflash
emptytemp

 

  • Clique sur l'icone représentant la lettre H (« coller les lignes Helper »). Le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le.
     
    Clique sur le bouton GO pour lancer le nettoyage

 

  • Valide par Oui la désinstallation des programmes si demandé
     
  • Laisse l'outil travailler. Si un redémarrage est demandé, accepte et redémarre le PC
     
  • Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
    Le rapport ZHPFixReport.txt est enregistré sous C:\Program files\ZHPDiag\ZHPFixReport.tx

 

+++

speck41 Mega Power Member

speck41

Posté(e)
  • Auteur
Posté(e)

Bonjour Apollo, merci de ton aide.

Je vois que Chrome est vulnérable et je ne m'en sers pas. Est-ce que je devrais le désinstaller?

Voici le rapport demandé:

Rapport de ZHPFix 1.12.3283 par Nicolas Coolman, Update du 14/05/2011

Fichier d'export Registre :

Run by Daniel at 25/05/2011 16:22:18

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Web site : ZHPFix Fix de rapport

 

========== Clé(s) du Registre ==========

O53 - SMSR:HKLM\...\startupreg\ie9installer [Key] . (...) -- C:\Users\Daniel\AppData\Local\Temp\iesetup-win7-x64.exe (.not file.) => Clé non supprimée

O53 - SMSR:HKLM\...\startupreg\Setwallpaper [Key] . (...) -- c:\programdata\SetWallpaper.cmd (.not file.) => Clé non supprimée

HKCU\Software\Ask&Record => Clé supprimée avec succès

 

========== Valeur(s) du Registre ==========

O4 - HKCU\..\Run: [Peii] rundll32 "C:\Users\Daniel\AppData\Roaming\KBDICR.dll (.not file.) => Valeur supprimée avec succès

O4 - HKUS\S-1-5-21-279159176-2999597518-1161301331-1001\..\Run: [Peii] rundll32 "C:\Users\Daniel\AppData\Roaming\KBDICR.dll (.not file.) => Valeur absente

{FD7778EC-0E6A-4C20-8A1A-EE3EE41D7E7B} => Valeur supprimée avec succès

{B593314A-9F58-4662-B4B3-5E8A4FAAD6E1} => Valeur supprimée avec succès

{D0EAEEC4-3054-420E-8EBA-1DA9A921B0A6} => Valeur supprimée avec succès

{7A0E756C-0558-4141-A40A-41148A0F9660} => Valeur supprimée avec succès

 

========== Dossier(s) ==========

C:\ProgramData\Partner => Supprimé et mis en quarantaine

C:\ProgramData\regid.1986-12.com.adobe => Supprimé et mis en quarantaine

Dossiers Flash Cookies supprimés : 37

Dossiers temporaires Windows supprimés: 104

 

========== Fichier(s) ==========

c:\users\daniel\appdata\roaming\kbdicr.dll => Supprimé et mis en quarantaine

c:\users\daniel\appdata\local\temp\iesetup-win7-x64.exe => Fichier absent

c:\programdata\setwallpaper.cmd => Fichier absent

Fichiers Flash Cookies supprimés : 17

Fichiers temporaires Windows supprimés : 80

 

 

========== Récapitulatif ==========

3 : Clé(s) du Registre

6 : Valeur(s) du Registre

4 : Dossier(s)

5 : Fichier(s)

 

 

End of the scan

 

 

---------------------------------------------------------------------------------------------------------------------------------------------------

 

Merci et j'attends de tes nouvelles,

Speck41

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Voici mes nouvelles ;)

 

Je vois que Chrome est vulnérable et je ne m'en sers pas. Est-ce que je devrais le désinstaller?

Affirmatif, mon colonel.

 

Veille à ce que tes navigateurs soient toujours bien à jour, comme tout'autre application d'ailleurs.

On en reparlera.

 

1) Télécharge TFC par OldTimer et enregistre-le sur le bureau.

 

  • Fais un double clic sur TFC.exe pour le lancer. (Note: Si tu es sous Vista/7, fais un clic droit sur le fichier et choisis Exécuter en tant qu'Administrateur).
  • L'outil va fermer tous les programmes lors de son exécution, donc vérifie que tu as sauvegardé tout ton travail en cours avant de commencer.
  • Clique sur le bouton Start pour lancer le processus. Selon la fréquence à laquelle tu supprimes tes fichiers temporaires, cela peut durer de quelques secondes à une minute ou deux. Laisse le programme s'exécuter sans l'interrompre.
  • Lorsqu'il a terminé, l'outil devrait faire redémarrer ton système. S'il ne le fait pas, fais redémarrer manuellement le PC pour parachever le nettoyage.

 

2) Télécharge Malwarebytes' Anti-Malware (MBAM).

 

Malwarebytes : Malwarebytes Anti-Malware is a free download that removes viruses and malware from your computer clique pour la version FREE et enregistre l'exécutable sur le bureau.

 

Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

 

Ce logiciel est à garder.

 

Uniquement en cas de problème de mise à jour:

 

Télécharger mises à jour MBAM

 

Exécute le fichier après l'installation de MBAM

 

Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen complet"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Si MBAM demande à redémarrer le pc, fais-le.

 

Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.

 

@++

speck41 Mega Power Member

speck41

Posté(e)
  • Auteur
Posté(e)

Salut Apollo, voici le rapport Malwarebytes:

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6678

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

 

2011-05-25 20:55:23

mbam-log-2011-05-25 (20-55-23).txt

 

Type d'examen: Examen complet (C:\|D:\|F:\|G:\|)

Elément(s) analysé(s): 414362

Temps écoulé: 1 heure(s), 21 minute(s), 43 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

g:\crack windows 7\removewat.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.

g:\crack windows 7\remove wat (for windows 7)\removewat\removewat.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.

g:\network magic\network magic pro 5.1.8354.0-res\Patch.exe (Patch.NetworkMagic) -> Quarantined and deleted successfully.

 

 

---------------------------------------------------------------------------------------------------------------

 

Encore merci, en attente de tes instructions.

Speck41

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

Fais un nouveau log ZHPDiag et héberge le rapport sur Cijoint.fr - Service gratuit de dépôt de fichiers stp.

 

@++

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...