Bonjour,
Depuis qques jours, à l'ouverture, mon PC m'ouvre une fenêtre publicitaire sans rien me demander.
En plus, elle s'ouvre avec IE qui n'est pas mon navigateur par défaut...
Comment faire pour la bloquer??
Merci
est-ce que le début de l'url de la fenetre est "www.eorezo" ??
et est ce que tu as un programme de EoEngine dnas "programmes et fonctionalités" ?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:22:10, on 02/02/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Jeff\Desktop\Sniffle.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com/recherche
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: qualityads - {58c26a4c-608f-17df-3fd6-402ebdc5af04} - C:\Windows\system32\eb9b1927.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: clickbuster browser enhancer - {A2FCF452-AC97-8A2A-48E9-62F77A5481BD} - C:\Windows\system32\mhfgjxjkwztjuripj.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [kdbaurnjgzuisaq] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\mhfgjxjkwztjuripj.dll"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://orange.weborama.fr
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 7389 bytes
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 6.0.6002 Service Pack 2
02/02/2011 19:41:57
mbam-log-2011-02-02 (19-41-43).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 227517
Temps écoulé: 1 hour(s), 8 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Windows\System32\eb9b1927.dll (Trojan.Vundo.H) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58c26a4c-608f-17df-3fd6-402ebdc5af04} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{58c26a4c-608f-17df-3fd6-402ebdc5af04} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{58c26a4c-608f-17df-3fd6-402ebdc5af04} (Trojan.Vundo.H) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kdbaurnjgzuisaq (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\System32\eb9b1927.dll (Trojan.Vundo.H) -> No action taken.
Visiblement il y a de l'infection dans l'air...
QUe faire????????
Rapport de ZHPDiag v1.27.1523 par Nicolas Coolman, Update du 02/02/2011
Run by Jeff at 02/02/2011 20:14:47
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18999
MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)
GCIE: Google Chrome
---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 14 Stepping 12, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1790 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 49 GB (34%) free of 141 GB
---\\ Logged in mode
Computer Name: LOSSANTOS
User Name: Jeff
All Users Names: Jeff, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=%USERPROFILE%\AppData\Roaming
%LocalAppData%=%USERPROFILE%\AppData\Local
%StartMenu%=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 49 Go of 141 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]
---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.916B09138B35CBC306D71509E21330BA] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104]
[MD5.32E4E820EDBD675009605F90DD97EE6C] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4186112]
[MD5.3C6C546F303C1B956C6F5C436C97CB8F] - (.ALWIL Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2815192]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.CC1959AB3929997F4198AA69C854086F] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\regsvr32.exe [14336]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.5AB037B17F8A87D052F5A88E0D29A3C8] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]
[MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304]
[MD5.3621F2F6A733BFABDC58C97613B0166D] - (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe [116280]
[MD5.C5FCC0B761069FABD59E41B7C3280DDF] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1312080]
[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]
[MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.3803B61F8F45012B4CF98ED26086CDB5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [624128]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.51204.0.) -- c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - MetaStream 3 Plugin r4.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com/recherche
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: qualityads - {58c26a4c-608f-17df-3fd6-402ebdc5af04} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\eb9b1927.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: clickbuster browser enhancer - {A2FCF452-AC97-8A2A-48E9-62F77A5481BD} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\mhfgjxjkwztjuripj.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Packard Bell - BAE.dll.) -- C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [avast5] . (.ALWIL Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [kdbaurnjgzuisaq] . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\mhfgjxjkwztjuripj.dll
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-3218718820-4083636131-1738697703-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\Jeff\Desktop\Audacity.lnk . (.Pas de propriétaire.) -- C:\Program Files\Audacity\audacity.exe
O4 - Global Startup: C:\Documents And Settings\Jeff\Desktop\Free Mp3 Wma Converter.lnk . (.Koyote Soft - Renan Broquin.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - Global Startup: C:\Documents And Settings\Jeff\Desktop\TimeAdjuster.lnk . (.Pas de propriétaire.) -- C:\Program Files\TimeAdjuster\time_adjuster.exe
O4 - Global Startup: C:\Documents And Settings\Jeff\Desktop\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\MOVIEMK.exe
O4 - Global Startup: C:\Documents And Settings\Jeff\Desktop\WinMail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Jeff\Desktop\Audacity.lnk . (.Pas de propriétaire.) -- C:\Program Files\Audacity\audacity.exe
O4 - Global Startup: C:\Users\Jeff\Desktop\Free Mp3 Wma Converter.lnk . (.Koyote Soft - Renan Broquin.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - Global Startup: C:\Users\Jeff\Desktop\TimeAdjuster.lnk . (.Pas de propriétaire.) -- C:\Program Files\TimeAdjuster\time_adjuster.exe
O4 - Global Startup: C:\Users\Jeff\Desktop\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\MOVIEMK.exe
O4 - Global Startup: C:\Users\Jeff\Desktop\WinMail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk . (.Pas de propriétaire.) -- C:\Windows\Installer\{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}\iTunesIco.exe
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype add-on for Internet Explorer - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.mappy.com
O15 - Trusted Zone: [HKCU\...\Domains\www] http.mappy.com
O15 - Trusted Zone: [HKCU\...\Domains] http.orange.fr
O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0812F9AF-9798-4E60-B140-6FBC5ED262B3}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{1BAEACB4-9443-4FB4-B0C5-357B5DAA785F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{0812F9AF-9798-4E60-B140-6FBC5ED262B3}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{1BAEACB4-9443-4FB4-B0C5-357B5DAA785F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{0812F9AF-9798-4E60-B140-6FBC5ED262B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1BAEACB4-9443-4FB4-B0C5-357B5DAA785F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{0812F9AF-9798-4E60-B140-6FBC5ED262B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{1BAEACB4-9443-4FB4-B0C5-357B5DAA785F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{0812F9AF-9798-4E60-B140-6FBC5ED262B3}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\..\{1BAEACB4-9443-4FB4-B0C5-357B5DAA785F}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{0812F9AF-9798-4E60-B140-6FBC5ED262B3}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{1BAEACB4-9443-4FB4-B0C5-357B5DAA785F}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AOL ACS) . (.AOL LLC - AOL Connectivity Service.) - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (ASLDRService) . (.Pas de propriétaire - ASLDR Service.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: (avast! Antivirus) . (.ALWIL Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (RoxWatch9) . (.Sonic Solutions - RoxSniffer9 Module.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Extension de garantie.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HDReg.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Internet Security - Analyse système complète - Jeff.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Recovery DVD Creator.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{97D72ACA-7D15-4CDC-82E8-1740C8E0B1C6}.job
[MD5.FA52C48CA18EDFB00180FD465E8F0B08] [APT] [Extension de garantie] (.Packard Bell BV.) -- C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [Norton Internet Security - Analyse systŠme complŠte - Jeff] (.Pas de propriétaire.) -- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe (.not file.)
[MD5.B6D82C30267289D56B4BFDE3715D8F9F] [APT] [Recovery DVD Creator] (.Packard Bell BV.) -- C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe
[MD5.6FBBB73BE9FB38389AB73F38828A9CAC] [APT] [{46E61FD5-06B3-400B-AE82-68DFDC6478F6}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.9EE4D9EEE94305164258EC7FC6A03E02] [APT] [{9C0053EA-1857-4EA4-9A71-04BD09F12679}] (.IrekSoftware.com.) -- C:\tools\time-adjuster_time_adjuster_3.1_francais_11087\Setup.exe
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
O42 - Logiciel: ADSL Neuf - (.Pas de propriétaire.) [HKLM] -- NEUF_FR
O42 - Logiciel: AOL - Assistant de désinstallation - (.Pas de propriétaire.) [HKLM] -- Programme de désinstallation AOL
O42 - Logiciel: ATK Hotkey - (.ATK.) [HKLM] -- {3912D529-02BC-4CA8-B5ED-0D0C20EB6003}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 8 - (.Pas de propriétaire.) [HKLM] -- AdobeReader
O42 - Logiciel: Adobe Reader 8.1.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81300000003}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {A7DB362E-16DC-4E29-8A34-E74381E00B5B}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AFA20D47-69C3-4030-8DF8-D37466E70F13}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: Bison 11/28/2006,6.32.03.002 - (.Pas de propriétaire.) [HKLM] -- CMOS
O42 - Logiciel: Bluesoleil3.2.1.2 Release 070314 - (.IVT Corporation.) [HKLM] -- {AF98AF15-161E-42EC-9008-1CCF9BB83961}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
O42 - Logiciel: Brother MFL-Pro Suite - (.Brother Industries, Ltd..) [HKLM] -- {A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}
O42 - Logiciel: Browser Address Error Redirector - (.Pas de propriétaire.) [HKLM] -- {3EE33958-7381-4E7B-A4F3-6E43098E9E9C}
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Contextual Tool Qualityads - (.Pas de propriétaire.) [HKLM] -- 1ee9db43
O42 - Logiciel: Creator 9 - (.Pas de propriétaire.) [HKLM] -- CREATOR9
O42 - Logiciel: Firefox - (.Pas de propriétaire.) [HKLM] -- FirefoxFR
O42 - Logiciel: Flash Player 9 Internet Explorer - (.Pas de propriétaire.) [HKLM] -- Flashplayer
O42 - Logiciel: Free Mp3 Wma Converter V 1.7.2 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: GIMP 2.6.8 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1
O42 - Logiciel: Google BAE - (.Pas de propriétaire.) [HKLM] -- GoogleBAE
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: GoogleToolbar - (.Pas de propriétaire.) [HKLM] -- GoogleToolbar
O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 - (.HP.) [HKLM] -- {CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM] -- HP Print Projects
O42 - Logiciel: HP Smart Web Printing 4.5 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: IZArc 4.1 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1
O42 - Logiciel: Infocentre Rev. 2.0 - (.Pas de propriétaire.) [HKLM] -- Infocentre
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150170}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF}
O42 - Logiciel: K-Lite Codec Pack 6.6.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Metaboli - (.Pas de propriétaire.) [HKLM] -- METABOLI
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Microsoft Works 8.5 - (.Pas de propriétaire.) [HKLM] -- MSWorks85
O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)
O42 - Logiciel: Music Transfer Utility Ver.1 - (.PIXELA.) [HKLM] -- {9E520B22-546E-4AD3-8958-7D1EB8587AB1}
O42 - Logiciel: NIS2007 - (.Pas de propriétaire.) [HKLM] -- NIS2007_FR
O42 - Logiciel: OFFICE One 150 Templates v7 - (.ISSENDIS.) [HKLM] -- {BA147801-8946-4BBE-BE17-A2199CE52C81}
O42 - Logiciel: OFFICE One 7.0 - (.ISSENDIS.) [HKLM] -- {1EF377AC-035A-48BE-8EF7-D18D36308CE9}
O42 - Logiciel: OFFICE One ClipArt v7 - (.ISSENDIS.) [HKLM] -- {B8F3555E-B918-445E-97D1-BC4861C4EF59}
O42 - Logiciel: OFFICE One Fonts v7 - (.ISSENDIS.) [HKLM] -- {CC0C788C-7C68-47A9-BFBF-0DF7B205B4CC}
O42 - Logiciel: OFFICE One License v7 - (.ISSENDIS.) [HKLM] -- {E1A7B28B-AA31-442C-A4FA-598B65A7F5DA}
O42 - Logiciel: OFFICE One Menu v7 - (.ISSENDIS.) [HKLM] -- {85C5827E-106F-4497-8066-B7CFEBBEA91D}
O42 - Logiciel: OFFICE One Notes v7 - (.ISSENDIS.) [HKLM] -- {5D2683BE-2C44-4DB5-BECD-87B324077A7F}
O42 - Logiciel: OFFICE One QuickZip v7 - (.ISSENDIS.) [HKLM] -- {87DEF84E-51A5-4A0E-91C2-E012E92DE69B}
O42 - Logiciel: OFFICE One Safety-Box v7 - (.ISSENDIS.) [HKLM] -- {B243ABE9-57C2-4B97-BA6B-37DF6C0208ED}
O42 - Logiciel: OFFICE One Startup v7 - (.ISSENDIS.) [HKLM] -- {FEC30F06-A382-47D1-B828-859AC641EB1D}
O42 - Logiciel: Office One - (.Pas de propriétaire.) [HKLM] -- OFFICE
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Packard Bell Demo - (.Pas de propriétaire.) [HKLM] -- PB_DEMO
O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- ImageWriter
O42 - Logiciel: Packard Bell LCD Test - (.Pas de propriétaire.) [HKLM] -- LCDTest
O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- Updator
O42 - Logiciel: Picasa2 - (.Google, Inc..) [HKLM] -- Picasa2
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {F958CA02-BB40-4007-894B-258729456EE4}
O42 - Logiciel: RTC Client API v1.2 - (.Microsoft.) [HKLM] -- {44CDBD1B-89FB-4E02-8319-2A4C550F664A}
O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator 9 LE - (.Roxio.) [HKLM] -- {B7FB0C86-41A4-4402-9A33-912C462042A0}
O42 - Logiciel: SUPER © Version 2010.bld.38 (May 2, 2010) - (.eRightSoft.) [HKLM] -- SUPER ©
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: SetUp My PC - (.Pas de propriétaire.) [HKLM] -- SETUPMYPC_FR
O42 - Logiciel: Shockwave player 10 - (.Pas de propriétaire.) [HKLM] -- Shockwave
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8 - (.Adobe Systems.) [HKLM] -- {AC76BA86-7AD7-5464-3428-800000000003}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Tagging System Clickbuster. - (.Pas de propriétaire.) [HKLM] -- splxsohkiloayyt
O42 - Logiciel: Time Adjuster STANDARD 3.1 - (.IrekSoftware.com.) [HKCU] -- TimeAdjuster
O42 - Logiciel: USB2.0 350K WebCam - (.Pas de propriétaire.) [HKLM] -- {4A57592C-FF92-4083-97A9-92783BD5AFB4}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Video ATI v8.332 - (.Pas de propriétaire.) [HKLM] -- VIDEO_RIO
O42 - Logiciel: Viewpoint Media Player - (.Pas de propriétaire.) [HKLM] -- ViewpointMediaPlayer
O42 - Logiciel: WalterShop - (.Durable.com.) [HKLM] -- WalterShop
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\America Online]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\{01A7BDE8-3937-6511-600C-83AF2D538B22}]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\ac8641e]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\Brother]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreAAC]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IE]
[HKCU\Software\IM Providers]
[HKCU\Software\IZSoftware]
[HKCU\Software\Imaxel]
[HKCU\Software\InstallShield]
[HKCU\Software\IrekZielinskiSoft]
[HKCU\Software\JavaSoft]
[HKCU\Software\Ligos]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\Mozilla]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Netscape]
[HKCU\Software\PIXELA]
[HKCU\Software\Packard Bell]
[HKCU\Software\Pinnacle Systems]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\SFR]
[HKCU\Software\Skype]
[HKCU\Software\Sonic]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Usbfix]
[HKCU\Software\Vodafone]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eMule]
[HKCU\Software\madFlac]
[HKLM\Software\13fe]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\ATK]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AsLdr]
[HKLM\Software\Atheros]
[HKLM\Software\AviSynth]
[HKLM\Software\BisonCam]
[HKLM\Software\Brother Industries, Ltd.]
[HKLM\Software\Brother]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\Debug]
[HKLM\Software\FreeCDRIP]
[HKLM\Software\FullCircle]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ISSENDIS]
[HKLM\Software\IVT Corporation]
[HKLM\Software\IZSoftware]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MetaStream]
[HKLM\Software\MicroVision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PIXELA]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Pinnacle Systems]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SFR]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\Trad-FR]
[HKLM\Software\TrendMicro]
[HKLM\Software\Uniblue]
[HKLM\Software\Viewpoint]
[HKLM\Software\Volatile]
[HKLM\Software\WebCam]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\illiminable]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/08/2010 - 10:40:20 ----D- C:\Program Files\Adobe
O43 - CFD: 01/02/2010 - 17:27:22 ----D- C:\Program Files\Alwil Software
O43 - CFD: 25/11/2007 - 15:01:02 ----D- C:\Program Files\AOL
O43 - CFD: 24/05/2007 - 21:52:48 ----D- C:\Program Files\AOL 9.0 VR
O43 - CFD: 30/12/2008 - 16:02:04 ----D- C:\Program Files\Apple Software Update
O43 - CFD: 24/05/2007 - 21:47:38 ----D- C:\Program Files\Atheros
O43 - CFD: 24/05/2007 - 21:42:46 ----D- C:\Program Files\ATI
O43 - CFD: 24/05/2007 - 21:43:48 ----D- C:\Program Files\ATI Technologies
O43 - CFD: 24/05/2007 - 21:40:24 ----D- C:\Program Files\ATK Hotkey
O43 - CFD: 02/05/2008 - 11:31:54 ----D- C:\Program Files\Audacity
O43 - CFD: 22/01/2009 - 18:26:20 ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 30/12/2008 - 16:12:18 ----D- C:\Program Files\Bonjour
O43 - CFD: 12/09/2009 - 13:36:14 ----D- C:\Program Files\Brother
O43 - CFD: 02/04/2009 - 08:43:20 ----D- C:\Program Files\CCleaner
O43 - CFD: 10/11/2007 - 21:57:46 ----D- C:\Program Files\Club-Internet
O43 - CFD: 29/10/2010 - 11:11:50 ----D- C:\Program Files\Common Files
O43 - CFD: 21/05/2010 - 13:37:34 ----D- C:\Program Files\eMule
O43 - CFD: 30/08/2010 - 12:57:12 ----D- C:\Program Files\eRightSoft
O43 - CFD: 25/09/2007 - 09:30:54 -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 02/05/2008 - 11:14:32 ----D- C:\Program Files\Free Audio Pack
O43 - CFD: 01/02/2010 - 10:02:56 ----D- C:\Program Files\GIMP-2.0
O43 - CFD: 10/11/2010 - 18:41:48 ----D- C:\Program Files\Google
O43 - CFD: 24/05/2007 - 21:48:28 ----D- C:\Program Files\HDReg
O43 - CFD: 30/05/2010 - 18:54:48 ----D- C:\Program Files\HP
O43 - CFD: 23/11/2010 - 08:55:30 ----D- C:\Program Files\imaxel
O43 - CFD: 23/11/2010 - 08:52:38 --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/12/2010 - 09:46:10 ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/05/2008 - 11:13:46 ----D- C:\Program Files\iPod
O43 - CFD: 24/05/2007 - 22:16:56 ----D- C:\Program Files\ISSENDIS
O43 - CFD: 20/05/2008 - 11:14:06 ----D- C:\Program Files\iTunes
O43 - CFD: 29/01/2010 - 21:12:18 ----D- C:\Program Files\IVT Corporation
O43 - CFD: 25/05/2010 - 13:26:14 ----D- C:\Program Files\IZArc
O43 - CFD: 23/01/2011 - 20:31:06 ----D- C:\Program Files\Java
O43 - CFD: 12/12/2010 - 20:14:14 ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 23/09/2009 - 14:12:44 ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 07/02/2010 - 14:00:54 ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\Microsoft Games
O43 - CFD: 24/05/2007 - 22:26:50 ----D- C:\Program Files\Microsoft Office
O43 - CFD: 08/01/2011 - 17:56:40 ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 08/11/2009 - 10:50:52 ----D- C:\Program Files\Microsoft Works
O43 - CFD: 13/08/2010 - 10:59:54 ----D- C:\Program Files\Movie Maker
O43 - CFD: 15/12/2010 - 17:24:56 ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\MSBuild
O43 - CFD: 29/09/2007 - 21:39:50 ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 24/05/2007 - 22:21:54 ----D- C:\Program Files\OFFICE ONE 7.0
O43 - CFD: 24/05/2007 - 22:20:56 ----D- C:\Program Files\OFFICE One v7
O43 - CFD: 24/05/2007 - 22:24:46 ----D- C:\Program Files\Packard Bell
O43 - CFD: 24/05/2007 - 22:24:30 ----D- C:\Program Files\Picasa2
O43 - CFD: 08/02/2010 - 15:01:26 ----D- C:\Program Files\PIXELA
O43 - CFD: 30/12/2008 - 16:10:50 ----D- C:\Program Files\QuickTime
O43 - CFD: 10/02/2010 - 10:21:38 ----D- C:\Program Files\Real
O43 - CFD: 24/05/2007 - 21:46:44 ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 24/05/2007 - 21:58:16 ----D- C:\Program Files\Roxio
O43 - CFD: 18/12/2008 - 14:20:14 ----D- C:\Program Files\Securitoo
O43 - CFD: 04/08/2010 - 14:43:20 ----D- C:\Program Files\SFR
O43 - CFD: 17/09/2010 - 13:35:20 R---D- C:\Program Files\Skype
O43 - CFD: 25/05/2007 - 07:04:22 ----D- C:\Program Files\Synaptics
O43 - CFD: 01/06/2010 - 10:03:08 ----D- C:\Program Files\TimeAdjuster
O43 - CFD: 25/05/2010 - 13:26:28 ----D- C:\Program Files\Uniblue
O43 - CFD: 02/11/2006 - 14:01:56 --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 01/06/2010 - 14:39:50 ----D- C:\Program Files\URUSoft
O43 - CFD: 24/05/2007 - 21:51:48 ----D- C:\Program Files\Viewpoint
O43 - CFD: 01/02/2010 - 09:41:44 ----D- C:\Program Files\WalterShop.com
O43 - CFD: 04/02/2010 - 19:29:20 ----D- C:\Program Files\Windows Calendar
O43 - CFD: 04/02/2010 - 19:29:20 ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 04/02/2010 - 19:29:16 ----D- C:\Program Files\Windows Defender
O43 - CFD: 04/02/2010 - 19:29:20 ----D- C:\Program Files\Windows Journal
O43 - CFD: 07/02/2010 - 14:00:24 ----D- C:\Program Files\Windows Live
O43 - CFD: 07/02/2010 - 14:00:32 ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 17/12/2010 - 09:46:12 ----D- C:\Program Files\Windows Mail
O43 - CFD: 15/10/2010 - 09:39:46 ----D- C:\Program Files\Windows Media Player
O43 - CFD: 25/09/2007 - 09:30:54 ----D- C:\Program Files\Windows NT
O43 - CFD: 04/02/2010 - 19:29:18 ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/02/2010 - 19:29:20 ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 02/02/2011 - 20:15:02 ----D- C:\Program Files\ZHPDiag
O43 - CFD: 02/08/2010 - 10:40:40 ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 25/11/2007 - 15:00:36 ----D- C:\Program Files\Common Files\aol
O43 - CFD: 24/05/2007 - 21:52:04 ----D- C:\Program Files\Common Files\aolshare
O43 - CFD: 20/05/2008 - 11:06:50 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 18/12/2008 - 14:15:16 ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD: 30/05/2010 - 18:49:36 ----D- C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 30/05/2010 - 18:50:30 ----D- C:\Program Files\Common Files\HP
O43 - CFD: 24/05/2007 - 21:56:36 ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 05/01/2011 - 08:49:12 ----D- C:\Program Files\Common Files\Java
O43 - CFD: 07/02/2010 - 14:00:38 ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 24/05/2007 - 21:52:04 ----D- C:\Program Files\Common Files\Nullsoft
O43 - CFD: 13/02/2010 - 15:03:58 ----D- C:\Program Files\Common Files\Real
O43 - CFD: 24/05/2007 - 21:57:50 ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 17/09/2010 - 13:34:42 ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 24/05/2007 - 21:57:50 ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 12:18:34 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 24/05/2007 - 21:58:18 ----D- C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 06/04/2009 - 11:00:36 ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 04/02/2010 - 19:29:18 ----D- C:\Program Files\Common Files\System
O43 - CFD: 07/02/2010 - 13:25:28 ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 18/02/2008 - 19:03:50 -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 02/08/2010 - 10:40:30 ----D- C:\ProgramData\Adobe
O43 - CFD: 01/02/2010 - 17:27:22 ----D- C:\ProgramData\Alwil Software
O43 - CFD: 24/05/2007 - 21:52:46 ----D- C:\ProgramData\AOL
O43 - CFD: 20/05/2008 - 11:06:44 ----D- C:\ProgramData\Apple
O43 - CFD: 20/05/2008 - 11:13:26 ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Application Data
O43 - CFD: 24/05/2007 - 21:47:12 ----D- C:\ProgramData\Atheros
O43 - CFD: 29/01/2010 - 21:19:02 ----D- C:\ProgramData\Bluetooth
O43 - CFD: 12/09/2009 - 13:33:00 ----D- C:\ProgramData\Brother
O43 - CFD: 25/09/2007 - 09:30:54 -SH-D- C:\ProgramData\Bureau
O43 - CFD: 25/11/2007 - 15:00:04 ----D- C:\ProgramData\Ciel
O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Documents
O43 - CFD: 21/05/2010 - 13:39:22 ----D- C:\ProgramData\eMule
O43 - CFD: 25/09/2007 - 09:30:54 -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Favorites
O43 - CFD: 31/03/2009 - 10:59:58 ----D- C:\ProgramData\Google
O43 - CFD: 10/06/2010 - 11:10:06 ----D- C:\ProgramData\HP
O43 - CFD: 30/05/2010 - 18:52:52 ----D- C:\ProgramData\HP Product Assistant
O43 - CFD: 24/05/2007 - 21:58:32 ----D- C:\ProgramData\InstallShield
O43 - CFD: 05/04/2009 - 20:10:54 ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 25/09/2007 - 09:30:54 -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 19/11/2010 - 08:55:02 ----D- C:\ProgramData\Microsoft
O43 - CFD: 25/09/2007 - 09:30:54 -SH-D- C:\ProgramData\Modèles
O43 - CFD: 01/02/2009 - 11:41:24 ----D- C:\ProgramData\NCH Software
O43 - CFD: 24/05/2007 - 22:21:02 ----D- C:\ProgramData\OFFICE One v7
O43 - CFD: 22/07/2009 - 18:36:28 ----D- C:\ProgramData\Pinnacle
O43 - CFD: 23/11/2010 - 08:52:40 ----D- C:\ProgramData\Pixela
O43 - CFD: 23/04/2008 - 11:04:12 ----D- C:\ProgramData\Roxio
O43 - CFD: 17/09/2010 - 13:34:34 ----D- C:\ProgramData\Skype
O43 - CFD: 28/09/2007 - 18:38:26 ----D- C:\ProgramData\Sonic
O43 - CFD: 02/11/2006 - 14:02:04 -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 05/01/2011 - 08:49:14 ----D- C:\ProgramData\Sun
O43 - CFD: 06/04/2009 - 10:32:30 ----D- C:\ProgramData\Symantec
O43 - CFD: 02/11/2006 - 14:02:06 -SH-D- C:\ProgramData\Templates
O43 - CFD: 24/05/2007 - 21:51:48 ----D- C:\ProgramData\Viewpoint
O43 - CFD: 10/12/2009 - 11:50:36 ----D- C:\ProgramData\Vodafone
O43 - CFD: 30/05/2010 - 19:27:34 ----D- C:\ProgramData\WEBREG
O43 - CFD: 06/04/2009 - 09:53:20 ----D- C:\ProgramData\WinZip
O43 - CFD: 18/02/2008 - 18:57:42 ----D- C:\ProgramData\WLInstaller
O43 - CFD: 16/01/2009 - 19:09:48 ----D- C:\Users\Jeff\AppData\Roaming\Adobe
O43 - CFD: 26/09/2007 - 12:36:58 ----D- C:\Users\Jeff\AppData\Roaming\AOL
O43 - CFD: 20/05/2008 - 11:14:26 ----D- C:\Users\Jeff\AppData\Roaming\Apple Computer
O43 - CFD: 26/09/2007 - 12:10:46 ----D- C:\Users\Jeff\AppData\Roaming\ATI
O43 - CFD: 12/09/2009 - 13:42:48 R---D- C:\Users\Jeff\AppData\Roaming\Brother
O43 - CFD: 25/11/2007 - 14:58:30 ----D- C:\Users\Jeff\AppData\Roaming\Google
O43 - CFD: 17/12/2010 - 16:19:54 ----D- C:\Users\Jeff\AppData\Roaming\gtk-2.0
O43 - CFD: 10/06/2010 - 11:11:02 ----D- C:\Users\Jeff\AppData\Roaming\HP
O43 - CFD: 25/09/2007 - 09:40:20 ----D- C:\Users\Jeff\AppData\Roaming\Identities
O43 - CFD: 28/06/2010 - 16:41:38 ----D- C:\Users\Jeff\AppData\Roaming\InstallShield
O43 - CFD: 26/09/2007 - 12:36:56 ----D- C:\Users\Jeff\AppData\Roaming\Macromedia
O43 - CFD: 05/04/2009 - 20:11:00 ----D- C:\Users\Jeff\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:36 ----D- C:\Users\Jeff\AppData\Roaming\Media Center Programs
O43 - CFD: 17/02/2009 - 21:26:20 ----D- C:\Users\Jeff\AppData\Roaming\Media Player Classic
O43 - CFD: 21/02/2009 - 13:59:46 -S--D- C:\Users\Jeff\AppData\Roaming\Microsoft
O43 - CFD: 02/01/2009 - 17:41:56 ----D- C:\Users\Jeff\AppData\Roaming\Mozilla
O43 - CFD: 01/02/2009 - 11:43:06 ----D- C:\Users\Jeff\AppData\Roaming\NCH Software
O43 - CFD: 25/09/2007 - 09:40:52 ----D- C:\Users\Jeff\AppData\Roaming\OFFICE One v7
O43 - CFD: 01/02/2011 - 21:04:00 ----D- C:\Users\Jeff\AppData\Roaming\OFFICEOne7
O43 - CFD: 26/05/2010 - 10:10:42 ----D- C:\Users\Jeff\AppData\Roaming\OpenCandy
O43 - CFD: 25/11/2007 - 14:56:22 ----D- C:\Users\Jeff\AppData\Roaming\Packard Bell
O43 - CFD: 06/04/2008 - 12:34:20 ----D- C:\Users\Jeff\AppData\Roaming\Roxio
O43 - CFD: 28/07/2010 - 18:12:38 ----D- C:\Users\Jeff\AppData\Roaming\SFR
O43 - CFD: 10/12/2010 - 15:40:56 ----D- C:\Users\Jeff\AppData\Roaming\Skype
O43 - CFD: 10/12/2010 - 15:28:08 ----D- C:\Users\Jeff\AppData\Roaming\skypePM
O43 - CFD: 26/09/2007 - 12:28:16 ----D- C:\Users\Jeff\AppData\Roaming\Talkback
O43 - CFD: 04/12/2008 - 12:34:12 ----D- C:\Users\Jeff\AppData\Roaming\U3
O43 - CFD: 25/05/2010 - 13:27:34 ----D- C:\Users\Jeff\AppData\Roaming\Uniblue
O43 - CFD: 16/01/2010 - 20:56:20 ----D- C:\Users\Jeff\AppData\Roaming\uTorrent
O43 - CFD: 08/12/2009 - 17:38:44 ----D- C:\Users\Jeff\AppData\Roaming\Vodafone
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0932483DCDD04EF2B444049914A71BAC] - 02/02/2011 - 18:26:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1497408]
O44 - LFC:[MD5.216B546E0C55226B9F6EA051B215F681] - 02/02/2011 - 18:26:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [104940]
O44 - LFC:[MD5.48BCB1C6A953205B3800409C47F68F46] - 02/02/2011 - 18:26:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [128004]
O44 - LFC:[MD5.F236862A52C261771AF50A5045A87051] - 02/02/2011 - 18:26:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [595506]
O44 - LFC:[MD5.6BE51EFFFE1410F715246AEEE6E8072B] - 02/02/2011 - 18:26:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [678956]
O44 - LFC:[MD5.94ED12005489F87600ECFD7F68EE1200] - 02/02/2011 - 18:24:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1455193]
O44 - LFC:[MD5.45DC703C6A6094C320D5C6718DCBB089] - 02/02/2011 - 18:21:17 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1C4F3EB12E6AFFDDE0F4D0A8BD24D903] - 31/01/2011 - 13:00:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [850]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/01/2011 - 12:20:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/01/2011 - 12:20:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.8E15C9DD09C7052FA7C6DDCCD9C7FC56] - 30/01/2011 - 12:19:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\1ee9db43.exe [125932]
O44 - LFC:[MD5.2801F2CC60A4E0066E9A155F72C9E236] - 30/01/2011 - 12:19:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\splxsohkiloayyt.exe [63438]
O44 - LFC:[MD5.D3C1C07442BA26329D5FDB322117195E] - 24/01/2011 - 15:18:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\eb9b1927.dll [2640384]
O44 - LFC:[MD5.9892FB0F84762B2DBE83991D88DAA0BE] - 23/01/2011 - 20:31:09 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [145184]
O44 - LFC:[MD5.BAF5A550C038DFBCB9B3CE2A98F3B7D5] - 23/01/2011 - 20:31:09 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]
O44 - LFC:[MD5.D96314524D582DC820CCBF40F9CFDD69] - 23/01/2011 - 20:31:09 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472]
O44 - LFC:[MD5.DA66BD6AAA1AFA8A031DB0F8A1C75EDA] - 23/01/2011 - 20:31:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\jupdate-1.6.0_23-b05.log [3621]
O44 - LFC:[MD5.E626C0A8AB902420A8711762BCC902FA] - 19/01/2011 - 16:01:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\mhfgjxjkwztjuripj.dll [572416]
O44 - LFC:[MD5.5D7BE829371AA76225577742428F8254] - 05/01/2011 - 08:47:49 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [472808]
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll
O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm
O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\AOL Fast Start [Key] . (.AOL - AOL.) -- C:\Program Files\AOL 9.0 VR\AOL.exe
O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O53 - SMSR:HKLM\...\startupreg\Google Desktop Search [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O53 - SMSR:HKLM\...\startupreg\HostManager [Key] . (.America Online, Inc. - AOL.) -- C:\Program Files\Common Files\AOL\1180039809\ee\AOLSoftware.exe
O53 - SMSR:HKLM\...\startupreg\osCheck [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Norton Internet Security\osCheck.exe
O53 - SMSR:HKLM\...\startupreg\Picasa Media Detector [Key] . (.Google Inc. - Picasa.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
O53 - SMSR:HKLM\...\startupreg\RoxWatchTray [Key] . (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
O53 - SMSR:HKLM\...\startupreg\Symantec PIF AlertEng [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeertEng.dll
O53 - SMSR:HKLM\...\startupreg\toolbar_eula_launcher [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "UacDisableNotify"=0
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]
O58 - SDL:[MD5.1B6ED99291DDF5D2501554CC5757AAB6] - 06/05/2010 - 21:33:47 ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19024]
O58 - SDL:[MD5.58254E06B36B984E33AE314C0EA8F1A5] - 06/05/2010 - 21:34:10 ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [51792]
O58 - SDL:[MD5.3E2B6112D2766F87EDA8466FDE86A986] - 06/05/2010 - 21:34:27 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [23376]
O58 - SDL:[MD5.D78B644816DB540E103D0B0766FD9967] - 06/05/2010 - 21:39:00 ---A- . (.ALWIL Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [164048]
O58 - SDL:[MD5.606D731008D98B6EF946730C597C1642] - 06/05/2010 - 21:39:23 ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [46672]
O58 - SDL:[MD5.B600E2C287E9FB70FFBD7CC103C10BEE] - 21/12/2006 - 13:31:30 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [509440]
O58 - SDL:[MD5.252826C4BC88B01E945C2D3C6603F3B0] - 02/02/2007 - 15:09:40 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [2385920]
O58 - SDL:[MD5.A356E45E8432432C06981EA63A1E0FE8] - 30/10/2006 - 10:22:26 ---A- . (.ATI Technologies Inc. - ATI PCIE Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys [8192]
O58 - SDL:[MD5.97AFFA9D95FFE20EEE6229BC6BE166CF] - 14/12/2006 - 08:11:58 ---A- . (.ATK0100 - ATK0100 ACPI Utility.) -- C:\Windows\system32\drivers\ATKACPI.sys [7680]
O58 - SDL:[MD5.3F3F916DED2F55F7ABE3D02F23DCF572] - 14/11/2006 - 17:35:00 ---A- . (.America Online - ATW Protocol Driver.) -- C:\Windows\system32\drivers\atwpkt2.sys [25136]
O58 - SDL:[MD5.EFA36BB8CE262BAB069A7184EE0E0009] - 14/11/2006 - 17:35:15 ---A- . (.America Online - ATW Protocol Driver.) -- C:\Windows\system32\drivers\atwpkt264.sys [33592]
O58 - SDL:[MD5.B990976940E0E93B4932CCCB536F446D] - 21/09/2004 - 18:18:36 ---A- . (.Broadcom Corporation - USB Driver for Bluetooth Adapter.) -- C:\Windows\system32\drivers\bcbthub.sys [148830]
O58 - SDL:[MD5.7621340D31FB049A1257A9840C537C47] - 28/11/2006 - 14:53:14 ---A- . (.Bison Electronics. Inc. - Universal Serial Bus Camera Driver.) -- C:\Windows\system32\drivers\BisonCam.sys [847536]
O58 - SDL:[MD5.1D866FAF96D7369A1817AB208C04CF55] - 05/03/2007 - 20:51:24 ---A- . (.IVT Corporation. - Bluelet Audio Driver.) -- C:\Windows\system32\drivers\blueletaudio.sys [34576]
O58 - SDL:[MD5.8FC27B12A02B43947787F0EF1885DF9B] - 05/03/2007 - 21:00:04 ---A- . (.IVT Corporation. - Bluelet Audio Driver.) -- C:\Windows\system32\drivers\BlueletSCOAudio.sys [27792]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.D5D025B5F704817B42D13A3E443F7893] - 05/03/2007 - 21:01:18 ---A- . (.IVT Corporation. - Bluetooth USB Device Driver.) -- C:\Windows\system32\drivers\btcusb.sys [39184]
O58 - SDL:[MD5.DFCA4FE4C8AEC786B4D0F432EB730F48] - 05/03/2007 - 20:56:18 ---A- . (.IVT Corporation. - Bluetooth HID Manager Device Driver.) -- C:\Windows\system32\drivers\BtHidMgr.sys [35600]
O58 - SDL:[MD5.C5CCE2B26F73F8CF7F3C82159E79AA08] - 05/03/2007 - 20:59:04 ---A- . (.IVT Corporation. - Bluetooth PAN Network Adapter Driver.) -- C:\Windows\system32\drivers\btnetdrv.sys [18320]
O58 - SDL:[MD5.4F26303BECBB7CC5CA8FF39593124CF2] - 22/11/2006 - 13:41:18 ---A- . (.IVT Corporation. - Bluetooth Network Filter Driver.) -- C:\Windows\system32\drivers\BTNetFilter.sys [22416]
O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 24/07/2006 - 02:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [2432]
O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 24/07/2006 - 02:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560]
O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]
O58 - SDL:[MD5.19E6885A061011D8DABE8F64498423FA] - 17/03/2008 - 11:05:30 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [101632]
O58 - SDL:[MD5.4198F23618E7C8BCD24CC108C36F93A3] - 21/09/2004 - 18:18:36 ---A- . (.Broadcom - BBTFW_2_15_007.) -- C:\Windows\system32\drivers\fw203x.sys [116021]
O58 - SDL:[MD5.5DC17164F66380CBFEFD895C18467773] - 29/01/2008 - 11:01:28 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [16168]
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]
O58 - SDL:[MD5.F0435FE3C1EC2659D2BBF073CA0752EE] - 29/10/2008 - 15:35:00 ---A- . (.ZTE Incorporated - ZTE CDROM Filter.) -- C:\Windows\system32\drivers\massfilter.sys [7680]
O58 - SDL:[MD5.C2B26AF5DA2E31FD3221D2B21FAE6249] - 10/09/2009 - 13:53:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [19160]
O58 - SDL:[MD5.00C4A0992D4EA5520AC12DB4FD11C3E3] - 10/09/2009 - 13:54:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680]
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040]
O58 - SDL:[MD5.8DB0DBDEC7880E81B73B8E7E8E9A666A] - 29/04/2003 - 01:31:18 ---A- . (.OEM - OX16C95x Serial Device Driver.) -- C:\Windows\system32\drivers\OXSER.SYS [51169]
O58 - SDL:[MD5.F7BB4E7A7C02AB4A2672937E124E306E] - 27/09/2006 - 22:53:22 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [36560]
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.04BEF1C4AA990E0D5851C7532FC8642C] - 01/12/2006 - 06:38:00 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [1655464]
O58 - SDL:[MD5.FDDE6B3598660D3C51CB45EB3A95FE67] - 06/11/2006 - 03:01:20 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100 NDIS 5.1 Driver.) -- C:\Windows\system32\drivers\Rtnicxp.sys [51200]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.F6ACD9575B5D77673B979BB46FF6A837] - 11/02/2004 - 13:29:34 ---A- . (.Socket Communications, Inc. - WDM serial port device driver.) -- C:\Windows\system32\drivers\Sio9502k.sys [48076]
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]
O58 - SDL:[MD5.42A39AA7ED51616E36ADB5ABDDF8349B] - 23/03/2004 - 10:26:22 ---A- . (.Socket Communications, Inc. - WDM serial port device driver.) -- C:\Windows\system32\drivers\SktBt2k.sys [48556]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.24B43E9A3E6CACF9AFC69F48E9DEB690] - 22/11/2006 - 06:48:54 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [181304]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.CE643D0918123D76A5CAAB008FCA9663] - 05/03/2007 - 20:55:12 ---A- . (.IVT Corporation. - Bluetooth HID Enumerator Driver.) -- C:\Windows\system32\drivers\VBTEnum.sys [20880]
O58 - SDL:[MD5.51750B0539986186C6931FC40D171521] - 05/03/2007 - 20:52:18 ---A- . (.IVT Corporation. - Bluetooth Serial Port Driver.) -- C:\Windows\system32\drivers\VComm.sys [34448]
O58 - SDL:[MD5.6D9C891C0A761AFED1F3609C2E56F2B9] - 05/03/2007 - 20:53:18 ---A- . (.IVT Corporation. - Bluetooth VcommMgr Driver.) -- C:\Windows\system32\drivers\VCommMgr.sys [44304]
O58 - SDL:[MD5.B2A7F67DF95E5FFF5129734F854B7705] - 05/03/2007 - 20:57:14 ---A- . (.IVT Corporation. - Bluetooth HID Mini driver.) -- C:\Windows\system32\drivers\VHIDMini.sys [19472]
O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512]
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]
O58 - SDL:[MD5.0A716C08CB13C3A8F4F51E882DBF7416] - 01/11/2006 - 21:18:15 ---A- . (.America Online, Inc. - Wan Miniport (ATW).) -- C:\Windows\system32\drivers\wanatw4.sys [33588]
O58 - SDL:[MD5.85C3BAA151A6118B24D7701DDFC2D1EB] - 04/07/2003 - 02:58:34 ---A- . (.National Semiconductor Sweden AB - wssbt.) -- C:\Windows\system32\drivers\wssbtr1f.sys [63488]
O58 - SDL:[MD5.B8B466103280E45E391E876F05122607] - 15/10/2008 - 15:03:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys [104960]
O58 - SDL:[MD5.911BA85906BC7602C73441502ABFB565] - 13/10/2008 - 12:49:00 ---A- . (.ZTE Corporation. - USB NDIS Miniport Driver.) -- C:\Windows\system32\drivers\ZTEusbnet.sys [110080]
O58 - SDL:[MD5.69774B89725DDC4781E0EEB9809F3B20] - 29/10/2008 - 15:41:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbnmea.sys [105344]
O58 - SDL:[MD5.B8B466103280E45E391E876F05122607] - 15/10/2008 - 15:03:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbser6k.sys [104960]
O58 - SDL:[MD5.B8B466103280E45E391E876F05122607] - 15/10/2008 - 15:03:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbvoice.sys [104960]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.B600E2C287E9FB70FFBD7CC103C10BEE] - 21/12/2006 - 13:31:30 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\athr.sys [509440]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS [34672]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: Usbfix By C_XX & El Desaparecido - (.C_XX & El Desaparecido.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.ALWIL Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\System32\drivers\atapi.sys - Canal IDE (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - C:\Windows\System32\Drivers\dfsc.sys - Dfs Client Driver (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10741 (EraserUtilDrv10741) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10741
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(.Pas de propriétaire - Pas de description.) - LEGACY_IDSVIX86
O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - C:\Windows\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\System32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50
O64 - Services: CurCS - C:\Windows\System32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50
O64 - Services: CurCS - C:\Windows\System32\drivers\pciide.sys - pciide (pciide) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE
O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR
O64 - Services: CurCS - (.not file.) - SRTSPX (SRTSPX) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRTSPX
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS
O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT
O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW
O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDS
O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDISV
O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <aol.exe> <>[HKLM\..\Shell\open\Command] (.AOL - AOL.) -- C:\PROGRA~1\AOL9~1.0VR\aol.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} - (Durable.com) - http://www.durable.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.B561AE170381399A4D825E4731458679] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Jeff\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe [884512]
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{C4485286-1E7F-4475-98AD-E68DC0607FA2}" | In - Public - P6 - TRUE | .(.AOL LLC - AOL Autoconnect.) -- C:\Program Files\Common Files\aol\acs\AOLDial.exe
O87 - FAEL: "{4482B0D8-125A-4FD0-99C9-FD6518517D11}" | In - Public - P17 - TRUE | .(.AOL LLC - AOL Autoconnect.) -- C:\Program Files\Common Files\aol\acs\AOLDial.exe
O87 - FAEL: "{BD16DBA7-3938-4651-A078-89434B2691D5}" | In - Public - P6 - TRUE | .(.AOL LLC - AOL Connectivity Service.) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
O87 - FAEL: "{7F8EB742-0F25-4C2F-ABA3-F17BD94AF68E}" | In - Public - P17 - TRUE | .(.AOL LLC - AOL Connectivity Service.) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
O87 - FAEL: "{75023CA3-71EB-47B5-84D4-B6F3B3D4770B}" | In - Public - P6 - TRUE | .(.AOL, LLC. - AOL Software.) -- C:\Program Files\AOL 9.0 VR\waol.exe
O87 - FAEL: "{8061C73B-26E3-49AA-BC08-B96E86C00258}" | In - Public - P17 - TRUE | .(.AOL, LLC. - AOL Software.) -- C:\Program Files\AOL 9.0 VR\waol.exe
O87 - FAEL: "{5CF28A18-4973-438A-BCD4-209C11C21F0B}" | In - Public - P6 - TRUE | .(.AOL LLC - AOL TopSpeed.) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
O87 - FAEL: "{FA472820-C542-44B7-A9DF-C041AE4AF471}" | In - Public - P17 - TRUE | .(.AOL LLC - AOL TopSpeed.) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
O87 - FAEL: "{82189605-0F08-4CA1-BFA5-0A93F5FFD8EB}" | In - Public - P6 - TRUE | .(.AOL LLC - AOL Loader.) -- C:\Program Files\Common Files\aol\Loader\aolload.exe
O87 - FAEL: "{5E73B93B-BCE4-4936-B5D4-1347CFC75FAB}" | In - Public - P17 - TRUE | .(.AOL LLC - AOL Loader.) -- C:\Program Files\Common Files\aol\Loader\aolload.exe
O87 - FAEL: "{F761FB81-43F1-49D2-B376-428C1641D980}" | In - Public - P6 - TRUE | .(.AOL LLC - System Information Application.) -- C:\Program Files\Common Files\aol\System Information\sinf.exe
O87 - FAEL: "{A2E78BBC-2072-41CC-91A2-AFFE02798F17}" | In - Public - P17 - TRUE | .(.AOL LLC - System Information Application.) -- C:\Program Files\Common Files\aol\System Information\sinf.exe
O87 - FAEL: "{A9959F99-12EF-4564-A5CD-A54DD5EFCBD7}" | In - Public - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{E48A9989-A01F-470B-910D-044B0A648E43}" | In - Public - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{C5AF90CA-608B-40D7-9882-13BC960D051B}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{67AEB356-84A0-422C-A3E8-B6CA55444C24}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{A5813B68-95BE-4CC7-81F3-B9A180A0C34C}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{45D9B8C8-54DE-4C99-87F2-A584BF33DE15}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{58AF8569-962C-44B3-917D-7A95623A75F5}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{5372646A-8646-4B77-A572-EA9BBE5AB9A4}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{D758B1C1-DFD3-44E6-A06C-0BDC21AEA54E}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{7BE0C765-901E-4BD5-91F0-FD0547D98A11}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{63861214-B769-4F56-8928-10D4BB300A31}" | In - Public - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{AE369D16-DEAB-4613-B401-7C6DD1E5896A}" | In - Public - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "TCP Query User{194F9BF7-82E4-43BF-89F5-107F6927C93E}C:\program files\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{451BE23F-A43A-4898-B834-97F790B71AC4}C:\program files\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "{6F38E402-D24E-4A9B-9D02-4AEC168C4D67}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe (.not file.)
O87 - FAEL: "{87189187-7597-4D78-BB12-9ED3C25D2A42}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe (.not file.)
O87 - FAEL: "{11C627BE-F1F2-41A3-954C-3FF79F0CFC24}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe (.not file.)
O87 - FAEL: "{1EF8A818-FE71-421F-8507-9DDFD1FBC501}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe (.not file.)
O87 - FAEL: "{46C5DF63-C805-4F03-A537-D75FD63F2B90}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe (.not file.)
O87 - FAEL: "{78077C35-695F-4C98-B107-27723EFB898D}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe (.not file.)
O87 - FAEL: "{ADB197A4-7A31-471B-9317-A42453AB71F1}" | In - Public - P6 - TRUE | .(.IVT Corporation. - Bluetooth Application.) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O87 - FAEL: "{B78101C1-1EE8-471F-BFE2-02088922FED6}" | In - Public - P17 - TRUE | .(.IVT Corporation. - Bluetooth Application.) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O87 - FAEL: "{025E0E2E-AA1D-4749-B1CF-050A007B33E6}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O87 - FAEL: "{511CD7E9-E37E-4525-BEC5-9AB101598B90}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "TCP Query User{67559FB4-3DA3-442B-9B18-B65B7761BB6A}C:\program files\real\realplayer\realplay.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "UDP Query User{B52F19DE-F4FC-4A56-80A3-8583FEB8E903}C:\program files\real\realplayer\realplay.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "TCP Query User{E1101309-3DDF-485E-B6AF-55027EE81B22}C:\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{5660E82E-A3C2-477B-A437-FD269B17F4BF}C:\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "{47B69421-B04F-441A-90A4-E0D2941DD6B9}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 23/10/2006 46640 | (AOL ACS) . (.AOL LLC.) - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
SR - | Auto 26/03/2009 132424 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SR - | Auto 05/02/2007 94208 | (ASLDRService) . (.Pas de propriétaire.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 02/02/2007 565248 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe
SR - | Auto 06/05/2010 40384 | (avast! Antivirus) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 06/05/2010 40384 | (avast! Mail Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 06/05/2010 40384 | (avast! Web Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 29/08/2008 238888 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 05/08/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 26/05/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Demand 30/03/2008 504104 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Disabled 30/03/2008 0 | (Planificateur LiveUpdate automatique) . (.Pas de propriétaire.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
SR - | Demand 11/01/2007 887544 | (RoxMediaDB9) . (.Sonic Solutions.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
SR - | Auto 11/01/2007 166648 | (RoxWatch9) . (.Sonic Solutions.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
SS - | Demand 14/09/2006 73728 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Run by Jeff at 02/02/2011 20:16:16
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 nt!IofCallDriver[0x82C4614B] -> \Device\Harddisk0\DR0[0x85AAE980]
3 CLASSPNP[0x884588B3] -> nt!IofCallDriver[0x82C4614B] -> [0x8596AC10]
5 acpi[0x836436BC] -> nt!IofCallDriver[0x82C4614B] -> \Device\Ide\IdeDeviceP0T0L0-1[0x859678A0]
kernel: MBR read successfully
user & kernel MBR OK
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Jeff at 02/02/2011 20:16:16
Use the desktop link 'MBRCheck' to have full report
End of the scan (1130 lines in 01mn 28s)(0)
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4052
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999
03/02/2011 21:51:26
mbam-log-2011-02-03 (21-51-26).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 238776
Temps écoulé: 1 heure(s), 7 minute(s), 8 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Windows\System32\eb9b1927.dll (Trojan.Vundo.H) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58c26a4c-608f-17df-3fd6-402ebdc5af04} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{58c26a4c-608f-17df-3fd6-402ebdc5af04} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{58c26a4c-608f-17df-3fd6-402ebdc5af04} (Trojan.Vundo.H) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kdbaurnjgzuisaq (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\System32\eb9b1927.dll (Trojan.Vundo.H) -> No action taken.
C:\Windows\System32\mhfgjxjkwztjuripj.dll (Trojan.Agent) -> No action taken.
############################## | UsbFix 7.019 | [Recherche]
Utilisateur: Jeff (Administrateur) # LOSSANTOS [PACKARD BELL BV EasyNote_MX36]
Mis à jour le 03/08/10 par El Desaparecido / C_XX
Lancé à 22:11:01 | 03/02/2011
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Genuine Intel(R) CPU T2080 @ 1.73GHz
CPU 2: Genuine Intel(R) CPU T2080 @ 1.73GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18999
Pare-feu Windows: Activé
Antivirus: avast! antivirus 4.8.1296 [VPS 081224-0] 4.8.1296 [Enabled | Updated]
RAM -> 1791 Mo
C:\ (%systemdrive%) -> Disque fixe # 141 Go (50 Go libre(s) - 36%) [HDD] # NTFS
D:\ -> CD-ROM
F:\ -> Disque fixe # 466 Go (419 Go libre(s) - 90%) [Expansion Drive] # NTFS
################## | Éléments infectieux |
Présent! C:\Windows\Prefetch\I.EXE-9396405C.pf
################## | Registre |
################## | Mountpoints2 |
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | E.O.F |
bonjour
- [lien=tutoriel nettoyage,0000BF]http://forum-aide-contre-virus.be/tutoriel_usbfix.html#suppression[/lien]
- Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectés sans les ouvrir
- Double clique sur le raccourci UsbFix présent sur ton bureau
...
bonjour
- tutoriel nettoyage
- Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectés sans les ouvrir
- Double clique sur le raccourci UsbFix présent sur ton bureau
... et poursuivre la lecture!
############################## | UsbFix 7.019 | [Suppression]
Utilisateur: Jeff (Administrateur) # LOSSANTOS [PACKARD BELL BV EasyNote_MX36]
Mis à jour le 03/08/10 par El Desaparecido / C_XX
Lancé à 18:05:49 | 04/02/2011
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Genuine Intel(R) CPU T2080 @ 1.73GHz
CPU 2: Genuine Intel(R) CPU T2080 @ 1.73GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18999
Pare-feu Windows: Activé
Antivirus: avast! antivirus 4.8.1296 [VPS 081224-0] 4.8.1296 [Enabled | Updated]
RAM -> 1791 Mo
C:\ (%systemdrive%) -> Disque fixe # 141 Go (51 Go libre(s) - 36%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 2 Go (2 Go libre(s) - 93%) [USB DISK] # FAT32
F:\ -> Disque fixe # 466 Go (419 Go libre(s) - 90%) [Expansion Drive] # NTFS
################## | Éléments infectieux |
Supprimé! F:\Autorun.inf
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[04/02/2011 - 18:08:46 | SHD ] C:\$Recycle.Bin
[22/05/2010 - 19:04:16 | D ] C:\ATI
[18/09/2006 - 22:43:36 | A | 24] C:\autoexec.bat
[05/08/2010 - 10:03:45 | RASHD ] C:\Autorun.inf
[04/02/2010 - 19:37:51 | SHD ] C:\boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[25/05/2007 - 07:04:27 | RAS | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 22:43:37 | A | 10] C:\config.sys
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[12/09/2009 - 13:26:56 | D ] C:\drivers
[04/02/2011 - 17:48:05 | ASH | 1878286336] C:\hiberfil.sys
[17/09/2010 - 13:28:44 | RASH | 0] C:\IO.SYS
[24/05/2007 - 21:52:53 | AH | 1808] C:\IPH.PH
[03/02/2011 - 20:43:00 | A | 127] C:\mbam-error.txt
[17/09/2010 - 13:28:44 | RASH | 0] C:\MSDOS.SYS
[04/02/2011 - 17:48:02 | ASH | 2192084992] C:\pagefile.sys
[25/12/2008 - 11:58:58 | D ] C:\PerfLogs
[02/02/2011 - 20:11:56 | D ] C:\Program Files
[05/01/2011 - 08:49:12 | D ] C:\ProgramData
[24/05/2007 - 21:46:05 | A | 335] C:\RHDSetup.log
[04/02/2011 - 18:05:04 | SHD ] C:\System Volume Information
[02/02/2011 - 20:10:17 | D ] C:\tools
[04/02/2011 - 18:08:46 | D ] C:\UsbFix
[04/02/2011 - 18:05:50 | A | 2238] C:\UsbFix.txt
[05/08/2010 - 10:03:46 | A | 2270] C:\UsbFix_Upload_Me_LOSSANTOS.zip
[23/11/2007 - 09:47:59 | RD ] C:\Users
[25/05/2007 - 09:23:30 | HD ] C:\WAUUPGRD
[03/02/2011 - 22:21:23 | D ] C:\Windows
[27/01/2010 - 10:34:32 | AD ] E:\Jeune Public Jeff
[27/01/2010 - 10:35:08 | AD ] E:\Nouveau spectacle
[03/03/2010 - 12:51:24 | AD ] E:\TEXTES DIVERS
[30/03/2010 - 11:28:14 | A | 49116682] E:\Le parasol court I.wmv
[21/01/2009 - 16:23:54 | AD ] E:\LES FIGURES LIBRES DE JEFF
[12/03/2010 - 11:54:40 | HD ] E:\.Trashes
[27/10/2010 - 19:50:50 | A | 314522] E:\Movie Film Processing.pdf
[04/02/2010 - 11:57:22 | D ] E:\Textes en Cours STUPIDE
[05/08/2010 - 00:55:08 | RASHD ] E:\Autorun.inf
[01/11/2010 - 11:00:36 | A | 632409] E:\Mode emploi M305.jpg
[21/04/2010 - 09:34:18 | D ] E:\Compagnie
[14/11/2010 - 11:04:56 | A | 3908127] E:\5523890-Sankyo_Xl-60s_Super_8_Camera_Manual.pdf
[29/10/2010 - 11:16:18 | A | 4232379] E:\5390106-Agfa_Movector_2000_Manual_De_Nl_Fr_Uk_It_Sp_Se_Da.pdf
[21/11/2010 - 15:21:08 | A | 3500826] E:\Instrumentale - Karaoke - LIZA MINELLI - New York, New Yor.mp3
[10/12/2010 - 08:23:58 | A | 9428848] E:\02 All that Jazz (Chicago).mp3
[12/03/2010 - 11:54:40 | AH | 4096] E:\._.Trashes
[15/12/2010 - 19:45:26 | AH | 15364] E:\.DS_Store
[16/06/2009 - 10:50:38 | ASH | 442368] E:\SIV57.tmp
[21/12/2010 - 17:05:50 | A | 4258740] E:\Amy Whinehouse - 2006 - Back to Black - 1.mp3
[05/03/2009 - 21:16:18 | AH | 296] E:\WMPInfo.xml
[21/12/2010 - 17:08:10 | A | 3323220] E:\Amy Whinehouse - 2006 - Back to Black - 2.mp3
[21/12/2010 - 17:11:42 | A | 5116020] E:\Amy Whinehouse - 2006 - Back to Black - 3.mp3
[21/12/2010 - 17:13:52 | A | 3061140] E:\Amy Whinehouse - 2006 - Back to Black - 4.mp3
[21/12/2010 - 17:16:38 | A | 3859380] E:\Amy Whinehouse - 2006 - Back to Black - 5.mp3
[21/12/2010 - 17:20:14 | A | 4804020] E:\Amy Whinehouse - 2006 - Back to Black - 6.mp3
[21/12/2010 - 17:23:10 | A | 3108180] E:\Amy Whinehouse - 2006 - Back to Black - 7.mp3
[21/12/2010 - 17:26:48 | A | 3725460] E:\Amy Whinehouse - 2006 - Back to Black - 8.mp3
[21/12/2010 - 17:31:12 | A | 4426740] E:\Amy Whinehouse - 2006 - Back to Black - 9.mp3
[21/12/2010 - 17:33:28 | A | 2833620] E:\Amy Whinehouse - 2006 - Back to Black - 10.mp3
[21/12/2010 - 17:35:48 | A | 3316980] E:\Amy Whinehouse - 2006 - Back to Black - 11.mp3
[04/02/2011 - 18:08:46 | SHD ] F:\$RECYCLE.BIN
[12/12/2010 - 17:37:45 | D ] F:\Cam
[12/12/2010 - 16:55:08 | D ] F:\Cam ordi sophie
[13/01/2011 - 09:25:28 | D ] F:\Jeff
[01/01/2011 - 18:04:37 | D ] F:\Photo montage visage
[13/10/2010 - 00:18:28 | D ] F:\Seagate
[16/01/2009 - 08:14:08 | A | 156312] F:\Setup.exe
[03/12/2010 - 15:37:56 | SHD ] F:\System Volume Information
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_LOSSANTOS.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Merci de votre contribution.
################## | E.O.F |
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 14 invités
.: Nous contacter :: Flux RSS :: Données personnelles :. |