Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

bonsoir à tous

 

Je viens de faire un contrôle ZHPDiag.

Après analyse du log, ZHP signale plusieurs infections : pourriez-vous m'aider à remettre le système "propre"

 

Par avance merci pour votre aide

 

jpt

 

le log ZHPDIAG

 

Rapport de ZHPDiag v1.28.2240 par Nicolas Coolman, Update du 15/11/2011

Run by HP_Propriétaire at 17/11/2011 19:32:05

Web site : ZHPDiag Outil de diagnostic

State : Version à jour.

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

MFIE: Mozilla Firefox 8.0 v8.0 (Defaut)

 

---\\ Windows Product Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Windows Automatic Updates : OK

Windows Genuine Advantage : KO

 

---\\ System Information

~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1022 MB (53% free)

System Restore: Activé (Enable)

System drive C: has 96 GB (67%) free of 143 GB

 

---\\ Logged in mode

~ Computer Name: MAISON

~ User Name: HP_Propriétaire

~ All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HP_Propriétaire, HelpAssistant, ASPNET, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\

~ %Desktop% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\

~ %Favorites% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Favoris\

~ %LocalAppData% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\

~ %StartMenu% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Menu Démarrer\

~ %Windir% : C:\WINDOWS\

~ %System% : C:\WINDOWS\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 143 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 6 Go)

E:\ CD-ROM drive (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/05/2009 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.13/05/2009 - 18:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792]

[MD5.7DF35C3D173E799F97F208CC5F3B1C93] - (.Microsoft Corporation - Internet Extensions for Win32.) (.13/10/2011 - 00:41:31.) -- C:\WINDOWS\system32\wininet.dll [916480]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/05/2009 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]

[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/10/2011 - 14:49:54.) -- C:\WINDOWS\system32\drivers\AFD.sys [138496]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/05/2009 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]

[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/05/2009 - 11:14:22.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744]

[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/05/2009 - 10:40:48.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [62976]

[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/05/2009 - 17:57:40.) -- C:\WINDOWS\system32\drivers\Fips.sys [44672]

[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/05/2009 - 08:36:06.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [144384]

[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/05/2009 - 18:00:54.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [54144]

[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/05/2009 - 10:41:00.) -- C:\WINDOWS\system32\drivers\Imapi.sys [42112]

[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/05/2009 - 10:57:16.) -- C:\WINDOWS\system32\drivers\IpNat.sys [152832]

[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/05/2009 - 11:19:44.) -- C:\WINDOWS\system32\drivers\IPSec.sys [75264]

[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/08/2011 - 14:29:31.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [456320]

[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/05/2009 - 11:21:02.) -- C:\WINDOWS\system32\drivers\netBT.sys [162816]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/05/2009 - 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/05/2009 - 18:09:42.) -- C:\WINDOWS\system32\drivers\Parport.sys [80384]

[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/05/2009 - 11:19:44.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328]

[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/05/2009 - 10:32:52.) -- C:\WINDOWS\system32\drivers\rdpdr.sys [196224]

[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/05/2009 - 17:57:36.) -- C:\WINDOWS\system32\drivers\redbook.sys [58752]

[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/05/2009 - 17:56:06.) -- C:\WINDOWS\system32\drivers\volsnap.sys [53376]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 47/1656

~ Mes musiques (My Musics) : 3/11

~ Mes Videos (My Videos) : 1/14

~ Mes Favoris (My Favorites) : 2/54

~ Mes Documents (My Documents) : 57/2203

~ Mon Bureau (My Desktop) : 1/74

~ Menu demarrer (Programs) : 6/43

~ Scan Hidden Files in 00mn 05s

 

 

 

---\\ Processus lancés

[MD5.56139566E462C1FB1775E140D4EE6B22] - (.COMODO - COMODO livePCsupport Service.) -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [148744] [PID.]

[MD5.E534FBD8340B7C6C6A80589383430A53] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 162.3.) -- C:\WINDOWS\system32\nvsvc32.exe [155716] [PID.]

[MD5.D95BC532839D710BF6EB3F5E32314B3E] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1883328] [PID.]

[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]

[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]

[MD5.D8E18021F91AD79CA8491CB5A5DA22D4] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144] [PID.]

[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]

[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.896]

[MD5.7000AECBA8B40D724BB569F7F3D7605D] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2497352] [PID.]

[MD5.D179E1DE532C903AB1D57A4E81342F40] - (.Secunia - Secunia PSI Tray.) -- C:\Program Files\Secunia\PSI\psi_tray.exe [291896] [PID.1536]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [PID.1632]

[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [PID.]

[MD5.92E16F5D034E7864DA308BA6309A98B7] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [161664] [PID.]

[MD5.7198BBFBE46C0070257278C536386687] - (.Secunia - Secunia PSI Agent.) -- C:\Program Files\Secunia\PSI\PSIA.exe [993848] [PID.]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]

[MD5.0411F7EE63AE48D2918AB4F2C79AB6C4] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [78848] [PID.]

[MD5.D2FCA567F9BE87E29B9A9FA32FFE79CA] - (.Secunia - Secunia Update Agent.) -- C:\Program Files\Secunia\PSI\sua.exe [399416] [PID.]

[MD5.29400047B0A12BACD9494FCFE4808EE9] - (.Nicolas Coolman - Nettoyeur de rapport ZHPDiag.) -- C:\Program Files\ZHPFix\ZHPFix.exe [503296] [PID.2260]

[MD5.FABE3BC6C275524D73EE1EF6F2A9D85E] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [705024] [PID.2612]

[MD5.AA94FDD59696B169979B7279F49832DF] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [908288] [PID.3316]

[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]

~ Scan Processes Running in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\r3qmmca7.default\prefs.js

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml

M0 - MFSP: prefs.js [HP_Propriétaire - r3qmmca7.default] www.orange.fr

M2 - MFEP: prefs.js [HP_Propriétaire - r3qmmca7.default\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}] [] Forecastfox v0.9.6 (.Jon Stritar.)

M2 - MFEP: prefs.js [HP_Propriétaire - r3qmmca7.default\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}] [febe] FEBE v5.3.1 (.Chuck Baker.)

M2 - MFEP: prefs.js [HP_Propriétaire - r3qmmca7.default\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)] [noscript] NoScript v1.6.5 (.Giorgio Maone.)

M2 - MFEP: prefs.js [HP_Propriétaire - r3qmmca7.default\{bb628310-0ab7-11db-9cd8-0800200c9a66}] [] Ma-config.com v2.0.4.13 (.charon@ma-config.com.)

M2 - MFEP: prefs.js [HP_Propriétaire - r3qmmca7.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus v0.7.5.4 (.Wladimir Palant.)

M2 - MFEP: prefs.js [HP_Propriétaire - r3qmmca7.default\{DDC359D1-844A-42a7-9AA1-88A850A938A8}] [] DownThemAll! v1.0.1 (.Federico Parodi, Stefano Verna, Nils Maier.)

P2 - FPN:Firefox Plugin Navigator . (.C3D - CrazyTalk4 Native Control Module.) -- C:\Program Files\Mozilla Firefox\Plugins\CrazyTalk4Native.dll

P2 - FPN:Firefox Plugin Navigator . (.Reallusion Inc. - CTDOMemHelper DLL.) -- C:\Program Files\Mozilla Firefox\Plugins\ctdomemhelper.dll

P2 - FPN:Firefox Plugin Navigator . (.Reallusion Inc. - CTFramePlayerObject DLL.) -- C:\Program Files\Mozilla Firefox\Plugins\ctframeplayerobject.dll

P2 - FPN:Firefox Plugin Navigator . (.Reallusion Inc. - CrazyTalk PlayerObject Program.) -- C:\Program Files\Mozilla Firefox\Plugins\ctplayerobject.dll

P2 - FPN:Firefox Plugin Navigator . (.BEXTech - IMagickRT.) -- C:\Program Files\Mozilla Firefox\Plugins\imagickrt.dll

P2 - FPN:Firefox Plugin Navigator . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - npRLCT4Player.) -- C:\Program Files\Mozilla Firefox\Plugins\npRLCT4Player.dll

P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16299.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll

P2 - FPN:Firefox Plugin Navigator . (.Reallusion Inc. - RLContentClass DLL.) -- C:\Program Files\Mozilla Firefox\Plugins\rlcontentclass.dll

P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\RLMusicPacker.dll

P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\RLMusicUnpacker.dll

P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\RLVoicePacker.dll

P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\RLVoiceUnpacker.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.0.254.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.1.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@nosltd.com/getPlus+®,version=1.6.2.99] - (.NOS Microsystems Ltd. - getplusplusadobe16299.) -- C:\Program Files\NOS\bin\np_gp.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 2.6.1f3.) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll

~ Scan Firefox Browser in 00mn 01s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19131 (longhorn_ie8_gdr.110815-1715)) -- C:\WINDOWS\system32\ieframe.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll

O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe

O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Daniel Orifice Flow Calculator 3.0.lnk . (.Emerson Process Management - Daniel Divisio.) -- C:\Program Files\Daniel\Orifice Calculator\Orifice Calculator.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\msn.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\My PC Choice.lnk . (...) -- C:\hp\VINETLINK\VINETLINK.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Pidgin.lnk . (.The Pidgin developer community.) -- C:\Program Files\Pidgin\pidgin.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Secunia PSI.lnk . (.Secunia.) -- C:\Program Files\Secunia\PSI\psi.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11)

O11 - Options group: [java_sun] Java (Sun). (.Oracle Corporation - Java Deployment Library .) - C:\Program Files\Java\jre7\bin\deploy.dll

~ Scan IE Plugins in 00mn 00s

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab

~ Scan Objets ActiveX in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{6F381D18-7055-4195-A9D4-955B66E86633}: NameServer = 156.154.70.25,156.154.71.25

O17 - HKLM\System\CCS\Services\Tcpip\..\{6F381D18-7055-4195-A9D4-955B66E86633}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com

O17 - HKLM\System\CS1\Services\Tcpip\..\{6F381D18-7055-4195-A9D4-955B66E86633}: NameServer = 156.154.70.25,156.154.71.25

O17 - HKLM\System\CS1\Services\Tcpip\..\{6F381D18-7055-4195-A9D4-955B66E86633}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51

O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com

O17 - HKLM\System\CS2\Services\Tcpip\..\{6F381D18-7055-4195-A9D4-955B66E86633}: NameServer = 156.154.70.25,156.154.71.25

O17 - HKLM\System\CS2\Services\Tcpip\..\{6F381D18-7055-4195-A9D4-955B66E86633}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51

O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

~ Scan Winlogon in 00mn 00s

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.COMODO - COMODO Internet Security.) - C:\WINDOWS\system32\guard32.dll

~ Scan AppInit DLL in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: COMODO livePCsupport Service (CLPSLS) . (.COMODO - COMODO livePCsupport Service.) - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 162.3.) - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Secunia PSI Agent (Secunia PSI Agent) . (.Secunia - Secunia PSI Agent.) - C:\Program Files\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - C:\Program Files\Secunia\PSI\sua.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (pgdfgsvc C 1) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{91E1D525-7998-42A1-B439-E2C1F9F478D0}.job

~ Scan Scheduled Task in 00mn 00s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe

O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe

O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Oracle Corporation - Java Deployment Library.) -- C:\Program Files\Java\jre7\bin\deploy.dll

O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp11.inf

O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll

O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (...) -- C:\WINDOWS\INF\fxsocm.inf

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys

O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\WINDOWS\system32\DRIVERS\cmdguard.sys

O41 - Driver: (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\WINDOWS\system32\DRIVERS\cmdhlp.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys

O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}

O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}

O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader X (10.0.1) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA0000000001}

O42 - Logiciel: Adobe Reader X (10.1.1) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001}

O42 - Logiciel: Advanced Audio FX Engine - (.Pas de propriétaire.) [HKLM] -- Advanced Audio FX Engine

O42 - Logiciel: Advanced Video FX Engine - (.Pas de propriétaire.) [HKLM] -- Advanced Video FX Engine

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A83279FD-CA4B-4206-9535-90974DE76654}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Auchan Photogenie - (.Pas de propriétaire.) [HKLM] -- Auchan Photogenie_is1

O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1

O42 - Logiciel: Auslogics Registry Cleaner - (.Auslogics Software Pty Ltd.) [HKLM] -- {8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: COMODO Internet Security - (.COMODO Group Inc..) [HKLM] -- {FD8E178D-8B4E-42DA-B434-EFF270329B1C}

O42 - Logiciel: Creative Live! Cam Center - (.Pas de propriétaire.) [HKLM] -- Creative Live! Cam Center

O42 - Logiciel: Creative Live! Cam Doodling - (.Pas de propriétaire.) [HKLM] -- Creative Live! Cam Doodling

O42 - Logiciel: Creative Live! Cam FX Creator - (.Pas de propriétaire.) [HKLM] -- Creative Live! Cam FX Creator

O42 - Logiciel: Creative Live! Cam Manager - (.Pas de propriétaire.) [HKLM] -- Creative Live! Cam Manager

O42 - Logiciel: Creative Live! Cam Video IM Pro (VF0410) (1.01.01.00) - (.Pas de propriétaire.) [HKLM] -- Creative VF0410

O42 - Logiciel: Creative Photo Calendar - (.Pas de propriétaire.) [HKLM] -- Creative Photo Calendar

O42 - Logiciel: Creative Software AutoUpdate - (.Pas de propriétaire.) [HKLM] -- Creative Software AutoUpdate

O42 - Logiciel: Creative System Information - (.Pas de propriétaire.) [HKLM] -- SysInfo

O42 - Logiciel: Daniel Orifice Flow Calculator - (.Daniel Measurement and Control, Inc..) [HKLM] -- {42759811-4AB6-43AF-B49D-737318C87748}

O42 - Logiciel: Daniel Orifice Flow Calculator - (.Daniel Measurement and Control, Inc..) [HKLM] -- {43B402B3-0027-0002-3757-3015BD2DE2CD}

O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}

O42 - Logiciel: DriverAgent by eSupport.com - (.Pas de propriétaire.) [HKLM] -- DriverAgent.exe

O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.) [HKLM] -- EVEREST Home Edition_is1

O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD

O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- Free PDF to Word Doc Converter_is1

O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- HP Document Viewer

O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- HP Photo & Imaging

O42 - Logiciel: Gestionnaire de photos Creative - (.Pas de propriétaire.) [HKLM] -- Creative Photo Manager

O42 - Logiciel: Guide de l'utilisateur Creative Live! Cam - (.Pas de propriétaire.) [HKLM] -- Creative Live! Cam User's Guide

O42 - Logiciel: HP Customer Participation Program 9.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Deskjet All-In-One Software 9.0 - (.HP.) [HKLM] -- {FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}

O42 - Logiciel: HP Deskjet Printer Preload - (.Hewlett-Packard Company.) [HKLM] -- {2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}

O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential

O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: HP Smart Web Printing - (.Nom de votre société.) [HKLM] -- {415CDA53-9100-476F-A7B2-476691E117C7}

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {D46D081B-F60E-467E-A7C4-117B70D76731}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: IZArc 4.1 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Internet Explorer (Enable DEP) - (.Pas de propriétaire.) [HKLM] -- {AAA4CCCE-78DB-47B0-A651-68270D838BD4}

O42 - Logiciel: Internet Explorer (Enable DEP) - (.Pas de propriétaire.) [HKLM] -- {a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb

O42 - Logiciel: Java 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216029FF}

O42 - Logiciel: Java 7 Update 1 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217001FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: Live! Cam Avatar - (.Creative.) [HKLM] -- {1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}

O42 - Logiciel: Live! Cam Avatar Creator - (.Creative.) [HKLM] -- {65D0C510-D7B6-4438-9FC8-E6B91115AB0D}

O42 - Logiciel: MRU-Blaster v1.5 (Database 3/28/2004) - (.Javacool Software LLC.) [HKLM] -- MRU-Blaster_is1

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {3CAC9760-14F6-4539-A75F-F240EC55FEE9}

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {72AD53CC-CCC0-3757-8480-9EE176866A7C}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {0BD83598-C2EF-3343-847B-7D2E84599128}

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}

O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {A059DE09-1B49-4450-B340-7AE097EC3F04}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack

O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0 (x86 fr)

O42 - Logiciel: Mozilla Thunderbird (7.0.1) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (7.0.1)

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA Pilote graphique 260.99 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

O42 - Logiciel: NVIDIA nView 135.36 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView

O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager

O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {05653DE1-6567-40C6-B930-39D399B64369}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Pidgin - (.Pas de propriétaire.) [HKLM] -- PS2

O42 - Logiciel: Pidgin - (.Pas de propriétaire.) [HKLM] -- Pidgin

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C}

O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}

O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver - (.Realtek.) [HKLM] -- {F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}

O42 - Logiciel: Realtek RTL8139 Diagnostics Program - (.Pas de propriétaire.) [HKLM] -- {7FC2AF73-10ED-404E-84A8-636B452404FD}

O42 - Logiciel: Recuva (remove only) - (.Piriform.) [HKLM] -- Recuva

O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller

O42 - Logiciel: SIW version 2010.07.14 - (.Topala Software Solutions.) [HKLM] -- {AB67580-257C-45FF-B8F4-C8C30682091A}_is1

O42 - Logiciel: Secunia PSI (2.0.0.3001) - (.Pas de propriétaire.) [HKLM] -- Secunia PSI

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2487367) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Skype 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846}

O42 - Logiciel: Sonic Express Labeler - (.Sonic Solutions.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

O42 - Logiciel: Sonic MyDVD Plus - (.Sonic Solutions.) [HKLM] -- {21657574-BD54-48A2-9450-EB03B2C7FC29}

O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629}

O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205}

O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}

O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab

O42 - Logiciel: TweakNow WinSecret 2011 - (.TweakNow.com.) [HKLM] -- TweakNow WinSecret 2011_is1

O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523

O42 - Logiciel: VC 9.0 Runtime - (.Check Point Software Technologies Ltd.) [HKLM] -- {A040AC77-C1AA-4CC9-8931-9F648AF178F6}

O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}

O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] -- {121634B0-2F4B-11D3-ADA3-00C04F52DD52}

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- InstallShield_{AB61A692-5543-4C48-979B-8CEA1C52FE9C}

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- InstallShield_{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Management Framework Core - (.Microsoft Corporation.) [HKLM] -- KB968930

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Zeb-Utility 1.2 - (.Pas de propriétaire.) [HKLM] -- Zeb-Utility 1.2

O42 - Logiciel: ZebHelpProcess 2.52 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {29ED20C9-5E15-4969-9279-25BF3727A3DA}

O42 - Logiciel: muveeNow 2.0 - Creative - (.muvee Technologies.) [HKLM] -- {B0F64C44-DC77-497D-9A27-C0F5BAB12493}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ATI Technologies]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Auchan]

[HKCU\Software\Auslogics]

[HKCU\Software\Avira]

[HKCU\Software\Binary Noise]

[HKCU\Software\CDDB]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\ComodoGroup]

[HKCU\Software\Creative Tech]

[HKCU\Software\CrystalIdea Software]

[HKCU\Software\Definitive Solutions]

[HKCU\Software\DivXNetworks]

[HKCU\Software\ESET]

[HKCU\Software\EasyBits]

[HKCU\Software\EyePower Games]

[HKCU\Software\Google]

[HKCU\Software\HP]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\IZSoftware]

[HKCU\Software\InstallShield]

[HKCU\Software\Intel]

[HKCU\Software\InterVideo]

[HKCU\Software\Iris]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavalys]

[HKCU\Software\Leadertech]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Log Viewer]

[HKCU\Software\MRU-Blaster]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Mirabilis]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\MyDefrag]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\ORL]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PDFCreator]

[HKCU\Software\PepiMK Software]

[HKCU\Software\Phoenix Technologies]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\SampleView]

[HKCU\Software\Secunia]

[HKCU\Software\Skype]

[HKCU\Software\Softonic]

[HKCU\Software\Sonic]

[HKCU\Software\Sysinternals]

[HKCU\Software\TCP Optimizer]

[HKCU\Software\TR]

[HKCU\Software\Thunderbird]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\TweakNow WinSecret 2011]

[HKCU\Software\Uniblue]

[HKCU\Software\Unity]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\cybelsoft]

[HKCU\Software\muvee Technologies]

[HKCU\Software\pidgin]

[HKLM\Software\A-Patch]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Auchan]

[HKLM\Software\Avance]

[HKLM\Software\Avira]

[HKLM\Software\Borland]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CDDB]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\ComodoGroup]

[HKLM\Software\Creative Tech]

[HKLM\Software\Creative]

[HKLM\Software\Debug]

[HKLM\Software\DivXNetworks]

[HKLM\Software\Eset]

[HKLM\Software\GEAR Software]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\HPQ]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\IZSoftware]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaRa]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\LEAD Technologies, Inc.]

[HKLM\Software\Licenses]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfee.com]

[HKLM\Software\MicroVision]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NOS]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\OldTimer Tools]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PC-Doctor]

[HKLM\Software\PDFCreator]

[HKLM\Software\Philips Semiconductors]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\Python]

[HKLM\Software\RTLSetup]

[HKLM\Software\Reallusion]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Runscanner.net]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secunia]

[HKLM\Software\Skype]

[HKLM\Software\SlimWare Utilities Inc]

[HKLM\Software\Sonic]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\SymNRT]

[HKLM\Software\Topala Software Solutions]

[HKLM\Software\TrendMicro]

[HKLM\Software\TweakNow WinSecret 2011]

[HKLM\Software\Uniblue]

[HKLM\Software\Ushustech]

[HKLM\Software\Wilson WindowWare]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\Windows]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Yahoo]

[HKLM\Software\Zeb-Utility]

[HKLM\Software\Zone Labs]

[HKLM\Software\cybelsoft]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

[HKLM\Software\optimidata]

[HKLM\Software\pidgin]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 31/01/2011 - 19:02:42 - [181144139] ----D- C:\Program Files\Ad-Remover

O43 - CFD: 10/02/2011 - 10:46:36 - [160665608] ----D- C:\Program Files\Adobe

O43 - CFD: 04/11/2011 - 17:36:06 - [688994] ----D- C:\Program Files\adslTV

O43 - CFD: 18/03/2008 - 07:50:30 - [3142953] ----D- C:\Program Files\AMD

O43 - CFD: 26/08/2011 - 21:58:58 - [2428606] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 29/01/2011 - 17:30:38 - [17283939] ----D- C:\Program Files\ATI

O43 - CFD: 14/02/2011 - 00:33:52 - [0] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 05/04/2010 - 07:49:44 - [16616781] ----D- C:\Program Files\Auchan

O43 - CFD: 04/11/2011 - 16:49:14 - [19151152] ----D- C:\Program Files\Auslogics

O43 - CFD: 03/10/2009 - 21:08:34 - [196736940] ----D- C:\Program Files\Avira

O43 - CFD: 31/01/2011 - 09:07:06 - [0] ----D- C:\Program Files\Babylon

O43 - CFD: 13/01/2011 - 19:44:52 - [6022826] ----D- C:\Program Files\backups

O43 - CFD: 16/01/2011 - 11:25:04 - [0] ----D- C:\Program Files\Bluetack

O43 - CFD: 04/11/2011 - 12:07:38 - [1007714] ----D- C:\Program Files\Bonjour

O43 - CFD: 04/11/2011 - 17:34:44 - [4233624] ----D- C:\Program Files\CCleaner

O43 - CFD: 20/09/2010 - 23:31:22 - [122680987] ----D- C:\Program Files\COMODO

O43 - CFD: 24/11/2004 - 02:37:34 - [0] ----D- C:\Program Files\ComPlus Applications

O43 - CFD: 31/01/2011 - 10:28:30 - [414347970] ----D- C:\Program Files\Creative

O43 - CFD: 04/01/2011 - 09:06:18 - [276137] ----D- C:\Program Files\Daniel

O43 - CFD: 15/12/2009 - 16:44:04 - [10314692] ----D- C:\Program Files\DivX

O43 - CFD: 10/03/2008 - 17:29:00 - [206026] ----D- C:\Program Files\doc

O43 - CFD: 28/01/2011 - 19:18:52 - [4715637] ----D- C:\Program Files\DupKiller

O43 - CFD: 01/02/2011 - 08:15:00 - [36990544] ----D- C:\Program Files\Easy Internet signup

O43 - CFD: 31/01/2011 - 09:07:00 - [10450562] ----D- C:\Program Files\ESET

O43 - CFD: 26/02/2011 - 13:05:54 - [668977689] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 09/11/2010 - 21:14:44 - [2854841] ----D- C:\Program Files\Free PDF to Word Doc Converter

O43 - CFD: 31/01/2010 - 18:18:06 - [496095] ----D- C:\Program Files\Free Window Registry Repair

O43 - CFD: 18/01/2010 - 06:23:30 - [3244932] ----D- C:\Program Files\Google

O43 - CFD: 23/03/2010 - 07:24:22 - [673592996] ----D- C:\Program Files\HP

O43 - CFD: 31/01/2011 - 10:04:06 - [129291390] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 04/11/2011 - 22:46:10 - [6083403] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 03/01/2005 - 03:41:56 - [143792586] ----D- C:\Program Files\InterVideo

O43 - CFD: 04/11/2011 - 12:12:46 - [2018955] ----D- C:\Program Files\iPod

O43 - CFD: 04/11/2011 - 12:13:44 - [148620027] ----D- C:\Program Files\iTunes

O43 - CFD: 14/12/2009 - 12:13:22 - [13499358] ----D- C:\Program Files\IZArc

O43 - CFD: 27/08/2011 - 09:47:36 - [189663451] ----D- C:\Program Files\Java

O43 - CFD: 31/01/2011 - 08:59:32 - [675785] ----D- C:\Program Files\Lavalys

O43 - CFD: 31/01/2011 - 09:03:24 - [70344] ----D- C:\Program Files\ma-config(2).com

O43 - CFD: 30/04/2011 - 07:00:36 - [5674370] ----D- C:\Program Files\ma-config.com

O43 - CFD: 03/01/2005 - 03:42:26 - [0] ----D- C:\Program Files\Macrovision Corp

O43 - CFD: 26/09/2011 - 19:01:12 - [7217590] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 18/01/2011 - 20:44:24 - [7047] ----D- C:\Program Files\Messenger

O43 - CFD: 09/11/2009 - 06:50:42 - [318936] ----D- C:\Program Files\Microsoft

O43 - CFD: 04/04/2009 - 18:32:46 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 25/11/2004 - 04:27:08 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 13/10/2011 - 19:20:44 - [38412395] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 26/11/2009 - 16:06:58 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 03/01/2005 - 03:44:48 - [149660739] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 05/11/2010 - 10:25:06 - [23935] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 23/08/2010 - 18:52:22 - [10374874] ----D- C:\Program Files\Movie Maker

O43 - CFD: 17/11/2011 - 19:11:58 - [43122011] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 13/10/2011 - 19:55:04 - [40005652] ----D- C:\Program Files\Mozilla Thunderbird

O43 - CFD: 21/02/2011 - 08:16:50 - [1453922] ----D- C:\Program Files\MRU-Blaster

O43 - CFD: 11/03/2008 - 08:41:32 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 26/11/2009 - 16:43:30 - [28684741] ----D- C:\Program Files\MSECACHE

O43 - CFD: 05/11/2010 - 10:34:46 - [46686066] ----D- C:\Program Files\MSN

O43 - CFD: 25/11/2004 - 04:27:30 - [8745735] ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 10/03/2008 - 00:04:04 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 11/03/2008 - 08:43:28 - [6849] ----D- C:\Program Files\MSXML 6.0

O43 - CFD: 31/01/2011 - 09:59:44 - [183125620] ----D- C:\Program Files\muvee Technologies

O43 - CFD: 17/05/2008 - 07:43:16 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 04/02/2011 - 06:33:44 - [454352] ----D- C:\Program Files\NOS

O43 - CFD: 31/01/2011 - 09:06:12 - [256844238] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 25/11/2004 - 04:27:42 - [1804] ----D- C:\Program Files\Online Services

O43 - CFD: 02/02/2011 - 10:06:14 - [436092282] ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD: 27/12/2010 - 17:54:52 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 31/01/2011 - 07:27:26 - [56268870] ----D- C:\Program Files\PC-Doctor 5 for Windows

O43 - CFD: 28/05/2011 - 14:25:18 - [30674245] ----D- C:\Program Files\PDFCreator

O43 - CFD: 27/08/2011 - 09:31:14 - [50955826] ----D- C:\Program Files\Pidgin

O43 - CFD: 04/11/2011 - 12:51:32 - [75949146] ----D- C:\Program Files\QuickTime

O43 - CFD: 28/03/2011 - 17:23:44 - [3744073] ----D- C:\Program Files\Realtek

O43 - CFD: 01/11/2009 - 12:38:58 - [43563540] ----D- C:\Program Files\Realtek AC97

O43 - CFD: 16/09/2009 - 17:08:42 - [212992] ----D- C:\Program Files\Realtek Semiconductor Corp

O43 - CFD: 06/02/2009 - 18:58:14 - [1831866] ----D- C:\Program Files\Recuva

O43 - CFD: 11/03/2008 - 08:38:00 - [37949185] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 12/09/2008 - 19:49:08 - [265606] ----D- C:\Program Files\RegCleaner

O43 - CFD: 16/03/2008 - 11:52:26 - [9113563] ----D- C:\Program Files\Safer Networking

O43 - CFD: 02/03/2011 - 06:10:20 - [7783243] ----D- C:\Program Files\Secunia

O43 - CFD: 03/01/2005 - 03:56:06 - [114552531] ----D- C:\Program Files\Services en ligne

O43 - CFD: 16/01/2011 - 11:33:26 - [3062851] ----D- C:\Program Files\SIW

O43 - CFD: 29/04/2011 - 17:56:48 - [19051375] R---D- C:\Program Files\Skype

O43 - CFD: 31/01/2011 - 08:59:24 - [758419] ----D- C:\Program Files\Skype(2)

O43 - CFD: 09/11/2010 - 21:21:38 - [55688414] ----D- C:\Program Files\SolidDocuments

O43 - CFD: 03/01/2005 - 03:40:02 - [141302278] ----D- C:\Program Files\Sonic

O43 - CFD: 31/01/2011 - 12:25:08 - [1117297] ----D- C:\Program Files\SystemRequirementsLab

O43 - CFD: 11/04/2008 - 10:57:08 - [41745584] ----D- C:\Program Files\TomTom HOME 2

O43 - CFD: 10/05/2010 - 12:17:00 - [401492] ----D- C:\Program Files\Trend Micro

O43 - CFD: 31/01/2011 - 09:07:02 - [0] ----D- C:\Program Files\TweakNow RegCleaner 2011

O43 - CFD: 20/01/2011 - 07:42:24 - [18475039] ----D- C:\Program Files\TweakNow WinSecret 2011

O43 - CFD: 24/11/2004 - 02:37:46 - [0] ----D- C:\Program Files\Uninstall Information

O43 - CFD: 24/03/2009 - 16:27:02 - [127392224] ----D- C:\Program Files\VideoLAN

O43 - CFD: 07/04/2009 - 13:29:46 - [6812742] ----D- C:\Program Files\VS Revo Group

O43 - CFD: 27/06/2009 - 15:56:24 - [5418300] ----D- C:\Program Files\Windows Desktop Search

O43 - CFD: 10/02/2011 - 08:00:00 - [142742] ----D- C:\Program Files\Windows Installer Clean Up

O43 - CFD: 01/02/2011 - 09:21:10 - [45866925] ----D- C:\Program Files\Windows Live

O43 - CFD: 01/02/2011 - 07:36:36 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 28/12/2010 - 09:19:30 - [3581070] ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD: 08/03/2009 - 20:00:12 - [8749996] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 17/05/2008 - 07:43:10 - [3942655] ----D- C:\Program Files\Windows NT

O43 - CFD: 24/11/2004 - 02:37:48 - [0] --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 25/11/2004 - 04:28:02 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 09/09/2010 - 16:09:44 - [0] ----D- C:\Program Files\Yahoo!

O43 - CFD: 05/10/2009 - 18:18:26 - [113593376] ----D- C:\Program Files\Zeb-Utility

O43 - CFD: 17/11/2011 - 19:22:24 - [106433594] ----D- C:\Program Files\ZebHelpProcess

O43 - CFD: 17/11/2011 - 19:31:46 - [7898981] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 17/11/2011 - 19:23:36 - [2090656] ----D- C:\Program Files\ZHPFix

O43 - CFD: 31/01/2011 - 09:06:36 - [6983541] ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 24/10/2010 - 16:27:02 - [0] ----D- C:\Program Files\Fichiers Communs\AOL

O43 - CFD: 04/11/2011 - 12:12:46 - [109743196] ----D- C:\Program Files\Fichiers Communs\Apple

O43 - CFD: 10/03/2008 - 00:58:14 - [7811627] ----D- C:\Program Files\Fichiers Communs\Borland Shared

O43 - CFD: 31/01/2011 - 09:56:08 - [4279184] ----D- C:\Program Files\Fichiers Communs\Creative

O43 - CFD: 15/12/2009 - 16:43:54 - [1619968] ----D- C:\Program Files\Fichiers Communs\DivX Shared

O43 - CFD: 03/01/2005 - 03:35:38 - [457237] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard

O43 - CFD: 03/01/2005 - 03:33:10 - [9399238] ----D- C:\Program Files\Fichiers Communs\HP

O43 - CFD: 03/01/2005 - 03:45:14 - [15951963] ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 03/01/2005 - 03:42:04 - [1667283] ----D- C:\Program Files\Fichiers Communs\InterVideo

O43 - CFD: 27/08/2011 - 09:48:16 - [26035339] ----D- C:\Program Files\Fichiers Communs\Java

O43 - CFD: 15/01/2011 - 18:50:24 - [66191244] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 25/11/2004 - 04:26:40 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 31/01/2011 - 09:59:54 - [54501615] ----D- C:\Program Files\Fichiers Communs\muvee Technologies

O43 - CFD: 25/11/2004 - 04:26:40 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 31/01/2011 - 09:56:52 - [4279184] ----D- C:\Program Files\Fichiers Communs\Reallusion

O43 - CFD: 16/05/2008 - 20:18:16 - [8106] ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 01/02/2011 - 12:32:40 - [2254216] ----D- C:\Program Files\Fichiers Communs\Skype

O43 - CFD: 03/01/2005 - 03:39:20 - [27138089] ----D- C:\Program Files\Fichiers Communs\Sonic Shared

O43 - CFD: 25/11/2004 - 04:26:42 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 03/01/2005 - 03:39:28 - [475136] ----D- C:\Program Files\Fichiers Communs\SureThing Shared

O43 - CFD: 17/05/2008 - 07:43:08 - [6811317] ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 03/01/2005 - 03:40:04 - [355840] ----D- C:\Program Files\Fichiers Communs\TiVo Shared

O43 - CFD: 01/02/2011 - 07:35:00 - [318942977] ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 06/11/2011 - 10:21:22 - [153334] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\.purple

O43 - CFD: 04/02/2011 - 11:00:44 - [1453266] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Adobe

O43 - CFD: 26/02/2011 - 13:09:38 - [200093] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Apple Computer

O43 - CFD: 04/11/2011 - 16:52:40 - [641170] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Auslogics

O43 - CFD: 07/05/2010 - 16:16:44 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Avira

O43 - CFD: 17/01/2010 - 22:36:20 - [24280] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\ComodoGroup

O43 - CFD: 31/01/2011 - 10:37:30 - [911] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Creative

O43 - CFD: 03/02/2010 - 08:08:50 - [24] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\DeviceDoctorSoftware

O43 - CFD: 29/12/2010 - 18:26:30 - [199] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\dvdcss

O43 - CFD: 27/01/2011 - 19:20:42 - [443838] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\ElevatedDiagnostics

O43 - CFD: 11/02/2009 - 21:57:46 - [22406] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Google

O43 - CFD: 07/02/2011 - 23:09:36 - [166] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\gtk-2.0

O43 - CFD: 16/01/2011 - 11:21:30 - [620] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\gtopala

O43 - CFD: 13/09/2008 - 19:54:18 - [86407] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HP

O43 - CFD: 10/01/2009 - 17:45:12 - [65536] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HPAppData

O43 - CFD: 17/05/2008 - 06:10:46 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HPQ

O43 - CFD: 28/05/2011 - 14:07:38 - [15419] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HpUpdate

O43 - CFD: 13/05/2009 - 17:03:40 - [21358] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Icone

O43 - CFD: 25/11/2004 - 04:26:00 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Identities

O43 - CFD: 09/01/2009 - 18:52:16 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\InstallShield

O43 - CFD: 29/12/2010 - 09:14:20 - [2106370] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Intervideo

O43 - CFD: 15/01/2011 - 16:30:06 - [18122] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\IObit

O43 - CFD: 14/12/2009 - 19:01:52 - [376] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Leadertech

O43 - CFD: 17/05/2008 - 20:08:36 - [615] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Macromedia

O43 - CFD: 24/11/2008 - 12:36:52 - [6692] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Malwarebytes

O43 - CFD: 04/02/2011 - 11:00:44 - [20282161] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Microsoft

O43 - CFD: 17/02/2009 - 06:40:34 - [23683156] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Mozilla

O43 - CFD: 15/02/2011 - 07:22:04 - [948] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\MSN6

O43 - CFD: 30/11/2008 - 14:50:18 - [7680] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\muvee Technologies

O43 - CFD: 10/01/2011 - 18:36:06 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\OpenCandy

O43 - CFD: 24/10/2008 - 17:03:02 - [347817027] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\OpenOffice.org

O43 - CFD: 24/10/2008 - 16:28:56 - [8533154] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\OpenOffice.org2

O43 - CFD: 30/03/2011 - 08:27:06 - [1752196] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Reallusion

O43 - CFD: 24/08/2010 - 15:59:58 - [157184] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Runscanner.net

O43 - CFD: 03/01/2005 - 03:49:30 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\SampleView

O43 - CFD: 04/11/2011 - 15:30:48 - [5550028] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Skype

O43 - CFD: 04/11/2011 - 15:30:30 - [7536] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\skypePM

O43 - CFD: 04/01/2011 - 17:28:50 - [770316] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\SoftGrid Client

O43 - CFD: 09/11/2010 - 21:26:14 - [208668] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\SolidDocuments

O43 - CFD: 14/12/2009 - 19:02:28 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Sonic

O43 - CFD: 20/05/2009 - 10:54:52 - [37638] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\SumatraPDF

O43 - CFD: 17/05/2008 - 11:28:22 - [92555230] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Sun

O43 - CFD: 31/01/2011 - 12:24:56 - [1163264] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\SystemRequirementsLab

O43 - CFD: 28/06/2008 - 18:32:50 - [3696] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Talkback

O43 - CFD: 13/12/2008 - 09:35:36 - [62217697] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Thunderbird

O43 - CFD: 30/03/2011 - 08:27:04 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\tmp

O43 - CFD: 04/01/2011 - 16:47:30 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\TP

O43 - CFD: 31/01/2011 - 09:07:02 - [17467873] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\TweakNow RegCleaner 2011

O43 - CFD: 10/01/2011 - 18:03:18 - [25892] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\TweakNow WinSecret 2011

O43 - CFD: 07/04/2010 - 13:39:22 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\U3

O43 - CFD: 20/09/2010 - 19:46:58 - [57239] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Uniblue

O43 - CFD: 03/02/2011 - 17:08:26 - [868628] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\vlc

O43 - CFD: 24/08/2010 - 10:14:10 - [76896] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\vlc(2)

O43 - CFD: 12/05/2009 - 08:38:38 - [2550] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\VSRevoGroup

O43 - CFD: 09/01/2009 - 17:52:22 - [196] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Windows Desktop Search

O43 - CFD: 15/01/2009 - 11:51:52 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Windows Search

O43 - CFD: 09/09/2010 - 15:38:16 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Yahoo!

O43 - CFD: 31/01/2011 - 09:06:36 - [144154952] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Adobe

O43 - CFD: 17/05/2008 - 12:30:22 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Apple

O43 - CFD: 17/05/2008 - 12:28:16 - [7596540] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Apple Computer

O43 - CFD: 09/11/2010 - 23:09:46 - [39505] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\ApplicationHistory

O43 - CFD: 31/01/2011 - 09:07:18 - [1111111] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Best_Security_Tips

O43 - CFD: 10/01/2009 - 07:48:54 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Comodo

O43 - CFD: 03/11/2009 - 09:18:22 - [431800] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\eSupport.com

O43 - CFD: 15/12/2009 - 16:44:08 - [20494] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Google

O43 - CFD: 07/04/2009 - 09:38:30 - [709139] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\HP

O43 - CFD: 09/01/2009 - 17:52:26 - [229816] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Identities

O43 - CFD: 07/04/2009 - 09:37:34 - [579] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\IsolatedStorage

O43 - CFD: 04/11/2011 - 18:15:08 - [52527031] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Microsoft

O43 - CFD: 21/10/2009 - 09:47:54 - [4447] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Microsoft Corporation

O43 - CFD: 04/01/2011 - 17:07:28 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Microsoft Help

O43 - CFD: 14/12/2009 - 19:14:34 - [18354] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\MicroVision Applications

O43 - CFD: 17/02/2009 - 06:40:34 - [61399568] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Mozilla

O43 - CFD: 09/11/2010 - 19:42:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\NOS

O43 - CFD: 10/01/2011 - 18:36:28 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\OpenCandy

O43 - CFD: 14/11/2010 - 18:04:56 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\PackageAware

O43 - CFD: 16/02/2010 - 12:02:58 - [69632] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Runscanner.net

O43 - CFD: 28/12/2010 - 12:58:42 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Secunia PSI

O43 - CFD: 26/01/2011 - 08:46:28 - [587547727] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\SlimWare Utilities Inc

O43 - CFD: 04/01/2011 - 16:54:18 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\SoftGrid Client

O43 - CFD: 08/09/2011 - 21:01:04 - [969] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Sun

O43 - CFD: 04/02/2011 - 11:00:44 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Temp

O43 - CFD: 26/02/2010 - 11:30:50 - [1923819] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Thunderbird

O43 - CFD: 31/01/2011 - 16:35:38 - [11569067] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\Unity

O43 - CFD: 03/08/2010 - 11:38:02 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\WMTools Downloaded Files

O43 - CFD: 03/01/2005 - 03:16:58 - [10387968] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}

~ Scan Program Folder in 00mn 30s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.91EC5A31464E371725A5E25C3C17925F] - 17/11/2011 - 19:31:13 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1238600]

O44 - LFC:[MD5.6E59C3B760875940AB2C925BCFE62512] - 17/11/2011 - 19:30:46 ---A- . (...) -- C:\WINDOWS\win.ini [592]

O44 - LFC:[MD5.8AE64A3BACA411441222C05451F93DD9] - 17/11/2011 - 19:29:57 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.415D65B903BFDC7DF1057E86DC1CF819] - 17/11/2011 - 19:29:54 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 17/11/2011 - 19:28:59 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.29FB2987F33A945AE9A8117CF9A75A8D] - 17/11/2011 - 19:28:08 ---A- . (...) -- C:\WINDOWS\msnavpklog.txt [28884]

O44 - LFC:[MD5.A14344544E2D8AB609AF1CD719D5216C] - 17/11/2011 - 19:27:52 ---A- . (...) -- C:\Ad-Report-CLEAN[4].txt [2695]

O44 - LFC:[MD5.6D2D9A6C56D07B490FA960E4F70748D3] - 17/11/2011 - 19:27:16 ---A- . (...) -- C:\PDOXUSRS.NET [13030]

O44 - LFC:[MD5.6B2FAB4B3B1E26EA4D9D819F32A7E603] - 17/11/2011 - 19:26:28 ---A- . (...) -- C:\Ad-Report-SCAN[3].txt [2593]

O44 - LFC:[MD5.D462D1CA19C1CE7B0976855ABD59B057] - 17/11/2011 - 19:21:59 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.65AFE296FDFD5000AE0CB5BDBDC5CF8A] - 17/11/2011 - 18:53:46 ---A- . (...) -- C:\WINDOWS\KB2544893-v2.log.1.log [9013]

O44 - LFC:[MD5.4D181C3120283E94748AD4C3949477E2] - 17/11/2011 - 18:50:02 ---A- . (...) -- C:\WINDOWS\KB2641690.log.1.log [9845]

O44 - LFC:[MD5.CFE2F935779FCAC7C0028D91A3425801] - 17/11/2011 - 18:48:45 ---A- . (...) -- C:\WINDOWS\updspapi.log [593]

O44 - LFC:[MD5.250753E5AA093B4961AE67C71785768A] - 17/11/2011 - 13:27:12 ---A- . (...) -- C:\WINDOWS\KB2544893-v2.log [5495]

O44 - LFC:[MD5.13BB3F559259CE77B5E82FC02CA6E2AD] - 17/11/2011 - 13:27:06 ---A- . (...) -- C:\WINDOWS\KB2641690.log [5432]

O44 - LFC:[MD5.AF9894A4A54B5F688C5D618E2ED870A2] - 17/11/2011 - 13:21:31 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158]

O44 - LFC:[MD5.03DAC2E45F350B700E3AFD26511DFD15] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [6159]

O44 - LFC:[MD5.928364DED614B95697DF0D5025DE11D1] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\KB2598845-IE8.log [6657]

O44 - LFC:[MD5.86CD84044B2156E0097737CA884F4B39] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\comsetup.log [2098]

O44 - LFC:[MD5.59D3409A7C2B7B5D0C816A96E45A0444] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\iis6.log [991]

O44 - LFC:[MD5.936F65D2A111402D46724FF2D822C6E9] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]

O44 - LFC:[MD5.E0366E7FE2E8D8F0A3F538247A069A4B] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\msgsocm.log [303]

O44 - LFC:[MD5.ABAF3A06B9D1D34370B0116B826C1903] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [1265]

O44 - LFC:[MD5.ED589F677FC34BA45910D55979232293] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\ocgen.log [2956]

O44 - LFC:[MD5.DFE928DC48EE9E72CD957700FAC85637] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\ocmsn.log [342]

O44 - LFC:[MD5.57043100F41149B7F659D0F182BDC1A1] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\setupapi.log [16484]

O44 - LFC:[MD5.EF1E2FCCA9DBDF37E126ACE3F9F35CD8] - 04/11/2011 - 22:46:12 ---A- . (...) -- C:\WINDOWS\tsoc.log [2359]

O44 - LFC:[MD5.3262BC46F386164E52C2683B9FEB464A] - 04/11/2011 - 22:32:50 ---A- . (...) -- C:\ZHPExportRegistry-04-11-2011-22-32-49.txt [12266]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 04/11/2011 - 18:15:59 ---A- . (...) -- C:\WINDOWS\setupact.log [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 04/11/2011 - 18:15:59 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]

O44 - LFC:[MD5.8BB0DE415EDEC4030050C45110CDDD55] - 04/11/2011 - 17:29:49 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt [2455]

O44 - LFC:[MD5.5E0A40F4C4BD333C9D2ACCA8AE964F6F] - 04/11/2011 - 11:53:24 ---A- . (.Oracle Corporation - Java Control Panel.) -- C:\WINDOWS\system32\javacpl.cpl [128000]

O44 - LFC:[MD5.5938C760D06989E55A814EE88FE20E83] - 04/11/2011 - 11:53:24 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\WINDOWS\system32\java.exe [173960]

O44 - LFC:[MD5.7F5FE240DBF4B9132AC492E94DC65CCF] - 04/11/2011 - 11:53:24 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\WINDOWS\system32\javaw.exe [173960]

O44 - LFC:[MD5.A17B354254FCE7FBC045948533737166] - 04/11/2011 - 11:53:24 ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\WINDOWS\system32\javaws.exe [214408]

O44 - LFC:[MD5.EA0824063E8031B01F7850079689B22F] - 04/11/2011 - 11:53:23 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\WINDOWS\system32\deployJava1.dll [544656]

O44 - LFC:[MD5.1B3DD3F0EBC1B4220EB39EBE205FB445] - 04/11/2011 - 11:33:14 ---A- . (.COMODO - COMODO Internet Security.) -- C:\WINDOWS\system32\cmdcsr.dll [33984]

O44 - LFC:[MD5.8C0AA2F63C9F135449DB488D974427D2] - 04/11/2011 - 11:13:36 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.TMP [7504]

O44 - LFC:[MD5.584F1C20E840CB7E00B2FF40FA6F7544] - 24/10/2011 - 14:29:02 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\WINDOWS\system32\QuickTime.qts [69632]

O44 - LFC:[MD5.97A90E7845335C6AB21F9FAD72595563] - 24/10/2011 - 14:29:02 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\WINDOWS\system32\QuickTimeVR.qtx [94208]

~ Scan Files in 01mn 20s

 

 

 

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Pas de propriétaire - HpqPhUnl MFC Application.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(...) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe

O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" [Enabled] .(.Apple Inc..) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe

O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe

O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe

O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

~ Scan Keys in 00mn 02s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

~ Scan CSB in 00mn 00s

 

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

~ Scan IFEO in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{f4365ba2-40c4-11df-bee5-0013d3b77c77}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.DLL

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.DLL

O52 - TDSD: \drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm

O52 - TDSD: \drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc." . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll

O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

~ Scan SMSR Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoCDBurning"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "ClearRecentDocsOnExit"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFavoritesMenu"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveSearch"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.C3033C287E8D8C2D50A2B2DD0AEC1621] - 13/05/2009 - 22:42:12 ---A- . (.ASUSTek - 3xHybrid.) -- C:\WINDOWS\system32\drivers\3xHybrid.sys [2786176]

O58 - SDL:[MD5.DD8520280304B6145A6BE31008748C7C] - 01/11/2009 - 10:40:22 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\alcxwdm.sys [4122368]

O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/05/2009 - 10:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys [43008]

O58 - SDL:[MD5.31FFDE1BE912D7CBD3F189FEB61F86B6] - 13/05/2009 - 22:42:58 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43520]

O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys [56623]

O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys [11615]

O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys [12047]

O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys [30671]

O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys [63663]

O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys [26367]

O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys [21343]

O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys [36463]

O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 13/05/2009 - 08:34:20 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys [29455]

O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 13/05/2009 - 08:34:20 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys [34735]

O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 13/05/2009 - 17:55:32 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys [327168]

O58 - SDL:[MD5.417352592432F5368A8296F7FB73BECF] - 13/05/2009 - 17:55:34 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [701440]

O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys [57856]

O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys [13824]

O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys [14336]

O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys [52224]

O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys [104960]

O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys [28672]

O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys [13824]

O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 13/05/2009 - 08:34:18 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys [73216]

O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 13/05/2009 - 08:34:20 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys [31744]

O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 13/05/2009 - 08:34:20 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys [63488]

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 19/02/2010 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416]

O58 - SDL:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 17/09/2009 - 16:51:40 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [66616]

O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 19/02/2010 - 11:49:28 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360]

O58 - SDL:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 19/02/2010 - 16:51:41 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [138192]

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 13/05/2009 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]

O58 - SDL:[MD5.2C12ED35C32F63BFBA0B28DB384378E6] - 20/09/2010 - 18:47:59 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\WINDOWS\system32\drivers\cmderd.sys [18056]

O58 - SDL:[MD5.BE1E51B694CADC4043E428A914EE544E] - 20/09/2010 - 18:48:00 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\WINDOWS\system32\drivers\cmdGuard.sys [492768]

O58 - SDL:[MD5.F0A78783A95B788856EEC1C36D0A1E59] - 20/09/2010 - 18:48:01 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\WINDOWS\system32\drivers\cmdhlp.sys [31704]

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 13/05/2009 - 19:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]

O58 - SDL:[MD5.4AC605E465353FCDB74894DC56DA4DB2] - 16/09/2009 - 20:59:36 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 Hardware Diagnostics Driver for Win2k/xp.) -- C:\WINDOWS\system32\drivers\detectdr.sys [20021]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 26/02/2011 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/05/2009 - 08:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]

O58 - SDL:[MD5.2A013E7530BEAB6E569FAA83F517E836] - 13/05/2009 - 00:07:16 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [145920]

O58 - SDL:[MD5.D03D10F7DED688FECF50F8FBF1EA9B8A] - 26/08/2009 - 22:41:08 ---A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49920]

O58 - SDL:[MD5.89F41658929393487B6B7D13C8528CE3] - 26/08/2009 - 22:41:04 ---A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]

O58 - SDL:[MD5.ABCB05CCDBF03000354B9553820E39F8] - 26/08/2009 - 22:40:06 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568]

O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 13/05/2009 - 10:23:50 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys [220032]

O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 13/05/2009 - 10:23:52 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys [685056]

O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 13/05/2009 - 10:23:54 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys [1041536]

O58 - SDL:[MD5.D22AC37CBE6CF295416EF84245B804A8] - 09/02/2011 - 18:48:02 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\WINDOWS\system32\drivers\inspect.sys [97760]

O58 - SDL:[MD5.F5CD7457FA2F0D1078992CCB77A546C4] - 31/01/2011 - 17:57:08 ---A- . (...) -- C:\WINDOWS\system32\drivers\livecamv.sys [31616]

O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 13/05/2009 - 07:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452]

O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 13/05/2009 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]

O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 13/05/2009 - 10:23:58 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [11868]

O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 13/05/2009 - 10:23:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys [126686]

O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 13/05/2009 - 10:23:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys [1309184]

O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 13/05/2009 - 08:34:28 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys [452736]

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 13/05/2009 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]

O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 13/05/2009 - 10:23:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys [180360]

O58 - SDL:[MD5.FEE170F182D5167B6E06E490DD7B42D7] - 28/08/2007 - 00:59:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 162.30.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [6811168]

O58 - SDL:[MD5.A7FB8F4711C8166BAEC522A27F0323B0] - 16/09/2009 - 14:49:24 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 Protocal Driver for Disgnostics on Win2k/xp.) -- C:\WINDOWS\system32\drivers\packet.sys [17335]

O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 13/05/2009 - 16:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072]

O58 - SDL:[MD5.D24DFD16A1E2A76034DF5AA18125C35D] - 02/03/2011 - 09:30:58 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\WINDOWS\system32\drivers\psi_mf.sys [15544]

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 13/05/2009 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]

O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 13/05/2009 - 10:23:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys [13776]

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 13/05/2009 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 13/05/2009 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]

O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 13/05/2009 - 05:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992]

O58 - SDL:[MD5.7F0413BDD7D53EB4C7A371E7F6F84DF1] - 13/05/2009 - 19:10:26 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys [74496]

O58 - SDL:[MD5.CF84B1F0E8B14D4120AAF9CF35CBB265] - 28/03/2011 - 01:00:00 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys [130432]

O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 13/05/2009 - 08:34:34 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys [166912]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/05/2009 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/05/2009 - 10:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys [40960]

O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 13/05/2009 - 10:23:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys [129535]

O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 13/05/2009 - 10:23:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys [404990]

O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 13/05/2009 - 10:23:48 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys [95424]

O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 13/05/2009 - 10:23:48 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys [13240]

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 19/02/2010 - 09:12:49 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520]

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 13/05/2009 - 19:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]

O58 - SDL:[MD5.E266683FC95ABDEC17CD378564E1B54B] - 03/11/2009 - 09:18:17 ---A- . (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\TVICHW32.SYS [23600]

O58 - SDL:[MD5.5C2BDC152BBAB34F36473DEAF7713F22] - 26/02/2011 - 18:51:20 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984]

O58 - SDL:[MD5.BE96FFE28B8F97D6D5696C81E902480F] - 13/05/2009 - 23:52:32 ---A- . (...) -- C:\WINDOWS\system32\drivers\USBkey.sys [22396]

O58 - SDL:[MD5.E8532CCC886588219BCEB3EA6F9F5339] - 31/01/2011 - 02:01:02 R--A- . (.Creative Technology Ltd. - Advanced Audio FX Driver.) -- C:\WINDOWS\system32\drivers\V0410AFX.sys [142656]

O58 - SDL:[MD5.C10127DCF95C0CBEC23D458328E38596] - 31/01/2011 - 11:14:20 R--A- . (.Creative Technology Ltd. - Audio filter driver.) -- C:\WINDOWS\system32\drivers\V0410Aud.sys [94720]

O58 - SDL:[MD5.B8B487C584B4BC4EE86509E832DEECA5] - 31/01/2011 - 01:00:00 ---A- . (.Creative Technology Ltd. - Video Capture Device Driver.) -- C:\WINDOWS\system32\drivers\V0410Dev.sys [244704]

O58 - SDL:[MD5.F1D25A8A6E84107CC0C22BC1623E8B0C] - 31/01/2011 - 06:37:46 R--A- . (.EyePower Games Pte. Ltd. - Advanced Video FX Filter Driver (Win2K based).) -- C:\WINDOWS\system32\drivers\V0410Vfx.sys [7168]

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 13/05/2009 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]

O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 13/05/2009 - 08:34:28 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys [11807]

O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 13/05/2009 - 08:34:28 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys [11295]

O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 13/05/2009 - 08:34:28 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys [11871]

O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 13/05/2009 - 08:34:30 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys [11935]

O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 13/05/2009 - 08:34:30 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys [22271]

O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 13/05/2009 - 08:34:30 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys [25471]

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]

O58 - SDL:[MD5.C5FF0F2CB9D226444C2415FD61290C19] - 11/05/2009 - 03:50:05 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [16486]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 11/05/2009 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 11/05/2009 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 11/05/2009 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 11/05/2009 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 11/05/2009 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 11/05/2009 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 11/05/2009 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

~ Scan Drivers in 00mn 01s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: ZHPFix 1.12 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1

O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}

O63 - Logiciel: JavaRa - (.Paul McLain.)

O63 - Logiciel: Toolbar SD - (.IDN Team.)

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 28/05/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - 08/09/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - 11/05/2009 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - 08/09/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 08/09/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME

O64 - Services: CurCS - 19/02/2010 - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe - COMODO livePCsupport Service(CLPSLS) .(.COMODO - COMODO livePCsupport Service.) - LEGACY_CLPSLS

O64 - Services: CurCS - 07/10/2011 - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe - COMODO Internet Security Helper Service(cmdAgent) .(.COMODO - COMODO Internet Security.) - LEGACY_CMDAGENT

O64 - Services: CurCS - 07/10/2011 - C:\WINDOWS\system32\DRIVERS\cmdguard.sys - COMODO Internet Security Sandbox Driver(cmdGuard) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD

O64 - Services: CurCS - 07/10/2011 - C:\WINDOWS\system32\DRIVERS\cmdhlp.sys - COMODO Internet Security Helper Driver(cmdHlp) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP

O64 - Services: CurCS - 03/11/2001 - C:\WINDOWS\system32\Drivers\detectdr.sys - DetectDr(DetectDr) .(.Realtek Semiconductor Corporation - Realtek RTL8139 Hardware Diagnostics Driver.) - LEGACY_DETECTDR

O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - 05/08/2004 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - 30/08/2010 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2

O64 - Services: CurCS - 22/10/2004 - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT

O64 - Services: CurCS - 07/10/2011 - C:\WINDOWS\system32\DRIVERS\inspect.sys - COMODO Internet Security Firewall Driver(Inspect) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT

O64 - Services: CurCS - 04/11/2011 - C:\Program Files\Java\jre7\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - 12/04/2011 - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service(maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE

O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR

O64 - Services: CurCS - 28/08/2007 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 162.3.) - LEGACY_NVSVC

O64 - Services: CurCS - 01/09/2010 - C:\WINDOWS\system32\DRIVERS\psi_mf.sys - PSI(PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI

O64 - Services: CurCS - 26/09/2001 - C:\WINDOWS\system32\Drivers\packet.sys - RtlPacket(RtlPacket) .(.Realtek Semiconductor Corporation - Realtek RTL8139 Protocal Driver for Disgnos.) - LEGACY_RTLPACKET

O64 - Services: CurCS - 11/05/2009 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - 03/11/2009 - C:\WINDOWS\system32\DRIVERS\TVICHW32.sys - TVICHW32(TVICHW32) .(.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) - LEGACY_TVICHW32

~ Scan Services in 00mn 02s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] YouGoo - (YouGoo) - Moteur de recherche internet YOUGOO. Trouvez des actualités, images, blogs...

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {5424146D-950A-4B2E-A70E-A39C9B9D6BFB} - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {C4538EF4-750C-41B2-9B12-9BD9EFF6BD45} - (Google) - Google

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\System32\appmgmts.dll [165376]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496]

O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77824]

O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464]

O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]

O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488]

O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040]

O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952]

O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\System32\hidserv.dll [21504]

O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [99840]

O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096]

O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792]

O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144]

O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808]

O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248]

O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]

O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800]

O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [249856]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]

O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176]

O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]

O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]

O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]

O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136]

O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440]

~ Scan Services in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.7B0688FEE196CAC15918DB77CA351EEC] [sPRF][07/05/2010] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\mdbu.bin [119448]

[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [sPRF][23/10/2010] (.Atribune.org - ATF Cleaner.exe.) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\ATF-Cleaner.exe [50688]

[MD5.8FB2BAFDA81520867539C5393E715D89] [sPRF][05/11/2009] (.The RaProducts Team: Paul McLain and Fred d - JavaRa.) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\JavaRa.exe [157696]

[MD5.2011AC6543C7A20E43286C7CADBF1D97] [sPRF][09/03/2009] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\SecuScan.bat [21527]

[MD5.58B3FEC456CAF35D2A77AA5BAF18549B] [sPRF][18/01/2011] (.Speed Guide Inc. - SG TCP Optimizer.) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\TCPOptimizer.exe [659456]

[MD5.C796FFE6E484CCCBA46F323D5E3DC051] [sPRF][27/06/2008] (.Microsoft Corporation - Windows Media Component Setup Application.) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\wmp11-windowsxp-x86-FR-FR.exe [25839688]

[MD5.93807A13C3B83635C8254E3EE33A0A61] [sPRF][01/02/2008] (.J.C. Kessels - JkDefrag - disk defragmentation and optimization tool.) -- C:\Program Files\JkDefrag.exe [229376]

[MD5.04CFE53D4139D11468E6F1C70AA308F7] [sPRF][01/02/2008] (.J.C. Kessels - JkDefrag - disk defragmentation and optimization tool.) -- C:\Program Files\JkDefragCmd.exe [229376]

[MD5.44A0DB54DE9ED105457B704EAD6A8C9B] [sPRF][01/02/2008] (.J.C. Kessels - JkDefrag - disk defragmentation and optimization tool.) -- C:\Program Files\JkDefragScreenSaver.exe [245760]

[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][26/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]

[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][26/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]

[MD5.DE2EB468A14E00F9A99326C6C9C07075] [sPRF][02/02/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440]

[MD5.6F88F1DE97B7BA6E2BE4DC29AEEACF0D] [sPRF][27/07/2004] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [323584]

~ Scan Files in 00mn 01s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8836 - (15/11/2011)

Clés trouvées (Keys found) : 5

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 4

Fichiers trouvés (Files found) : 0

 

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load] =>Trojan.FakeAlert

[HKLM\Software\Topala Software Solutions\OpenCandy] =>Adware.OpenCandy

[HKLM\Software\Classes\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] =>Toolbar.SweetIM

[HKLM\Software\Classes\TypeLib\{d2e5fa06-dcc7-46f9-beff-bfd06f69b9b2}] =>Adware.ShopperReports

C:\Program Files\Babylon =>Toolbar.Babylon

C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\OpenCandy =>Adware.OpenCandy

C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\OpenCandy =>Adware.OpenCandy

~ Scan Additionnel in 00mn 08s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 19/02/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 19/02/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 04/11/2011 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 04/11/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 28/03/2010 148744 | (CLPSLS) . (.COMODO.) - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe

SR - | Auto 04/11/2011 1883328 | C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

SS - | Demand 13/05/2009 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SS - | Disabled 13/05/2009 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

SS - | Demand 04/11/2011 821608 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 04/11/2011 161664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe

SS - | Demand 30/04/2011 311744 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe

SR - | Auto 28/08/2007 155716 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe

SR - | Auto 02/03/2011 993848 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\PSIA.exe

SR - | Auto 02/03/2011 399416 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\sua.exe

~ Scan Services in 00mn 09s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by HP_Propriétaire at 17/11/2011 19:34:36

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x86FCBAB8]

3 CLASSPNP[0xF7630FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000061[0x86F5DF18]

5 ACPI[0xF74A6620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x86F65B00]

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 02s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by HP_Propriétaire at 17/11/2011 19:34:38

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

 

 

 

End of the scan (1541 lines in 02mn 32s)(0)

Posté(e)

Bonsoir jpt

 

Rien de trés important. Tu utilise beaucoups d'outils c'est un peu risquer .... ;)

Tu peux posté le rapport AD-Remover du 17/11/2011 >> C:\Ad-Report-CLEAN[4].txt

 

 

  • Ferme toutes les applications ouvertes
  • Désactive tes défenses (anti-virus -anti-spyware)
  • Double-clique sur ZHPFixsur le Bureau
    zhpfix.jpg
     
    Sélectionne et surligne correctement avec la souris et "Clique droit > "Copier" ou "Ctrl+C"
    ces lignes ci dessous :
    O34 - HKLM BootExecute: (pgdfgsvc C 1) - File not found
    [HKLM\Software\Eset]
    [HKLM\Software\McAfee.com]
    O43 - CFD: 31/01/2011 - 09:07:06 - [0] ----D- C:\Program Files\Babylon
    O43 - CFD: 31/01/2011 - 09:07:00 - [10450562] ----D- C:\Program Files\ESET
    O43 - CFD: 10/01/2011 - 18:36:06 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\OpenCandy
    O43 - CFD: 10/01/2011 - 18:36:28 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\OpenCandy
    O69 - SBI: SearchScopes [HKCU] YouGoo - (YouGoo) - Moteur de recherche internet YOUGOO. Trouvez des actualités, images, blogs...
    O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing
    [MD5.7B0688FEE196CAC15918DB77CA351EEC] [sPRF][07/05/2010] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\mdbu.bin [119448]
    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load]
    [HKLM\Software\Topala Software Solutions\OpenCandy]
    [HKLM\Software\Classes\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
    [HKLM\Software\Classes\TypeLib\{d2e5fa06-dcc7-46f9-beff-bfd06f69b9b2}]
    C:\Program Files\Babylon
    C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\OpenCandy
    C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\OpenCandy
     
    FirewallRAZ
    EmptyTemp
    EmptyFlash
  • Clique successivement sur l'icône H (pour effacer le rapport qui s'est affiché) icone-H.jpg puis sur l'icône de la "malette cachée par la feuille" malette-cachee.jpg .
     
  • Vérifie que toutes les lignes que je t'ai demandé de copier sont dans la fenêtre.
  • Et seulement ces lignes
  • Puis clique sur le bouton [OK]
  • A ce moment apparaîtra au début de chaque ligne
    une petite case vide. [ ]
  • Ensuite clique sur Tous puis sur Nettoyer
  • Valide par Oui la désinstallation des programmes si demandé
  • Laisse l'outil travailler. Si un redémarrage est demandé accepte et redémarre le PC
  • Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
     
    Le rapport ZHPFixReport.txt est enregistré sous C:\Program files\ZHPFix\ZHPFixReport.txt

 

 

  • Télécharge Sur cette page AdwCleaner de Xplode
    clique sur Télécharger et enregistre le fichier sur ton Bureau
     
  • Double-clique sur l'icône AdwCleaner0.exe pour lancer l'installation
    /!\ Sous Vista et Windows 7
    il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
     
  • Sur le menu principal
    clique sur Suppression et patiente le temps de l'analyse
    110906042614938066.jpg
  • A la fin du scan
    un rapport AdwCleaner[R].txt s'ouvre. Poste le contenu de ce rapport dans ta prochaine réponse
    Le rapport se trouve sous C:\AdwCleaner[R].txt

 

A+

Posté(e)

bonsoir et merci de vous occuper de mon cas :

 

1/le rapport ADW...

 

# AdwCleaner v1.318 - Rapport créé le 17/11/2011 à 23:51:45

# Mis à jour le 13/11/11 à 21h par Xplode

# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)

# Nom d'utilisateur : HP_Propriétaire - MAISON (Administrateur)

# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\adwcleaner0(1).exe

# Option [Recherche]

 

 

***** [services] *****

 

 

***** [Fichiers / Dossiers] *****

 

 

***** [Registre] *****

 

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

[OK] Le registre ne contient aucune entrée illégitime.

 

-\\ Mozilla Firefox v8.0 (fr)

 

Profil : reg57ohf.test

Fichier : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Mozilla\Firefox\Profiles\reg57ohf.test\prefs.js

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

Profil : v99d8e03.default

Fichier : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Mozilla\Firefox\Profiles\v99d8e03.default\prefs.js

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

*************************

 

AdwCleaner[R4].txt - [1121 octets] - [17/11/2011 23:51:45]

 

########## EOF - C:\AdwCleaner[R4].txt - [1249 octets] ##########

 

2/ Le rapport ZHPFIX :

 

Rapport de ZHPFix 1.12.3366 par Nicolas Coolman, Update du 26/10/2011

Fichier d'export Registre :

Run by HP_Propriétaire at 17/11/2011 23:38:13

Windows XP Home Edition Service Pack 3 (Build 2600)

Web site : ZHPFix Fix de rapport

 

========== Processus mémoire ==========

ABSENT Memory Process: O34 - HKLM BootExecute: (pgdfgsvc C 1) - File not found

 

========== Clé(s) du Registre ==========

SUPPRIME Key: HKLM\Software\Eset

SUPPRIME Key: HKLM\Software\McAfee.com

ABSENT SearchScopes :BI: SearchScopes [HKCU] YouGoo

ABSENT SearchScopes :BI: SearchScopes [HKCU] ${searchCLSID}

SUPPRIME Key: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load

SUPPRIME Key: HKLM\Software\Topala Software Solutions\OpenCandy

SUPPRIME Key: HKLM\Software\Classes\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}

SUPPRIME Key: HKLM\Software\Classes\TypeLib\{d2e5fa06-dcc7-46f9-beff-bfd06f69b9b2}

 

========== Valeur(s) du Registre ==========

Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

 

========== Dossier(s) ==========

SUPPRIME Folder: C:\Program Files\Babylon

SUPPRIME Folder: C:\Program Files\ESET

ABSENT C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\OpenCandy

ABSENT C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Local Settings\Application Data\OpenCandy

SUPPRIME Temporaires Windows: : 6

SUPPRIME Flash Cookies: 2

 

========== Fichier(s) ==========

SUPPRIME File: C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\mdbu.bin

SUPPRIME File***: c:\documents and settings\hp_propriétaire.nom-eb85c523610\application data\mdbu.bin

ABSENT Folder/File: c:\program files\babylon

ABSENT Folder/File: c:\documents and settings\hp_propriétaire.nom-eb85c523610\application data\opencandy

ABSENT Folder/File: c:\documents and settings\hp_propriétaire.nom-eb85c523610\local settings\application data\opencandy

SUPPRIME Temporaires Windows: : 5

SUPPRIME Flash Cookies: 1

 

 

========== Récapitulatif ==========

1 : Processus mémoire

8 : Clé(s) du Registre

1 : Valeur(s) du Registre

6 : Dossier(s)

7 : Fichier(s)

 

 

End of clean in 00mn 31s

 

========== Chemin de fichier rapport ==========

C:\ZHP\ZHPFix[R1].txt - 17/11/2011 23:38:13 [2242]

 

A la lecture de ces rapports me dire si je dois faire d'autres manips...

 

...et encore merci !!

 

jpt

Posté(e)

RE

 

Oui fait les manips jusqu'au bout stp je te dirai lorsque l'on aurra fini ;)

 

Bien lire les indications j'ai mis AdwCleaner clique sur Suppression tu as fait recherche :D

Bon laise c'est bon pour AdwCleaner

 

On va vérifier avec cette procédure prend le temps de bien lire

 

  • Télécharger
TDSSkillerde Kaspersky sur le Bureau
 
Ferme toutes les applications ouvertes
Désactive tes défenses (anti-virus et anti-spyware)
 
Faire un double clique sur tdsskiller pour le lancer.(clique droit -> lancer en tant qu'adminstrateur sous Vista et seven )
Cliquer sur Start scan pour lancer l'analyse
 
 
0001img-2421.png
 
 
Lorsque l'outil a terminé son travail d'inspection
si des nuisibles ("Malicious objects") ont été trouvés
vérifier que l'option (Cure) est sélectionnée
 
0002img-40.png
 
Si des objects suspects ("Suspicious objects") ont été détectés
sur l'écran de demande de confirmation
modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip)
 
Puis cliquer sur le bouton (Continue) puis sur [Reboot Now]
 
 
Attendre l'affichage du fichier rapport.
 
Si l'outil a besoin d'un redémarrage pour finaliser le nettoyage
cliquer sur le bouton (Reboot computer).
Post: le rapport de TDSSKiller (contenu du fichier SystemDrive\TDSSKiller.Version_Date_Heure_log.txt)
 
 
Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure] est bien cochée.
 
Si Suspicious file est indiqué laisse l'option cochée sur Skip
 
Clique sur Continue puis sur Reboot now pour redémarrer le PC.
 
Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil HH.MM.SS heure de passage).

 

A+

Posté(e)

bonjour TomTom95!

 

désolé pour la fausse manip de hier au soir...

 

Voici le rapport TDSKiller :

 

08:50:45.0140 2636 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50

08:50:45.0593 2636 ============================================================

08:50:45.0593 2636 Current date / time: 2011/11/18 08:50:45.0593

08:50:45.0593 2636 SystemInfo:

08:50:45.0593 2636

08:50:45.0593 2636 OS Version: 5.1.2600 ServicePack: 3.0

08:50:45.0593 2636 Product type: Workstation

08:50:45.0593 2636 ComputerName: MAISON

08:50:45.0593 2636 UserName: HP_Propriétaire

08:50:45.0593 2636 Windows directory: C:\WINDOWS

08:50:45.0593 2636 System windows directory: C:\WINDOWS

08:50:45.0593 2636 Processor architecture: Intel x86

08:50:45.0593 2636 Number of processors: 1

08:50:45.0593 2636 Page size: 0x1000

08:50:45.0593 2636 Boot type: Normal boot

08:50:45.0593 2636 ============================================================

08:50:46.0859 2636 Initialize success

08:51:32.0203 1592 ============================================================

08:51:32.0203 1592 Scan started

08:51:32.0203 1592 Mode: Manual;

08:51:32.0203 1592 ============================================================

08:51:33.0328 1592 3xHybrid (c3033c287e8d8c2d50a2b2dd0aec1621) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys

08:51:33.0421 1592 3xHybrid - ok

08:51:33.0453 1592 Abiosdsk - ok

08:51:33.0484 1592 abp480n5 - ok

08:51:33.0531 1592 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

08:51:33.0531 1592 ACPI - ok

08:51:33.0578 1592 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys

08:51:33.0578 1592 ACPIEC - ok

08:51:33.0609 1592 adpu160m - ok

08:51:33.0656 1592 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

08:51:33.0656 1592 aec - ok

08:51:33.0703 1592 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

08:51:33.0703 1592 AFD - ok

08:51:33.0718 1592 Aha154x - ok

08:51:33.0750 1592 aic78u2 - ok

08:51:33.0765 1592 aic78xx - ok

08:51:33.0953 1592 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

08:51:34.0078 1592 ALCXWDM - ok

08:51:34.0156 1592 AliIde - ok

08:51:34.0203 1592 AmdK8 (31ffde1be912d7cbd3f189feb61f86b6) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

08:51:34.0203 1592 AmdK8 - ok

08:51:34.0234 1592 amsint - ok

08:51:34.0296 1592 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

08:51:34.0296 1592 Arp1394 - ok

08:51:34.0312 1592 asc - ok

08:51:34.0343 1592 asc3350p - ok

08:51:34.0359 1592 asc3550 - ok

08:51:34.0437 1592 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

08:51:34.0437 1592 AsyncMac - ok

08:51:34.0500 1592 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

08:51:34.0500 1592 atapi - ok

08:51:34.0515 1592 Atdisk - ok

08:51:34.0546 1592 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

08:51:34.0546 1592 Atmarpc - ok

08:51:34.0609 1592 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

08:51:34.0609 1592 audstub - ok

08:51:34.0718 1592 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys

08:51:34.0718 1592 avgio - ok

08:51:34.0812 1592 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

08:51:34.0812 1592 avgntflt - ok

08:51:34.0859 1592 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys

08:51:34.0859 1592 avipbb - ok

08:51:34.0937 1592 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

08:51:34.0937 1592 Beep - ok

08:51:35.0062 1592 catchme - ok

08:51:35.0171 1592 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

08:51:35.0171 1592 cbidf2k - ok

08:51:35.0218 1592 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

08:51:35.0218 1592 CCDECODE - ok

08:51:35.0250 1592 cd20xrnt - ok

08:51:35.0281 1592 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

08:51:35.0281 1592 Cdaudio - ok

08:51:35.0328 1592 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

08:51:35.0328 1592 Cdfs - ok

08:51:35.0359 1592 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

08:51:35.0359 1592 Cdrom - ok

08:51:35.0375 1592 CFRMD - ok

08:51:35.0390 1592 Changer - ok

08:51:35.0484 1592 cmdGuard (be1e51b694cadc4043e428a914ee544e) C:\WINDOWS\system32\DRIVERS\cmdguard.sys

08:51:35.0484 1592 cmdGuard - ok

08:51:35.0515 1592 cmdHlp (f0a78783a95b788856eec1c36d0a1e59) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys

08:51:35.0515 1592 cmdHlp - ok

08:51:35.0546 1592 CmdIde - ok

08:51:35.0578 1592 Cpqarray - ok

08:51:35.0609 1592 dac2w2k - ok

08:51:35.0625 1592 dac960nt - ok

08:51:35.0671 1592 DetectDr (4ac605e465353fcdb74894dc56da4db2) C:\WINDOWS\system32\Drivers\detectdr.sys

08:51:35.0671 1592 DetectDr - ok

08:51:35.0734 1592 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

08:51:35.0734 1592 Disk - ok

08:51:35.0796 1592 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys

08:51:35.0812 1592 dmboot - ok

08:51:35.0859 1592 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys

08:51:35.0859 1592 dmio - ok

08:51:35.0906 1592 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

08:51:35.0921 1592 dmload - ok

08:51:36.0031 1592 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

08:51:36.0046 1592 DMusic - ok

08:51:36.0078 1592 dpti2o - ok

08:51:36.0281 1592 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys

08:51:36.0343 1592 driverhardwarev2 - ok

08:51:36.0578 1592 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

08:51:36.0593 1592 drmkaud - ok

08:51:36.0687 1592 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

08:51:36.0703 1592 Fastfat - ok

08:51:36.0765 1592 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

08:51:36.0781 1592 Fdc - ok

08:51:36.0828 1592 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys

08:51:36.0828 1592 Fips - ok

08:51:36.0890 1592 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

08:51:36.0890 1592 Flpydisk - ok

08:51:37.0015 1592 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

08:51:37.0046 1592 FltMgr - ok

08:51:37.0140 1592 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

08:51:37.0156 1592 Fs_Rec - ok

08:51:37.0218 1592 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

08:51:37.0250 1592 Ftdisk - ok

08:51:37.0437 1592 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

08:51:37.0437 1592 GEARAspiWDM - ok

08:51:37.0609 1592 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

08:51:37.0609 1592 Gpc - ok

08:51:37.0937 1592 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

08:51:37.0937 1592 HidUsb - ok

08:51:38.0078 1592 hpn - ok

08:51:38.0296 1592 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

08:51:38.0312 1592 HPZid412 - ok

08:51:38.0390 1592 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

08:51:38.0390 1592 HPZipr12 - ok

08:51:38.0468 1592 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

08:51:38.0468 1592 HPZius12 - ok

08:51:38.0515 1592 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

08:51:38.0531 1592 HTTP - ok

08:51:38.0562 1592 i2omgmt - ok

08:51:38.0578 1592 i2omp - ok

08:51:38.0625 1592 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

08:51:38.0625 1592 i8042prt - ok

08:51:38.0703 1592 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

08:51:38.0703 1592 Imapi - ok

08:51:38.0750 1592 ini910u - ok

08:51:38.0796 1592 Inspect (d22ac37cbe6cf295416ef84245b804a8) C:\WINDOWS\system32\DRIVERS\inspect.sys

08:51:38.0796 1592 Inspect - ok

08:51:38.0828 1592 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys

08:51:38.0828 1592 IntelIde - ok

08:51:38.0875 1592 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys

08:51:38.0875 1592 intelppm - ok

08:51:38.0906 1592 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

08:51:38.0906 1592 Ip6Fw - ok

08:51:38.0937 1592 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

08:51:38.0937 1592 IpFilterDriver - ok

08:51:38.0984 1592 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

08:51:38.0984 1592 IpInIp - ok

08:51:39.0015 1592 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

08:51:39.0031 1592 IpNat - ok

08:51:39.0078 1592 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

08:51:39.0078 1592 IPSec - ok

08:51:39.0109 1592 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

08:51:39.0109 1592 IRENUM - ok

08:51:39.0156 1592 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys

08:51:39.0156 1592 isapnp - ok

08:51:39.0218 1592 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

08:51:39.0218 1592 Kbdclass - ok

08:51:39.0265 1592 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

08:51:39.0265 1592 kbdhid - ok

08:51:39.0312 1592 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

08:51:39.0312 1592 kmixer - ok

08:51:39.0359 1592 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

08:51:39.0359 1592 KSecDD - ok

08:51:39.0390 1592 lbrtfdc - ok

08:51:39.0484 1592 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys

08:51:39.0484 1592 ltmodem5 - ok

08:51:39.0593 1592 mbr - ok

08:51:39.0656 1592 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

08:51:39.0656 1592 mnmdd - ok

08:51:39.0718 1592 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys

08:51:39.0718 1592 Modem - ok

08:51:39.0750 1592 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys

08:51:39.0750 1592 Mouclass - ok

08:51:39.0812 1592 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

08:51:39.0812 1592 mouhid - ok

08:51:39.0859 1592 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

08:51:39.0859 1592 MountMgr - ok

08:51:39.0890 1592 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys

08:51:39.0890 1592 MPE - ok

08:51:39.0921 1592 mraid35x - ok

08:51:39.0968 1592 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

08:51:39.0968 1592 MRxDAV - ok

08:51:40.0031 1592 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

08:51:40.0046 1592 MRxSmb - ok

08:51:40.0109 1592 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

08:51:40.0109 1592 Msfs - ok

08:51:40.0156 1592 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

08:51:40.0156 1592 MSKSSRV - ok

08:51:40.0171 1592 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

08:51:40.0171 1592 MSPCLOCK - ok

08:51:40.0203 1592 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

08:51:40.0203 1592 MSPQM - ok

08:51:40.0250 1592 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

08:51:40.0250 1592 mssmbios - ok

08:51:40.0296 1592 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

08:51:40.0296 1592 MSTEE - ok

08:51:40.0343 1592 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

08:51:40.0343 1592 Mup - ok

08:51:40.0390 1592 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

08:51:40.0390 1592 NABTSFEC - ok

08:51:40.0437 1592 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

08:51:40.0437 1592 NDIS - ok

08:51:40.0468 1592 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

08:51:40.0468 1592 NdisIP - ok

08:51:40.0515 1592 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

08:51:40.0515 1592 NdisTapi - ok

08:51:40.0546 1592 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

08:51:40.0546 1592 Ndisuio - ok

08:51:40.0578 1592 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

08:51:40.0593 1592 NdisWan - ok

08:51:40.0625 1592 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

08:51:40.0625 1592 NDProxy - ok

08:51:40.0671 1592 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

08:51:40.0671 1592 NetBIOS - ok

08:51:40.0718 1592 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

08:51:40.0718 1592 NetBT - ok

08:51:40.0781 1592 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

08:51:40.0781 1592 NIC1394 - ok

08:51:40.0796 1592 nk4Seem - ok

08:51:40.0843 1592 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

08:51:40.0859 1592 Npfs - ok

08:51:40.0890 1592 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

08:51:40.0906 1592 Ntfs - ok

08:51:40.0953 1592 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

08:51:40.0953 1592 Null - ok

08:51:41.0187 1592 nv (fee170f182d5167b6e06e490dd7b42d7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

08:51:41.0406 1592 nv - ok

08:51:41.0562 1592 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

08:51:41.0609 1592 NwlnkFlt - ok

08:51:41.0734 1592 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

08:51:41.0734 1592 NwlnkFwd - ok

08:51:41.0781 1592 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

08:51:41.0781 1592 ohci1394 - ok

08:51:41.0828 1592 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys

08:51:41.0843 1592 Parport - ok

08:51:41.0875 1592 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

08:51:41.0875 1592 PartMgr - ok

08:51:41.0921 1592 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

08:51:41.0921 1592 ParVdm - ok

08:51:41.0953 1592 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys

08:51:41.0968 1592 PCI - ok

08:51:42.0000 1592 PCIDump - ok

08:51:42.0046 1592 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys

08:51:42.0046 1592 PCIIde - ok

08:51:42.0093 1592 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys

08:51:42.0093 1592 Pcmcia - ok

08:51:42.0125 1592 PDCOMP - ok

08:51:42.0140 1592 PDFRAME - ok

08:51:42.0171 1592 PDRELI - ok

08:51:42.0187 1592 PDRFRAME - ok

08:51:42.0218 1592 perc2 - ok

08:51:42.0250 1592 perc2hib - ok

08:51:42.0343 1592 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

08:51:42.0343 1592 PptpMiniport - ok

08:51:42.0390 1592 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys

08:51:42.0390 1592 Processor - ok

08:51:42.0453 1592 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys

08:51:42.0453 1592 Ps2 - ok

08:51:42.0484 1592 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

08:51:42.0484 1592 PSched - ok

08:51:42.0531 1592 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys

08:51:42.0531 1592 PSI - ok

08:51:42.0578 1592 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

08:51:42.0578 1592 Ptilink - ok

08:51:42.0625 1592 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys

08:51:42.0640 1592 PxHelp20 - ok

08:51:42.0656 1592 ql1080 - ok

08:51:42.0687 1592 Ql10wnt - ok

08:51:42.0703 1592 ql12160 - ok

08:51:42.0734 1592 ql1240 - ok

08:51:42.0765 1592 ql1280 - ok

08:51:42.0796 1592 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

08:51:42.0796 1592 RasAcd - ok

08:51:42.0859 1592 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

08:51:42.0859 1592 Rasl2tp - ok

08:51:42.0890 1592 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

08:51:42.0890 1592 RasPppoe - ok

08:51:42.0921 1592 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

08:51:42.0921 1592 Raspti - ok

08:51:42.0953 1592 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

08:51:42.0968 1592 Rdbss - ok

08:51:43.0000 1592 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

08:51:43.0000 1592 RDPCDD - ok

08:51:43.0062 1592 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

08:51:43.0062 1592 RDPWD - ok

08:51:43.0109 1592 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys

08:51:43.0109 1592 redbook - ok

08:51:43.0156 1592 RLDesignVirtualAudioCableWdm (f5cd7457fa2f0d1078992ccb77a546c4) C:\WINDOWS\system32\DRIVERS\livecamv.sys

08:51:43.0171 1592 RLDesignVirtualAudioCableWdm - ok

08:51:43.0234 1592 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys

08:51:43.0234 1592 RTL8023xp - ok

08:51:43.0281 1592 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

08:51:43.0281 1592 rtl8139 - ok

08:51:43.0328 1592 RtlPacket (a7fb8f4711c8166baec522a27f0323b0) C:\WINDOWS\system32\Drivers\packet.sys

08:51:43.0328 1592 RtlPacket - ok

08:51:43.0390 1592 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

08:51:43.0390 1592 Secdrv - ok

08:51:43.0468 1592 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys

08:51:43.0468 1592 Serial - ok

08:51:43.0546 1592 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

08:51:43.0546 1592 Sfloppy - ok

08:51:43.0593 1592 Simbad - ok

08:51:43.0625 1592 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

08:51:43.0625 1592 SLIP - ok

08:51:43.0656 1592 Sparrow - ok

08:51:43.0687 1592 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

08:51:43.0687 1592 splitter - ok

08:51:43.0734 1592 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys

08:51:43.0750 1592 sr - ok

08:51:43.0843 1592 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

08:51:44.0000 1592 Srv - ok

08:51:44.0062 1592 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

08:51:44.0078 1592 ssmdrv - ok

08:51:44.0156 1592 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

08:51:44.0171 1592 streamip - ok

08:51:44.0234 1592 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

08:51:44.0250 1592 swenum - ok

08:51:44.0328 1592 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

08:51:44.0328 1592 swmidi - ok

08:51:44.0406 1592 symc810 - ok

08:51:44.0453 1592 symc8xx - ok

08:51:44.0500 1592 sym_hi - ok

08:51:44.0546 1592 sym_u3 - ok

08:51:44.0640 1592 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

08:51:44.0671 1592 sysaudio - ok

08:51:44.0921 1592 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

08:51:45.0078 1592 Tcpip - ok

08:51:45.0234 1592 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

08:51:45.0234 1592 TDPIPE - ok

08:51:45.0296 1592 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

08:51:45.0296 1592 TDTCP - ok

08:51:45.0343 1592 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

08:51:45.0343 1592 TermDD - ok

08:51:45.0406 1592 TosIde - ok

08:51:45.0484 1592 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS

08:51:45.0484 1592 TVICHW32 - ok

08:51:45.0515 1592 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

08:51:45.0515 1592 Udfs - ok

08:51:45.0562 1592 ultra - ok

08:51:45.0609 1592 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

08:51:45.0609 1592 Update - ok

08:51:45.0687 1592 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys

08:51:45.0687 1592 USBAAPL - ok

08:51:45.0734 1592 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

08:51:45.0734 1592 usbaudio - ok

08:51:45.0781 1592 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

08:51:45.0781 1592 usbccgp - ok

08:51:45.0812 1592 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

08:51:45.0812 1592 usbehci - ok

08:51:45.0843 1592 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

08:51:45.0843 1592 usbhub - ok

08:51:45.0875 1592 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

08:51:45.0875 1592 usbohci - ok

08:51:45.0906 1592 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

08:51:45.0906 1592 usbprint - ok

08:51:45.0937 1592 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

08:51:45.0937 1592 usbscan - ok

08:51:45.0968 1592 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

08:51:45.0968 1592 USBSTOR - ok

08:51:46.0000 1592 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

08:51:46.0000 1592 usbuhci - ok

08:51:46.0031 1592 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

08:51:46.0031 1592 usbvideo - ok

08:51:46.0078 1592 V0410Afx (e8532ccc886588219bceb3ea6f9f5339) C:\WINDOWS\system32\DRIVERS\V0410Afx.sys

08:51:46.0078 1592 V0410Afx - ok

08:51:46.0125 1592 V0410Aud (c10127dcf95c0cbec23d458328e38596) C:\WINDOWS\system32\DRIVERS\V0410Aud.sys

08:51:46.0125 1592 V0410Aud - ok

08:51:46.0187 1592 V0410Dev (b8b487c584b4bc4ee86509e832deeca5) C:\WINDOWS\system32\DRIVERS\V0410Dev.sys

08:51:46.0187 1592 V0410Dev - ok

08:51:46.0234 1592 V0410Vfx (f1d25a8a6e84107cc0c22bc1623e8b0c) C:\WINDOWS\system32\DRIVERS\V0410Vfx.sys

08:51:46.0234 1592 V0410Vfx - ok

08:51:46.0281 1592 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

08:51:46.0281 1592 VgaSave - ok

08:51:46.0312 1592 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

08:51:46.0328 1592 ViaIde - ok

08:51:46.0359 1592 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys

08:51:46.0359 1592 VolSnap - ok

08:51:46.0406 1592 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

08:51:46.0406 1592 Wanarp - ok

08:51:46.0421 1592 WDICA - ok

08:51:46.0468 1592 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

08:51:46.0484 1592 wdmaud - ok

08:51:46.0640 1592 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

08:51:46.0640 1592 WSTCODEC - ok

08:51:46.0687 1592 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

08:51:46.0687 1592 WudfPf - ok

08:51:46.0765 1592 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0

08:51:46.0781 1592 \Device\Harddisk0\DR0 - ok

08:51:46.0781 1592 Boot (0x1200) (50fd74a024ae5a43903bccc18f07bdff) \Device\Harddisk0\DR0\Partition0

08:51:46.0781 1592 \Device\Harddisk0\DR0\Partition0 - ok

08:51:46.0796 1592 Boot (0x1200) (02209b1ecaf8853326af6d9d7d51e1be) \Device\Harddisk0\DR0\Partition1

08:51:46.0796 1592 \Device\Harddisk0\DR0\Partition1 - ok

08:51:46.0796 1592 ============================================================

08:51:46.0796 1592 Scan finished

08:51:46.0796 1592 ============================================================

08:51:46.0828 3756 Detected object count: 0

08:51:46.0828 3756 Actual detected object count: 0

08:52:49.0000 3764 Deinitialize success

 

******************

 

Dans l'attente de vos commentaires éventuels

 

Bonne journée

 

jpt

Posté(e)

Bonjour jpt

 

C'est tout bon, Bien on fini :grin6:

Désinstallation des outils, il ne sert a rien de garder les outils, ils sont mis régulièrement a jour, et ne sutilise que dans des cas bien précis.

 

Télecharge sur le site DelFix (de Xplode) sur ton Bureau

 

  • Choisis l'option "Recherche"
  • Valide sur Entrée
  • Laisse travailler l'outil
  • Copie/colle le rapport obtenu
     
    Relance Delfix
     
  • Choisis l'option "Suppression"
  • Valide sur Entrée
  • Laisse travailler l'outil
  • Copie/colle le rapport obtenu
    Supprime DelFix ainsi que les autres outils restant éventuellement sur le bureau.

 

POST les rapports DELFIX stp

 

  • Tu va supprimer tes anciennes points de sauvegarde du pc,puis créer un nouveau point sain
    Après une désinfection il est nécessaire de désactiver puis réactiver la restauration système pour la purger
    car les points de restauration peuvent être infectés.
     
  • Clique sur le bouton démarrer faîtes un clique droit sur "poste de travail" puis clique sur "Propriétés" :
  • Clique ensuite sur "Restauration du système
  • Coche la ,ou les cases des disques désactiver la restauration du système :
  • Clique sur appliquer Une confirmation est nécessaire.
     
  • Pour réactiver la restauration système il suffit de Décocher à nouveau la,ou les cases ,
  • Un nouveau points de restauration du système sain sera fait.

 

Mise a jour importante pour des raison de sécurité

 

Flash player V 11 (décoche la case de la Toolbar inutile)

http://get.adobe.com/fr/flashplayer/

 

A+

Posté(e)

Bonjour TomTOM95,

 

tout d'abord merci pour votre aide!

Pour votre dernière demande (delfix), je ne pourrai réaliser cette manip que mercredi prochain ( actuellement en voyage).Je laisse donc le sujet ouvert jusqu'à la semaine prochaine , sera mis en résolu après ok de votre part.

 

bonne fin de semaine,

 

A mercredi prochain

 

jpt

Posté(e)

Bonjour jpt

 

Delfix ,et purger la restauration demande trés peu de temps ;)

 

D'accord je garde je sujet dans mes suivis.

 

Bon week-end

A+

 

bonjour TomTOM95 !

 

voici le rapport "analyse" de DELFIX

 

# DelFix v8.6 - Rapport créé le 23/11/2011 à 14:53:37

# Mis à jour le 13/10/11 à 18h par Xplode

# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)

# Nom d'utilisateur : HP_Propriétaire - MAISON (Administrateur)

# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\delfix.exe

# Option [Recherche]

 

 

~~~~~~ Dossiers(s) ~~~~~~

 

Présent : C:\Toolbar SD

Présent : C:\VundoFix Backups

Présent : C:\ZHP

Présent : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

Présent : C:\Program Files\ZHPDiag

Présent : C:\Program Files\Trend Micro\Hijackthis

 

~~~~~~ Fichier(s) ~~~~~~

 

Présent : C:\AdwCleaner[R4].txt

Présent : C:\AdwCleaner[s2].txt

Présent : C:\JavaRa.log

Présent : C:\PhysicalDisk0_MBR.bin

Présent : C:\TB.txt

Présent : C:\TDSSKiller.2.6.19.0_18.11.2011_08.50.45_log.txt

Présent : C:\TDSSKiller.2.6.19.0_18.11.2011_09.00.56_log.txt

Présent : C:\ZHPExportRegistry-04-11-2011-22-32-49.txt

Présent : C:\ZHPExportRegistry-07-11-2010-23-19-50.txt

Présent : C:\ZHPExportRegistry-08-03-2011-12-07-25.txt

Présent : C:\ZHPExportRegistry-09-02-2011-11-52-45.txt

Présent : C:\ZHPExportRegistry-14-02-2010-18-56-57.txt

Présent : C:\ZHPExportRegistry-17-02-2011-19-07-57.txt

Présent : C:\ZHPExportRegistry-24-08-2010-15-45-32.txt

Présent : C:\ZHPExportRegistry-26-01-2011-17-32-53.txt

Présent : C:\ZHPExportRegistry-26-01-2011-17-45-00.txt

Présent : C:\ZHPExportRegistry-26-01-2011-17-53-12.txt

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\catchme.log

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\HiJackThis.lnk

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\JavaRa.exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\SecuScan.bat

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\ZHPDiag.txt

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\ZHPFixReport.txt

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\adwcleaner0(1).exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\adwcleaner0(2).exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\adwcleaner0.exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\Dial-a-fix-v0.60.0.24.zip

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\Mots_simples.pps

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\newhooverdambridge1(1).pps

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\newhooverdambridge1.pps

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\tdsskiller(1).exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\tdsskiller.exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\TFC.exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\ZHPDiag2.exe

Présent : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\ZHPFix.exe

Présent : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

Présent : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

Présent : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

 

~~~~~~ Registre ~~~~~~

 

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis

Clé Présente : HKLM\SOFTWARE\OldTimer Tools

Clé Présente : HKLM\SOFTWARE\AdwCleaner

Clé Présente : HKLM\SOFTWARE\TrendMicro\Hijackthis

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

 

~~~~~~ Autres ~~~~~~

 

 

*************************

 

DelFix[R1].txt - [4067 octets] - [23/11/2011 14:53:37]

 

########## EOF - C:\DelFix[R1].txt - [4191 octets] ##########

 

Voici le rapport "suppression"

 

# DelFix v8.6 - Rapport créé le 23/11/2011 à 14:56:45

# Mis à jour le 13/10/11 à 18h par Xplode

# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)

# Nom d'utilisateur : HP_Propriétaire - MAISON (Administrateur)

# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\delfix.exe

# Option [suppression]

 

 

~~~~~~ Dossiers(s) ~~~~~~

 

Supprimé : C:\Toolbar SD

Supprimé : C:\VundoFix Backups

Supprimé : C:\ZHP

Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

Supprimé : C:\Program Files\ZHPDiag

Supprimé : C:\Program Files\Trend Micro\Hijackthis

 

~~~~~~ Fichier(s) ~~~~~~

 

Supprimé : C:\AdwCleaner[R4].txt

Supprimé : C:\AdwCleaner[s2].txt

Supprimé : C:\JavaRa.log

Supprimé : C:\PhysicalDisk0_MBR.bin

Supprimé : C:\TB.txt

Supprimé : C:\TDSSKiller.2.6.19.0_18.11.2011_08.50.45_log.txt

Supprimé : C:\TDSSKiller.2.6.19.0_18.11.2011_09.00.56_log.txt

Supprimé : C:\ZHPExportRegistry-04-11-2011-22-32-49.txt

Supprimé : C:\ZHPExportRegistry-07-11-2010-23-19-50.txt

Supprimé : C:\ZHPExportRegistry-08-03-2011-12-07-25.txt

Supprimé : C:\ZHPExportRegistry-09-02-2011-11-52-45.txt

Supprimé : C:\ZHPExportRegistry-14-02-2010-18-56-57.txt

Supprimé : C:\ZHPExportRegistry-17-02-2011-19-07-57.txt

Supprimé : C:\ZHPExportRegistry-24-08-2010-15-45-32.txt

Supprimé : C:\ZHPExportRegistry-26-01-2011-17-32-53.txt

Supprimé : C:\ZHPExportRegistry-26-01-2011-17-45-00.txt

Supprimé : C:\ZHPExportRegistry-26-01-2011-17-53-12.txt

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\catchme.log

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\HiJackThis.lnk

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\JavaRa.exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\SecuScan.bat

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\ZHPDiag.txt

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\ZHPFixReport.txt

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\adwcleaner0(1).exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\adwcleaner0(2).exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\adwcleaner0.exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\Dial-a-fix-v0.60.0.24.zip

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\Mots_simples.pps

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\newhooverdambridge1(1).pps

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\newhooverdambridge1.pps

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\tdsskiller(1).exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\tdsskiller.exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\TFC.exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\ZHPDiag2.exe

Supprimé : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Mes documents\Téléchargements\ZHPFix.exe

Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk

Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk

Supprimé : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

 

~~~~~~ Registre ~~~~~~

 

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis

Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools

Clé Supprimée : HKLM\SOFTWARE\AdwCleaner

Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

 

~~~~~~ Autres ~~~~~~

 

-> Prefetch Vidé

 

*************************

 

DelFix[R1].txt - [4188 octets] - [23/11/2011 14:53:37]

DelFix[s1].txt - [4192 octets] - [23/11/2011 14:56:45]

 

########## EOF - C:\DelFix[s1].txt - [4316 octets] ##########

Posté(e)

re bonjour Tomtom95,

 

- purge des points de restauration faite,

- mise à jour flash player effectuée,

 

Un grand merci pour votre aide efficace et patiente...

 

Je fermerai le sujet dés ok de votre part,

 

cordialement,

 

jpt

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...