[Régle] AdAware.ClickPotato

Ask to Old Man · le 28 Avr 2011 21:41

Bonsoir,

je suis une nouvelle victime du fameux virus d'msn.
en effet des mails s'envoient automatiquement à tous mes contacts... grrrr :evil:

j'ai parcouru quelques post à ce sujet et commencé la demarche à effectuer, si quelqu'un veut bien prendre le temps de m'aider s'il vous plait.

voici le rapport fait par ZHP:

Code: Tout sélectionner: Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011 Run by Amélie at 28/04/2011 22:25:58 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) ---\\ System Information Windows 7 Home Premium Edition, 64-bit (Build 7600) Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3956 MB (51% free) System Restore: Activé (Enable) System drive C: has 106 GB (73%) free of 145 GB ---\\ Logged in mode Computer Name: AMÉLIE-PC User Name: Amélie All Users Names: Amélie, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%= %LocalAppData%= %StartMenu%= ---\\ DOS/Devices A:\ Hard drive, Flash drive, Thumb drive (Free 137 Go of 138 Go) C:\ Hard drive, Flash drive, Thumb drive (Free 106 Go of 145 Go) D:\ CD-ROM drive (Not Inserted) E:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go) F:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 7 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 07:23:14.) -- C:\Windows\Explorer.exe [2870272] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/04/2011 08:55:33.) -- C:\Windows\system32\wininet.dll [1126912] ---\\ Processus lancés [MD5.1E14A26E0EA1C47103BDE6A260CCF009] - (.Pas de propriétaire - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe [781536] [MD5.BF03365A9F23F27F717A21A0CE926151] - (.SoftThinks - Dell - Dell DataSafe Local Backup.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe [1853248] [MD5.80B62FF105908EC9E4B072AFB1CFC824] - (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744] [MD5.0647EF247A5D0402E74FE89F5F6A8A11] - (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160] [MD5.00D1FB0073B4A8BD2989EA8FF4CC792B] - (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064] [MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496] [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064] [MD5.AEEC0405A1C587562275AB20CC6E3521] - (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Windows\Temp\svhost.exe [1169224] [MD5.885F90697A42F998EC919A143BFAE5CD] - (.Pinball Corporation. - ClickPotato Search assistant.) -- C:\Program Files (x86)\ClickPotatoLite\bin\10.0.668.0\ClickPotatoLiteSA.exe [742192] [MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [11322880] [MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [11314688] [MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe [233936] [MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748336] [MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Users\Amélie\Desktop\ZHPDiag\ZHPDiag.exe [644608] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110414200035.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [rundll32] . (...) -- C:\Users\Amélie\AppData\Local\Temp\rundll32 .exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [Desktop Disc Tool] . (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe O4 - HKLM\..\Wow6432Node\Run: [DellSupportCenter] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Wow6432Node\Run: [ClickPotatoLiteSA] . (.Pinball Corporation. - ClickPotato Search assistant.) -- C:\Program Files (x86)\ClickPotatoLite\bin\10.0.668.0\ClickPotatoLiteSA.exe O4 - HKLM\..\Wow6432Node\RunOnce: [Launcher] . (.Softthinks - VistaLauncher.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe O4 - HKLM\..\Wow6432Node\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exeam Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (.not file.) O4 - HKLM\..\Wow6432Node\RunOnce: [STToasterLauncher] . (.Pas de propriétaire - ToasterLauncher.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\..\Run: [rundll32] . (...) -- C:\Users\Amélie\AppData\Local\Temp\rundll32 .exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.) O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk . (...) -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe (.not file.) O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{09F74FE1-7DF0-4BD0-ADBD-53EEC3AECA80}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpNameServer = 13.36.0.1 13.36.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{09F74FE1-7DF0-4BD0-ADBD-53EEC3AECA80}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpNameServer = 13.36.0.1 13.36.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{09F74FE1-7DF0-4BD0-ADBD-53EEC3AECA80}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpNameServer = 13.36.0.1 13.36.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpDomain = CD-DL.TEST O17 - HKLM\System\CS1\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpDomain = CD-DL.TEST O17 - HKLM\System\CS2\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpDomain = CD-DL.TEST O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: C:\Windows\system32\Alg.exe (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McODS) . (.McAfee, Inc. - McAfee VirusScan On-Demand Scan.) - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: (McOobeSv) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe O23 - Service: (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe O23 - Service: (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc. - SupportSoft Agent Service.) - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe O23 - Service: (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) [MD5.1F83CB91A9830038DBE7CD1BA1921205] [APT] [Administrator - Start WLAN Tray Applet] (.Dell Inc..) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\System32\DRIVERS\mfenlfk.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM][64Bits] -- {055EE59D-217B-43A7-ABFF-507B966405D8} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Photoshop CS5 Portable - (.Adobe.) [HKLM][64Bits] -- {61172A5D-60AA-43BE-958F-90451024E768}_is1 O42 - Logiciel: Adobe Reader 9.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM][64Bits] -- Advanced Audio FX Engine O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {71E015CC-52DA-4536-AF0C-C643BA1E45FB} O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} O42 - Logiciel: ClickPotato - (.Pinball Corporation..) [HKLM][64Bits] -- ClickPotatoLiteSA O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM][64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Dell DataSafe Local Backup - (.Dell.) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04} O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM][64Bits] -- Dell Dock O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} O42 - Logiciel: Dell Support Center (Logiciel de support) - (.Dell.) [HKLM][64Bits] -- {E3BFEE55-39E2-4BE0-B966-89FE583822C1} O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central O42 - Logiciel: Dell Wireless WLAN Card Utility - (.Dell Inc..) [HKLM] -- Dell Wireless WLAN Card Utility O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Java(TM) 6 Update 22 (64-bit) - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416022FF} O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0} O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: Live! Cam Avatar Creator - (.Creative Technology Ltd.) [HKLM][64Bits] -- {65D0C510-D7B6-4438-9FC8-E6B91115AB0D} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: McAfee Security Center - (.McAfee, Inc..) [HKLM][64Bits] -- MSC O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-0070-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {052bac4a-6f79-46d4-a024-1ce1b4f73cd4} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: O42 - Logiciel: eBay - (.eBay Inc..) [HKLM][64Bits] -- {A8B88634-7F90-402F-B66A-86429755F6A5} - (.Pas de propriétaire.) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49} O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {05653DE1-6567-40C6-B930-39D399B64369} O42 - Logiciel: Quickset64 - (.Dell Inc..) [HKLM] -- {87CF757E-C1F1-4D22-865C-00C6950B5258} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {A33E7B0C-B99C-4EC9-B702-8A328B161AF9} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E} O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM][64Bits] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B} O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F} O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F} O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast O42 - Logiciel: eBay - (.eBay Inc..) [HKLM][64Bits] -- {A8B88634-7F90-402F-B66A-86429755F6A5} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ATI] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\ShoppingReport2] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Broadcom] [HKCU\Software\Brother] [HKCU\Software\Classes] [HKCU\Software\Creative Tech] [HKCU\Software\DC3_FEXEC] [HKCU\Software\Dell] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Macromedia] [HKCU\Software\McAfee] [HKCU\Software\Netscape] [HKCU\Software\OpenOffice.org] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Softonic] [HKCU\Software\SupportSoft] [HKCU\Software\Widcomm] [HKCU\Software\Wow6432Node] [HKCU\Software\clickpotatolitesa] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\Alps] [HKLM\Software\BcmSetup] [HKLM\Software\Broadcom] [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\ClickPotatoLite] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\Creative] [HKLM\Software\DELL] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\Dell] [HKLM\Software\Google] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Macromedia] [HKLM\Software\McAfee.com] [HKLM\Software\McAfeeInstaller] [HKLM\Software\McAfee] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC-Doctor] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Roxio] [HKLM\Software\SRS Labs] [HKLM\Software\SoftThinks] [HKLM\Software\Sonic] [HKLM\Software\Stardock] [HKLM\Software\SupportSoft] [HKLM\Software\VideoLAN] [HKLM\Software\Widcomm] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 14/04/2011 - 19:09:26 - [169666578] ----D- C:\Program Files\AVAST Software O43 - CFD: 30/01/2011 - 06:27:40 - [103444714] ----D- C:\Program Files\Common Files O43 - CFD: 30/01/2011 - 06:22:56 - [45260949] ----D- C:\Program Files\Dell O43 - CFD: 30/01/2011 - 06:00:48 - [14167234] ----D- C:\Program Files\Dell Inc O43 - CFD: 30/01/2011 - 07:49:54 - [17507100] ----D- C:\Program Files\DellTPad O43 - CFD: 14/07/2009 - 17:35:28 - [90257428] ----D- C:\Program Files\DVD Maker O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 16/04/2011 - 09:58:24 - [6202240] ----D- C:\Program Files\Internet Explorer O43 - CFD: 30/01/2011 - 06:00:38 - [80648844] ----D- C:\Program Files\Java O43 - CFD: 30/01/2011 - 06:28:42 - [229912555] ----D- C:\Program Files\mcafee O43 - CFD: 30/01/2011 - 06:27:38 - [2505805] ----D- C:\Program Files\mcafee.com O43 - CFD: 14/07/2009 - 17:35:26 - [149236786] ----D- C:\Program Files\Microsoft Games O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 29/01/2011 - 22:53:54 - [12692992] ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 30/01/2011 - 06:04:50 - [148002168] ----D- C:\Program Files\WIDCOMM O43 - CFD: 14/07/2009 - 17:24:10 - [4039168] ----D- C:\Program Files\Windows Defender O43 - CFD: 14/07/2009 - 17:35:28 - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 30/01/2011 - 06:16:54 - [7755583] ----D- C:\Program Files\Windows Live O43 - CFD: 16/04/2011 - 09:43:44 - [6667264] ----D- C:\Program Files\Windows Mail O43 - CFD: 30/01/2011 - 07:49:16 - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 14/04/2011 - 13:20:32 - [12627124] ----D- C:\Program Files\Windows NT O43 - CFD: 14/07/2009 - 17:24:10 - [5516568] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 14/07/2009 - 17:24:10 - [7191662] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 30/01/2011 - 06:27:40 - [30856659] ----D- C:\Program Files\Common Files\mcafee O43 - CFD: 15/04/2011 - 10:10:24 - [59966614] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 14/07/2009 - 17:24:10 - [12009971] ----D- C:\Program Files\Common Files\System O43 - CFD: 26/04/2011 - 21:41:58 - [0] ----D- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 O43 - CFD: 30/01/2011 - 06:21:28 - [769] ----D- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 30/01/2011 - 06:41:46 - [188] ----D- C:\ProgramData\ATI O43 - CFD: 14/04/2011 - 19:09:26 - [5744512] ----D- C:\ProgramData\AVAST Software O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 28/04/2011 - 10:34:18 - [3109337] ----D- C:\ProgramData\ClickPotatoLiteSA O43 - CFD: 14/04/2011 - 14:29:00 - [11402] ----D- C:\ProgramData\Creative O43 - CFD: 14/04/2011 - 13:27:12 - [1722756] ----D- C:\ProgramData\Dell O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 30/01/2011 - 06:33:08 - [3552773] ----D- C:\ProgramData\Macrovision O43 - CFD: 14/04/2011 - 14:28:10 - [33232329] ----D- C:\ProgramData\McAfee O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 14/04/2011 - 21:11:06 - [1235901340] -S--D- C:\ProgramData\Microsoft O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 30/01/2011 - 06:22:42 - [0] ----D- C:\ProgramData\PCDr O43 - CFD: 30/01/2011 - 06:33:16 - [5785] ----D- C:\ProgramData\Sonic O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 30/01/2011 - 06:00:22 - [189] ----D- C:\ProgramData\Sun O43 - CFD: 30/01/2011 - 06:22:44 - [6222951] ----D- C:\ProgramData\SupportSoft O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 30/01/2011 - 06:33:20 - [11492018] ----D- C:\ProgramData\Uninstall O43 - CFD: 28/04/2011 - 22:25:44 - [8845980] -S--D- C:\Users\Amélie\AppData\Roaming\Microsoft O43 - CFD: 27/04/2011 - 21:28:56 - [2501312] ----D- C:\Users\Amélie\AppData\Roaming\Adobe O43 - CFD: 14/04/2011 - 13:27:40 - [0] ----D- C:\Users\Amélie\AppData\Roaming\ATI O43 - CFD: 21/04/2011 - 17:23:50 - [0] R---D- C:\Users\Amélie\AppData\Roaming\Brother O43 - CFD: 26/04/2011 - 21:41:58 - [0] ----D- C:\Users\Amélie\AppData\Roaming\ClickPotatoLite O43 - CFD: 14/04/2011 - 14:29:00 - [402] ----D- C:\Users\Amélie\AppData\Roaming\Creative O43 - CFD: 14/04/2011 - 13:27:56 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Dell O43 - CFD: 14/04/2011 - 13:26:58 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Identities O43 - CFD: 14/04/2011 - 13:50:02 - [6183] ----D- C:\Users\Amélie\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Media Center Programs O43 - CFD: 15/04/2011 - 22:55:30 - [1508337] ----D- C:\Users\Amélie\AppData\Roaming\OpenOffice.org O43 - CFD: 14/04/2011 - 13:27:42 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Roxio O43 - CFD: 22/04/2011 - 13:00:54 - [510191357] ----D- C:\Users\Amélie\Appdata\Local\Microsoft O43 - CFD: 27/04/2011 - 22:16:34 - [184997] ----D- C:\Users\Amélie\Appdata\Local\Adobe O43 - CFD: 14/04/2011 - 13:20:42 - [0] -SH-D- C:\Users\Amélie\Appdata\Local\Application Data O43 - CFD: 14/04/2011 - 13:27:40 - [59950] ----D- C:\Users\Amélie\Appdata\Local\ATI O43 - CFD: 14/04/2011 - 13:27:40 - [0] ----D- C:\Users\Amélie\Appdata\Local\Broadcom O43 - CFD: 14/04/2011 - 13:20:42 - [0] -SH-D- C:\Users\Amélie\Appdata\Local\Historique O43 - CFD: 28/04/2011 - 10:29:52 - [2026] ----D- C:\Users\Amélie\Appdata\Local\SoftThinks O43 - CFD: 14/04/2011 - 13:27:46 - [325] ----D- C:\Users\Amélie\Appdata\Local\Stardock_Corporation O43 - CFD: 14/04/2011 - 13:27:38 - [4235772] ----D- C:\Users\Amélie\Appdata\Local\SupportSoft O43 - CFD: 28/04/2011 - 22:25:48 - [35687948] ----D- C:\Users\Amélie\Appdata\Local\Temp O43 - CFD: 14/04/2011 - 13:20:42 - [0] -SH-D- C:\Users\Amélie\Appdata\Local\Temporary Internet Files O43 - CFD: 16/04/2011 - 09:49:06 - [300318] ----D- C:\Users\Amélie\Appdata\Local\VirtualStore O43 - CFD: 28/04/2011 - 10:30:58 - [45056] ----D- C:\Users\Amélie\Appdata\Local\Windows Live O43 - CFD: 27/04/2011 - 21:27:30 - [633785912] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 30/01/2011 - 06:03:12 - [86040640] ----D- C:\Program Files (x86)\ATI Technologies O43 - CFD: 30/01/2011 - 06:07:42 - [3598306] ----D- C:\Program Files (x86)\Cisco O43 - CFD: 26/04/2011 - 21:41:58 - [1650773] ----D- C:\Program Files (x86)\ClickPotatoLite O43 - CFD: 15/04/2011 - 09:07:38 - [329182313] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 30/01/2011 - 06:09:38 - [14953390] ----D- C:\Program Files (x86)\Creative O43 - CFD: 30/01/2011 - 06:08:38 - [114688] ----D- C:\Program Files (x86)\Creative Live! Cam O43 - CFD: 28/04/2011 - 10:30:10 - [219443830] ----D- C:\Program Files (x86)\Dell DataSafe Local Backup O43 - CFD: 30/01/2011 - 06:22:34 - [105421026] ----D- C:\Program Files (x86)\Dell Support Center O43 - CFD: 30/01/2011 - 06:09:30 - [264797136] ----D- C:\Program Files (x86)\Dell Webcam O43 - CFD: 30/01/2011 - 06:27:36 - [934781] ----D- C:\Program Files (x86)\eBay O43 - CFD: 30/01/2011 - 06:29:58 - [20261272] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 30/01/2011 - 06:08:08 - [12901959] ----D- C:\Program Files (x86)\Intel O43 - CFD: 16/04/2011 - 09:58:24 - [5154168] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 15/04/2011 - 10:14:34 - [180805475] ----D- C:\Program Files (x86)\Java O43 - CFD: 14/04/2011 - 13:20:48 - [432909] ----D- C:\Program Files (x86)\McAfee O43 - CFD: 30/01/2011 - 06:27:40 - [428064] ----D- C:\Program Files (x86)\mcafee.com O43 - CFD: 14/04/2011 - 13:52:32 - [0] ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 30/01/2011 - 06:32:26 - [6423243] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 21/04/2011 - 09:07:04 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 30/01/2011 - 06:17:54 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 16/04/2011 - 09:52:02 - [15715] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 15/04/2011 - 10:15:38 - [370627109] ----D- C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 30/01/2011 - 06:33:06 - [13525265] ----D- C:\Program Files (x86)\Roxio O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 26/04/2011 - 23:20:22 - [82679395] ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 16/04/2011 - 02:18:22 - [177028360] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 16/04/2011 - 09:43:42 - [6180864] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 30/01/2011 - 07:49:16 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 14/07/2009 - 17:24:10 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 14/07/2009 - 17:24:10 - [5994114] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 27/04/2011 - 21:28:12 - [4605470] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 30/01/2011 - 06:01:48 - [3668633] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 15/04/2011 - 09:07:38 - [1247175] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 30/01/2011 - 06:28:42 - [3653351] ----D- C:\Program Files (x86)\Common Files\mcafee O43 - CFD: 30/01/2011 - 06:30:36 - [21191290] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 30/01/2011 - 06:08:10 - [166332] ----D- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 30/01/2011 - 06:33:08 - [305088] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 30/01/2011 - 06:09:32 - [4221400] ----D- C:\Program Files (x86)\Common Files\Reallusion O43 - CFD: 30/01/2011 - 06:33:08 - [6470778] ----D- C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 30/01/2011 - 06:33:08 - [372019] ----D- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 30/01/2011 - 06:22:28 - [7526487] ----D- C:\Program Files (x86)\Common Files\supportsoft O43 - CFD: 14/07/2009 - 17:24:10 - [10102259] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 30/01/2011 - 06:11:34 - [224545546] ----D- C:\Program Files (x86)\Common Files\Windows Live ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.220000000000000000000000A8EF1800] - 28/04/2011 - 21:18:52 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2011571] O44 - LFC:[MD5.CF77E58C6C796DFD5C7650FE0AFA211F] - 28/04/2011 - 20:15:36 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.1D7BA9095309BF00DBC4FEDBF7FFC832] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.E86C11FB6B5D2F257F8DC4196B208976] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106388] O44 - LFC:[MD5.32E6A5139968E5B59E31034FE9B7994C] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130754] O44 - LFC:[MD5.214E528064ECE0F3F26F77F36BD4D3C8] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616008] O44 - LFC:[MD5.54EED1F3AEFF9B9D27AD10AA205DFC97] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704480] O44 - LFC:[MD5.21B0D5541913D57F3D46AE5967861F84] - 28/04/2011 - 09:34:35 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14240] O44 - LFC:[MD5.21B0D5541913D57F3D46AE5967861F84] - 28/04/2011 - 09:34:35 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14240] O44 - LFC:[MD5.44B80BD81817CBAFDED60B8D17B9E7FC] - 28/04/2011 - 09:29:03 ---A- . (...) -- C:\Windows\setupact.log [22735] O44 - LFC:[MD5.32ADA6252048D2FCB1006AB598160D1B] - 28/04/2011 - 09:26:52 ---A- . (...) -- C:\Windows\PFRO.log [13236] O44 - LFC:[MD5.C6D9924A98FFF222C3EFB48B18FF944C] - 21/04/2011 - 16:22:35 ---A- . (...) -- C:\Windows\BRPP2KA.INI [27] O44 - LFC:[MD5.96AB5888BC087FACFDB69D0956738724] - 21/04/2011 - 16:22:35 ---A- . (...) -- C:\Windows\BRWMARK.INI [434] O44 - LFC:[MD5.446C0D7AA4BA022B43BA37E78A40105B] - 16/04/2011 - 08:58:04 ---A- . (...) -- C:\Windows\IE9_main.log [4679] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 16/04/2011 - 08:55:30 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 16/04/2011 - 08:55:22 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822] O44 - LFC:[MD5.849E40A172A4F6B115EB2605EC9CFD24] - 16/04/2011 - 08:45:02 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [292872] O44 - LFC:[MD5.DFC565E821037C72788DA4EF7B522834] - 15/04/2011 - 09:14:50 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [472808] O44 - LFC:[MD5.8F443F9726349802839C7C0D1C8C904F] - 15/04/2011 - 09:14:49 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [145184] O44 - LFC:[MD5.A27AD8C3D4F0518F3E59CA1C9C5C0D18] - 15/04/2011 - 09:14:49 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184] O44 - LFC:[MD5.47E0BEDC36A30141133728B604A8F11D] - 15/04/2011 - 09:14:49 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472] O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080] O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104] O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912] O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 14/04/2011 - 18:10:08 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [238968] O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 14/04/2011 - 18:09:29 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648] O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 14/04/2011 - 18:09:29 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016] O44 - LFC:[MD5.EDCB1DFDE6D5935856EB25517B633DAC] - 14/04/2011 - 11:04:40 ---A- . (...) -- C:\Windows\SysNative\license.rtf [53560] O44 - LFC:[MD5.EDCB1DFDE6D5935856EB25517B633DAC] - 14/04/2011 - 11:04:40 ---A- . (...) -- C:\Windows\System32\license.rtf [53560] ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 11/03/2011 - 07:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 11/03/2011 - 07:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.8655A2983A86D6675135B1FF6892055D] - 22/06/2010 - 06:07:24 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys [304760] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.F810E3EA3D1F3C3BA26F2F4719BDCA4F] - 23/02/2011 - 14:54:58 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [22360] O58 - SDL:[MD5.3687FD9CEDF56D3B9F18923F4E14F3F9] - 23/02/2011 - 14:55:05 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [64344] O58 - SDL:[MD5.E99E48596B35E5D5240104BCD61B3471] - 23/02/2011 - 14:55:13 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [31064] O58 - SDL:[MD5.84AD8FB3FD2EFA52D8599A0028BBB6FE] - 23/02/2011 - 14:57:01 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [505176] O58 - SDL:[MD5.8CBA6CC5DCA9E3829F1792BF98F06901] - 23/02/2011 - 14:57:04 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [280408] O58 - SDL:[MD5.184248F2DED7B1641C7F3B30381BAA2A] - 23/02/2011 - 14:55:53 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [53592] O58 - SDL:[MD5.FB7602C5C508BE281368AAE0B61B51C6] - 30/09/2009 - 17:34:32 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [121872] O58 - SDL:[MD5.52679612D742BF74CA1BA6AB86DDF431] - 22/01/2010 - 18:13:24 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [6233088] O58 - SDL:[MD5.414E0788920A8C856032BE2CBF29F984] - 22/01/2010 - 17:07:56 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [161280] O58 - SDL:[MD5.52679612D742BF74CA1BA6AB86DDF431] - 22/01/2010 - 18:13:24 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atipmdag.sys [6233088] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.E001DD475A7C27EBE5A0DB45C11BAD71] - 17/07/2009 - 17:06:00 ---A- . (.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\system32\drivers\bcm42rly.sys [22520] O58 - SDL:[MD5.F4CD5F52850BF2C978DE178F256BA372] - 17/07/2009 - 17:06:00 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL664.SYS [2769400] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.6BCFDC2B5B7F66D484486D4BD4B39A6B] - 01/07/2009 - 21:46:52 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [98344] O58 - SDL:[MD5.82DC8B7C626E526681C1BEBED2BC3FF9] - 01/07/2009 - 21:46:48 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [132648] O58 - SDL:[MD5.6149301DC3F81D6F9667A3FBAC410975] - 08/04/2009 - 00:33:08 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\system32\drivers\btwl2cap.sys [35104] O58 - SDL:[MD5.28E105AD3B79F440BF94780F507BF66A] - 01/07/2009 - 21:46:40 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [21160] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E02C9CDB15F13DE4EB2FF67660E62317] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\Windows\system32\drivers\cfwids.sys [62800] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.4CE9F703D1DD69FB656D1953E9C88103] - 28/05/2009 - 17:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\system32\drivers\CtAudDrv.sys [224768] O58 - SDL:[MD5.ED5CF92396A62F4C15110DCDB5E854D9] - 15/06/2009 - 20:06:42 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\system32\drivers\CtClsFlt.sys [172704] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.B6AC71AAA2B10848F57FC49D55A651AF] - 17/09/2009 - 20:54:00 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys [56344] O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888] O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 11/03/2011 - 07:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.C1556CA9695FCD6BBD23D75D402FD43D] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\system32\drivers\mfeapfk.sys [121248] O58 - SDL:[MD5.8857EE8B49F3338FC1FAD476BFCCA146] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [190136] O58 - SDL:[MD5.9B090B2C6D84F4E392B3E5FF168929DA] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\system32\drivers\mfeclnk.sys [9984] O58 - SDL:[MD5.19C44295F6BF085C83352D48397F7870] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\system32\drivers\mfefirek.sys [441328] O58 - SDL:[MD5.5F915E20AB56121C41C6BF9A91A83BDA] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [529128] O58 - SDL:[MD5.23AE332E32FF615CA5E5224C8D91AF11] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) -- C:\Windows\system32\drivers\mfenlfk.sys [75032] O58 - SDL:[MD5.9C7A9273E345F8D653394B5C542BF86A] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdet.sys [94864] O58 - SDL:[MD5.3140B2C56D7119BA314F68FC785683F0] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\system32\drivers\mfewfpk.sys [283360] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.3B01789EE4EAEE97F5EB46B711387D5E] - 20/08/2009 - 17:05:00 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [239616] O58 - SDL:[MD5.697C927E0DE2ABAF1A5F455033F687CD] - 03/02/2010 - 02:36:58 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2263584] O58 - SDL:[MD5.502B316947EA887CDDD325D4745EB7D0] - 17/07/2009 - 04:14:00 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [220672] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\atipmdag.sys - amdkmdag(amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK O64 - Services: CurCS - 30/12/1899 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\BCM42RLY.sys - BCM42RLY(BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) - LEGACY_BCM42RLY O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\cfwids.sys - McAfee Inc. cfwids(cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk(mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk(mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk01) .(...) - LEGACY_MFEAVFK01 O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk02) .(...) - LEGACY_MFEAVFK02 O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfefirek.sys - McAfee Inc. mfefirek(mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfefirek01) .(...) - LEGACY_MFEFIREK01 O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfehidk.sys - McAfee Inc. mfehidk(mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk01) .(...) - LEGACY_MFEHIDK01 O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\mfenlfk.sys - McAfee NDIS Light Filter(mfenlfk) .(.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - LEGACY_MFENLFK O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mferkdet.sys - McAfee Inc. mferkdet(mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfewfpk.sys - McAfee Inc. mfewfpk(mfewfpk) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFEWFPK O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {5D4C9D53-3960-4BFA-B3B5-FE459A520A07} [DefaultScope] - (Google) - http://www.google.com ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.A8D666FCE8EFD0788FA0DF14FB3491B4] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Amélie\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe [885536] [MD5.19CEE58DC4BD63D4AB21E3EC055EDF71] [SPRF] (.Microsoft Corporation - Barre d'outils Bing.) -- C:\Users\Amélie\AppData\Local\Temp\MSN83C2.exe [468232] [MD5.1CBD16E8E752F9E877206E66FAF23459] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Amélie\AppData\Local\Temp\rundll32 .exe [1199104] [MD5.86E0FC3A8107C10FCA5CF63AAB259A14] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Amélie\AppData\Local\Temp\sai8B13.exe [20533281] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.) O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.) O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.) O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.) O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.) O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "{D8567662-4CDF-4C1E-B096-E88DFA3A71AB}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{CE64FFB3-5E46-4F73-99F6-7389020FEF6E}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe O87 - FAEL: "{877B51E0-9EBB-440D-8154-66FB7637F3C6}" | In - Public - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{74058109-BC26-48B5-801A-01D9BC757B15}" | In - Public - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{B854901E-DDCE-4492-9B83-E12BF0DCEB7A}" | In - Private - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{44C03C6E-915A-4C65-83E6-B0340BF94440}" | In - Private - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe ---\\ Scan Additionnel (O88) Database Version : 6367 - (28/04/2011) Number of Keys Founds (Clés trouvées) : 56 Number of Directories Founds (Dossiers trouvés) : 4 [HKCR\ClickPotatoLiteAx.Info] =>Adware.ClickPotato [HKCR\ClickPotatoLiteAx.Info.1] =>Adware.ClickPotato [HKCR\ClickPotatoLiteAX.UserProfiles] =>Adware.ClickPotato [HKCR\ClickPotatoLiteAX.UserProfiles.1] =>Adware.ClickPotato [HKCR\MenuButtonIE.ButtonIE] =>Adware.ClickPotato [HKCR\MenuButtonIE.ButtonIE.1] =>Adware.ClickPotato [HKLM\Software\Classes\clickpotatoliteax.info] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\clickpotatoliteax.info] =>Adware.ClickPotato [HKLM\Software\Classes\clickpotatoliteax.info.1] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\clickpotatoliteax.info.1] =>Adware.ClickPotato [HKLM\Software\Classes\clickpotatoliteax.userprofiles] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\clickpotatoliteax.userprofiles] =>Adware.ClickPotato [HKLM\Software\Classes\clickpotatoliteax.userprofiles.1] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\clickpotatoliteax.userprofiles.1] =>Adware.ClickPotato [HKLM\Software\Classes\MenuButtonIE.ButtonIE] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\MenuButtonIE.ButtonIE] =>Adware.ClickPotato [HKLM\Software\Classes\MenuButtonIE.ButtonIE.1] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\MenuButtonIE.ButtonIE.1] =>Adware.ClickPotato [HKCR\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}] =>Adware.ClickPotato [HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}] =>Adware.ClickPotato [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}] =>Adware.ClickPotato [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{258c9770-1713-4021-8d7e-1f184a2bd754}] =>Adware.SmartShopper [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{258c9770-1713-4021-8d7e-1f184a2bd754}] =>Adware.SmartShopper [HKCR\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}] =>Adware.ClickPotato [HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}] =>Adware.ClickPotato [HKCR\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}] =>Adware.ClickPotato [HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}] =>Adware.ClickPotato [HKCR\Interface\{618aad04-921f-44c2-be38-c0818af69861}] =>Adware.Hotbar [HKLM\Software\Classes\Interface\{618aad04-921f-44c2-be38-c0818af69861}] =>Adware.Hotbar [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da}] =>Adware.Hotbar [HKCR\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}] =>Adware.ClickPotato [HKLM\Software\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}] =>Adware.ClickPotato [HKCR\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}] =>Adware.ClickPotato [HKLM\Software\Classes\Wow6432Node\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}] =>Adware.ClickPotato [HKLM\Software\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}] =>Adware.ClickPotato [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7}] =>Adware.Softomate [HKCR\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}] =>Adware.ClickPotato [HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}] =>Adware.ClickPotato [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}] =>Adware.ClickPotato [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}] =>Adware.ClickPotato [HKLM\Software\Microsoft\Internet Explorer\extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}] =>Adware.ClickPotato [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}] =>Adware.ClickPotato [HKCR\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337}] =>Adware.Hotbar [HKLM\Software\Classes\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337}] =>Adware.Hotbar [HKCR\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}] =>Adware.ClickPotato [HKLM\Software\Classes\Wow6432Node\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}] =>Adware.ClickPotato [HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}] =>Adware.ClickPotato [HKCR\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] =>Adware.ClickPotato [HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] =>Adware.ClickPotato [HKCR\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb}] =>Adware.Hotbar [HKLM\Software\Classes\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb}] =>Adware.Hotbar [HKLM\Software\ClickPotatoLite] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\ClickPotatoLite] =>Adware.ClickPotato [HKCU\Software\DC3_FEXEC] => [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA] =>Adware.ClickPotato C:\ProgramData\2aca5cc3-0f83-453d-a079-1076fe1a8b65 =>Adware.Seekmo C:\ProgramData\ClickPotatoLiteSA =>Adware.ClickPotato C:\Users\Amélie\AppData\Roaming\ClickPotatoLite =>Adware.ClickPotato C:\Program Files (x86)\ClickPotatoLite =>Adware.ClickPotato ---\\ Recherche détournement de DNS routeur (O89) Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.229.104 209.85.229.147 209.85.229.99 Aliases: www.google.fr www.google.com ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe SR - | Auto 18/11/2009 0 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 18/08/2009 868128 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe SR - | Auto 09/06/2009 155648 | (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe SR - | Auto 30/09/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 10/03/2010 355440 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SS - | Demand 07/10/2010 509416 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe SS - | Disabled 10/03/2010 355440 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SS - | Auto 13/10/2010 200056 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe SR - | Auto 13/10/2010 245352 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SS - | Auto 13/10/2010 149032 | (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe SR - | Auto 21/08/2010 689472 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe SR - | Auto 21/05/2009 206064 | (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe SR - | Auto 30/09/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 17/07/2009 33280 | (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Amélie at 28/04/2011 22:26:52 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Amélie at 28/04/2011 22:26:54 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (963 lines in 00mn 55s)(0)

merci d'avance ! :oops:

Del-crosseur · le 28 Avr 2011 21:58

Bonsoir Amélie et bienvenue sur PC-I !!

Tu est très infecter... Perdons pas de temps au boulot !

Télécharge puis installe :

par Marcin Kleczynski

*** Met-le à jour(très important ) , puis coche, "Exécuter un examen complet"

*** Si une infection est trouvée, coche la case à coté et valide avec l’Onglet Supprimer la sélection

*** Après la suppression , l'outil va surement te demander de redémarrer l'ordinateur -->accepte<--

*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) ? cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.

Poste le rapport final.

Ps:Au cas ou tu n'a pas le rapport suite à une erreur de manipulation ; relance Malwarebytes puis rends toi dans l'onglet "rapports/Logs" selectionne le dernier puis Copier/Coller dans ta réponse

Ensuite :::

• Télécharge AD-Remover (de C_XX) sur ton Bureau.
/!\ Déconnecte toi et ferme toutes les applications en cours /!\
• Double-clique sur l'icône AD-Remover
• Au menu principal, clique sur "Nettoyer"
• Confirme le lancement de l'analyse et laisse l'outil travailler
• Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-Clean.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Voila j'attends donc le rapport de : Malwarebytes et AD-REMOVER

Bonne soirée !!

amelie034 · le 28 Avr 2011 22:01

merci, je fais tout ça de ce pas!

Del-crosseur · le 28 Avr 2011 22:05

Prend bien ton temps de bien lire les procédures...

Je te laisse travailler....

amelie034 · le 28 Avr 2011 22:09

c'est en cours d'analyse, ça detecte deja 27 fichiers infectés !
je comprend pas ce pc n'a même pas encore 15jours!
mon antivirus est-il defectueux?

Del-crosseur · le 28 Avr 2011 22:21

Sa m'étonne pas

Il peut être pas à jours ; puis tu à plusieurs antivirus et compagnies sur le pc....
Ensuite sa dépends aussi de ton surf , tu dois surement aller sur des sites qui faut pas ou même cliquer n'importe ou et sur n'importe quoi .. Il faut faire attention à ton surf...
Breff je vais t'expliquer tous cela en fin de désinfection et ainsi tu pourras me poser toutes les questions que tu veux ...

amelie034 · le 28 Avr 2011 23:02

voila le 1er rapport :

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6467 Windows 6.1.7600 Internet Explorer 9.0.8112.16421 28/04/2011 23:56:41 mbam-log-2011-04-28 (23-56-41).txt Type d'examen: Examen complet (A:\|C:\|D:\|E:\|F:\|) Elément(s) analysé(s): 264050 Temps écoulé: 50 minute(s), 50 seconde(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 27 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 10 Fichier(s) infecté(s): 17 Processus mémoire infecté(s): c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesa.exe (Adware.ClickPotato) -> 5400 -> Unloaded process successfully. c:\Windows\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> 5208 -> Unloaded process successfully. Module(s) mémoire infecté(s): c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ClickPotatoLiteSA (Adware.ClickPotato) -> Value: ClickPotatoLiteSA -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\Users\Amélie\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite (Adware.ClickPotato) -> Delete on reboot. c:\program files (x86)\clickpotatolite\bin (Adware.ClickPotato) -> Delete on reboot. c:\program files (x86)\clickpotatolite\bin\10.0.668.0 (Adware.ClickPotato) -> Delete on reboot. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\Users\Amélie\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\MN3LLMJ9\VLCSetup.exe (Adware.HotBar) -> Quarantined and deleted successfully. c:\Windows\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

amelie034 · le 28 Avr 2011 23:10

et le second:

Code: Tout sélectionner: ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 00:03:18 le 29/04/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium (X64) Amélie@AMÉLIE-PC (Dell Inc. Inspiron 1764) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861} Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337} Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB} Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport2 ============== SCAN ADDITIONNEL ============== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_SearchScopes\{0B11C30C-7149-4331-BE3C-BBC8C36AA091} - "?" (?) HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB} - C:\Program Files\McAfee\VirusScan\mcvsmap.exe (McAfee, Inc.) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609} - C:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Envoyer à Bluetooth" (c:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico) BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110414200035.dll) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 29/04/2011 00:03:26 (3006 Octet(s)) Fin à: 00:04:30, 29/04/2011 ============== E.O.F ==============

merci encore

Del-crosseur · le 28 Avr 2011 23:15

Ok , impeccable

Tu peut relancer AD-REMOVER et le désinstaller

Nous allons effectuer un Scan avec NOD32

*** Scan en ligne ->

_->Cliquez sur le bouton

_->Accepter les conditions d’utilisation, pour cela, cochez la case « Oui, j’accepte les termes du contrat de licence »
_->Cliquez ensuite sur le bouton Start
_->Acceptez l’installation de l’ActiveX NOD32
_->Le téléchargement des définitions virales s’effectuent, cela peut prendre du temps selon la vitesse de connexion.
_->Cocher la case "Supprimer les menaces détectées"
_->Clique sur le bouton Démarrer pour lancer le scan
_->Le scan du PC se lance, les menaces détectées apparaissent dans la liste en dessous de la barre de progression.
_->Laissez l’analyse s’effectuer entièrement
_->Cliquer sur le bouton « liste des menaces » permettant d’exporter la liste dans un fichier texte
_->Enregistrer celui-ci sur votre bureau par exemple

Poste moi le rapport

Puis peut tu me refaire un ZHPDiag comme tu la fais la première fois stp...

Merci , Je vais au lit .
Je regarderais les rapports demain ainsi je te donnerais le reste de la procédure si tu à fais se que j'ai demander...

Bonne nuit

amelie034 · le 28 Avr 2011 23:22

merci, bonne nuit, je posterai tout ca demain

amelie034 · le 29 Avr 2011 08:33

Bonjour !
voila le rapport de NOD32:

Code: Tout sélectionner: C:\Users\Amélie\AppData\Local\Temp\rundll32 .exe une variante de MSIL/Kryptik.H cheval de troie nettoyé par suppression - mis en quarantaine C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe une variante de MSIL/Kryptik.H cheval de troie nettoyé par suppression - mis en quarantaine

et voila le nouveau rapport de ZHP :

Code: Tout sélectionner: Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011 Run by Amélie at 29/04/2011 09:16:31 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) ---\\ System Information Windows 7 Home Premium Edition, 64-bit (Build 7600) Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3956 MB (69% free) System Restore: Activé (Enable) System drive C: has 109 GB (75%) free of 145 GB ---\\ Logged in mode Computer Name: AMÉLIE-PC User Name: Amélie All Users Names: Amélie, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%= %LocalAppData%= %StartMenu%= ---\\ DOS/Devices A:\ Hard drive, Flash drive, Thumb drive (Free 137 Go of 138 Go) C:\ Hard drive, Flash drive, Thumb drive (Free 109 Go of 145 Go) D:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 07:23:14.) -- C:\Windows\Explorer.exe [2870272] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/04/2011 08:55:33.) -- C:\Windows\system32\wininet.dll [1126912] ---\\ Processus lancés [MD5.80B62FF105908EC9E4B072AFB1CFC824] - (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744] [MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [11322880] [MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [11314688] [MD5.0647EF247A5D0402E74FE89F5F6A8A11] - (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160] [MD5.00D1FB0073B4A8BD2989EA8FF4CC792B] - (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064] [MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496] [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064] [MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Users\Amélie\Desktop\ZHPDiag\ZHPDiag.exe [644608] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110414200035.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [Desktop Disc Tool] . (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe O4 - HKLM\..\Wow6432Node\Run: [DellSupportCenter] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-989431337-3330428235-1482280456-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.) O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk . (...) -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe (.not file.) O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Amélie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{09F74FE1-7DF0-4BD0-ADBD-53EEC3AECA80}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpNameServer = 13.36.0.1 13.36.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{09F74FE1-7DF0-4BD0-ADBD-53EEC3AECA80}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpNameServer = 13.36.0.1 13.36.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{09F74FE1-7DF0-4BD0-ADBD-53EEC3AECA80}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpNameServer = 13.36.0.1 13.36.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpDomain = CD-DL.TEST O17 - HKLM\System\CS1\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpDomain = CD-DL.TEST O17 - HKLM\System\CS2\Services\Tcpip\..\{9998D264-2E5E-462F-8965-A436B55CF794}: DhcpDomain = CD-DL.TEST O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: C:\Windows\system32\Alg.exe (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McODS) . (.McAfee, Inc. - McAfee VirusScan On-Demand Scan.) - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: (McOobeSv) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe O23 - Service: (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe O23 - Service: (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc. - SupportSoft Agent Service.) - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe O23 - Service: (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) [MD5.1F83CB91A9830038DBE7CD1BA1921205] [APT] [Administrator - Start WLAN Tray Applet] (.Dell Inc..) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\System32\DRIVERS\mfenlfk.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM][64Bits] -- {055EE59D-217B-43A7-ABFF-507B966405D8} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Photoshop CS5 Portable - (.Adobe.) [HKLM][64Bits] -- {61172A5D-60AA-43BE-958F-90451024E768}_is1 O42 - Logiciel: Adobe Reader 9.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM][64Bits] -- Advanced Audio FX Engine O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {71E015CC-52DA-4536-AF0C-C643BA1E45FB} O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM][64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Dell DataSafe Local Backup - (.Dell.) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04} O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM][64Bits] -- Dell Dock O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} O42 - Logiciel: Dell Support Center (Logiciel de support) - (.Dell.) [HKLM][64Bits] -- {E3BFEE55-39E2-4BE0-B966-89FE583822C1} O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central O42 - Logiciel: Dell Wireless WLAN Card Utility - (.Dell Inc..) [HKLM] -- Dell Wireless WLAN Card Utility O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Java(TM) 6 Update 22 (64-bit) - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416022FF} O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0} O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: Live! Cam Avatar Creator - (.Creative Technology Ltd.) [HKLM][64Bits] -- {65D0C510-D7B6-4438-9FC8-E6B91115AB0D} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: McAfee Security Center - (.McAfee, Inc..) [HKLM][64Bits] -- MSC O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-0070-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {052bac4a-6f79-46d4-a024-1ce1b4f73cd4} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: O42 - Logiciel: eBay - (.eBay Inc..) [HKLM][64Bits] -- {A8B88634-7F90-402F-B66A-86429755F6A5} - (.Pas de propriétaire.) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49} O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {05653DE1-6567-40C6-B930-39D399B64369} O42 - Logiciel: Quickset64 - (.Dell Inc..) [HKLM] -- {87CF757E-C1F1-4D22-865C-00C6950B5258} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {A33E7B0C-B99C-4EC9-B702-8A328B161AF9} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E} O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM][64Bits] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B} O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F} O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F} O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: [HKLM\Software\DirectDrawEx] - (.Pas de propriétaire.) [HKLM][64Bits] -- ESET Online Scanner O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast O42 - Logiciel: eBay - (.eBay Inc..) [HKLM][64Bits] -- {A8B88634-7F90-402F-B66A-86429755F6A5} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ATI] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AppDataLow\LastScanTime] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Broadcom] [HKCU\Software\Brother] [HKCU\Software\Classes] [HKCU\Software\Creative Tech] [HKCU\Software\DC3_FEXEC] [HKCU\Software\Dell] [HKCU\Software\ESET] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\McAfee] [HKCU\Software\Netscape] [HKCU\Software\OpenOffice.org] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Softonic] [HKCU\Software\SupportSoft] [HKCU\Software\Widcomm] [HKCU\Software\Wow6432Node] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\Alps] [HKLM\Software\BcmSetup] [HKLM\Software\Broadcom] [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\Creative] [HKLM\Software\DELL] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\Dell] [HKLM\Software\Eset] [HKLM\Software\Google] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\McAfee.com] [HKLM\Software\McAfeeInstaller] [HKLM\Software\McAfee] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC-Doctor] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Roxio] [HKLM\Software\SRS Labs] [HKLM\Software\SoftThinks] [HKLM\Software\Sonic] [HKLM\Software\Stardock] [HKLM\Software\SupportSoft] [HKLM\Software\VideoLAN] [HKLM\Software\Widcomm] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 14/04/2011 - 19:09:26 - [169767459] ----D- C:\Program Files\AVAST Software O43 - CFD: 30/01/2011 - 06:27:40 - [103444714] ----D- C:\Program Files\Common Files O43 - CFD: 30/01/2011 - 06:22:56 - [45260949] ----D- C:\Program Files\Dell O43 - CFD: 30/01/2011 - 06:00:48 - [14167234] ----D- C:\Program Files\Dell Inc O43 - CFD: 30/01/2011 - 07:49:54 - [17507100] ----D- C:\Program Files\DellTPad O43 - CFD: 14/07/2009 - 17:35:28 - [90257428] ----D- C:\Program Files\DVD Maker O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 16/04/2011 - 09:58:24 - [6202240] ----D- C:\Program Files\Internet Explorer O43 - CFD: 30/01/2011 - 06:00:38 - [80648844] ----D- C:\Program Files\Java O43 - CFD: 30/01/2011 - 06:28:42 - [229912555] ----D- C:\Program Files\mcafee O43 - CFD: 30/01/2011 - 06:27:38 - [2505805] ----D- C:\Program Files\mcafee.com O43 - CFD: 14/07/2009 - 17:35:26 - [149236786] ----D- C:\Program Files\Microsoft Games O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 29/01/2011 - 22:53:54 - [12692992] ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 30/01/2011 - 06:04:50 - [148002168] ----D- C:\Program Files\WIDCOMM O43 - CFD: 14/07/2009 - 17:24:10 - [4039168] ----D- C:\Program Files\Windows Defender O43 - CFD: 14/07/2009 - 17:35:28 - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 30/01/2011 - 06:16:54 - [7755583] ----D- C:\Program Files\Windows Live O43 - CFD: 16/04/2011 - 09:43:44 - [6667264] ----D- C:\Program Files\Windows Mail O43 - CFD: 30/01/2011 - 07:49:16 - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 14/04/2011 - 13:20:32 - [12627124] ----D- C:\Program Files\Windows NT O43 - CFD: 14/07/2009 - 17:24:10 - [5516568] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 14/07/2009 - 17:24:10 - [7191662] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 30/01/2011 - 06:27:40 - [30856659] ----D- C:\Program Files\Common Files\mcafee O43 - CFD: 15/04/2011 - 10:10:24 - [59966614] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 14/07/2009 - 17:24:10 - [12009971] ----D- C:\Program Files\Common Files\System O43 - CFD: 30/01/2011 - 06:21:28 - [769] ----D- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 30/01/2011 - 06:41:46 - [188] ----D- C:\ProgramData\ATI O43 - CFD: 14/04/2011 - 19:09:26 - [6707315] ----D- C:\ProgramData\AVAST Software O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 14/04/2011 - 14:29:00 - [11402] ----D- C:\ProgramData\Creative O43 - CFD: 14/04/2011 - 13:27:12 - [1722756] ----D- C:\ProgramData\Dell O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 30/01/2011 - 06:33:08 - [3552773] ----D- C:\ProgramData\Macrovision O43 - CFD: 28/04/2011 - 23:02:30 - [6609893] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 14/04/2011 - 14:28:10 - [32535119] ----D- C:\ProgramData\McAfee O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 14/04/2011 - 21:11:06 - [1236697878] -S--D- C:\ProgramData\Microsoft O43 - CFD: 14/04/2011 - 13:20:32 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 30/01/2011 - 06:22:42 - [0] ----D- C:\ProgramData\PCDr O43 - CFD: 30/01/2011 - 06:33:16 - [5785] ----D- C:\ProgramData\Sonic O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 30/01/2011 - 06:00:22 - [189] ----D- C:\ProgramData\Sun O43 - CFD: 30/01/2011 - 06:22:44 - [6256611] ----D- C:\ProgramData\SupportSoft O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 30/01/2011 - 06:33:20 - [11492018] ----D- C:\ProgramData\Uninstall O43 - CFD: 29/04/2011 - 09:16:24 - [7808246] -S--D- C:\Users\Amélie\AppData\Roaming\Microsoft O43 - CFD: 27/04/2011 - 21:28:56 - [2501312] ----D- C:\Users\Amélie\AppData\Roaming\Adobe O43 - CFD: 14/04/2011 - 13:27:40 - [0] ----D- C:\Users\Amélie\AppData\Roaming\ATI O43 - CFD: 21/04/2011 - 17:23:50 - [0] R---D- C:\Users\Amélie\AppData\Roaming\Brother O43 - CFD: 14/04/2011 - 14:29:00 - [402] ----D- C:\Users\Amélie\AppData\Roaming\Creative O43 - CFD: 14/04/2011 - 13:27:56 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Dell O43 - CFD: 14/04/2011 - 13:26:58 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Identities O43 - CFD: 14/04/2011 - 13:50:02 - [5559] ----D- C:\Users\Amélie\AppData\Roaming\Macromedia O43 - CFD: 28/04/2011 - 23:02:48 - [6175085] ----D- C:\Users\Amélie\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Media Center Programs O43 - CFD: 15/04/2011 - 22:55:30 - [1508390] ----D- C:\Users\Amélie\AppData\Roaming\OpenOffice.org O43 - CFD: 14/04/2011 - 13:27:42 - [0] ----D- C:\Users\Amélie\AppData\Roaming\Roxio O43 - CFD: 22/04/2011 - 13:00:54 - [429165797] ----D- C:\Users\Amélie\Appdata\Local\Microsoft O43 - CFD: 27/04/2011 - 22:16:34 - [184997] ----D- C:\Users\Amélie\Appdata\Local\Adobe O43 - CFD: 14/04/2011 - 13:20:42 - [0] -SH-D- C:\Users\Amélie\Appdata\Local\Application Data O43 - CFD: 14/04/2011 - 13:27:40 - [59950] ----D- C:\Users\Amélie\Appdata\Local\ATI O43 - CFD: 14/04/2011 - 13:27:40 - [0] ----D- C:\Users\Amélie\Appdata\Local\Broadcom O43 - CFD: 14/04/2011 - 13:20:42 - [0] -SH-D- C:\Users\Amélie\Appdata\Local\Historique O43 - CFD: 28/04/2011 - 23:58:58 - [2026] ----D- C:\Users\Amélie\Appdata\Local\SoftThinks O43 - CFD: 14/04/2011 - 13:27:46 - [325] ----D- C:\Users\Amélie\Appdata\Local\Stardock_Corporation O43 - CFD: 14/04/2011 - 13:27:38 - [4301776] ----D- C:\Users\Amélie\Appdata\Local\SupportSoft O43 - CFD: 29/04/2011 - 09:16:26 - [30378973] ----D- C:\Users\Amélie\Appdata\Local\Temp O43 - CFD: 14/04/2011 - 13:20:42 - [0] -SH-D- C:\Users\Amélie\Appdata\Local\Temporary Internet Files O43 - CFD: 16/04/2011 - 09:49:06 - [300318] ----D- C:\Users\Amélie\Appdata\Local\VirtualStore O43 - CFD: 28/04/2011 - 22:31:38 - [45056] ----D- C:\Users\Amélie\Appdata\Local\Windows Live O43 - CFD: 27/04/2011 - 21:27:30 - [633785912] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 30/01/2011 - 06:03:12 - [86040640] ----D- C:\Program Files (x86)\ATI Technologies O43 - CFD: 30/01/2011 - 06:07:42 - [3598306] ----D- C:\Program Files (x86)\Cisco O43 - CFD: 15/04/2011 - 09:07:38 - [329182313] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 30/01/2011 - 06:09:38 - [14953390] ----D- C:\Program Files (x86)\Creative O43 - CFD: 30/01/2011 - 06:08:38 - [114688] ----D- C:\Program Files (x86)\Creative Live! Cam O43 - CFD: 28/04/2011 - 23:59:22 - [219050638] ----D- C:\Program Files (x86)\Dell DataSafe Local Backup O43 - CFD: 30/01/2011 - 06:22:34 - [105421026] ----D- C:\Program Files (x86)\Dell Support Center O43 - CFD: 30/01/2011 - 06:09:30 - [264797136] ----D- C:\Program Files (x86)\Dell Webcam O43 - CFD: 30/01/2011 - 06:27:36 - [934781] ----D- C:\Program Files (x86)\eBay O43 - CFD: 29/04/2011 - 00:18:24 - [111269438] ----D- C:\Program Files (x86)\ESET O43 - CFD: 30/01/2011 - 06:29:58 - [20261272] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 30/01/2011 - 06:08:08 - [12901959] ----D- C:\Program Files (x86)\Intel O43 - CFD: 16/04/2011 - 09:58:24 - [5154168] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 15/04/2011 - 10:14:34 - [180805475] ----D- C:\Program Files (x86)\Java O43 - CFD: 14/04/2011 - 13:20:48 - [432909] ----D- C:\Program Files (x86)\McAfee O43 - CFD: 30/01/2011 - 06:27:40 - [428064] ----D- C:\Program Files (x86)\mcafee.com O43 - CFD: 14/04/2011 - 13:52:32 - [0] ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 30/01/2011 - 06:32:26 - [6423243] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 21/04/2011 - 09:07:04 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 30/01/2011 - 06:17:54 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 16/04/2011 - 09:52:02 - [15715] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 15/04/2011 - 10:15:38 - [370627109] ----D- C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 30/01/2011 - 06:33:06 - [13525265] ----D- C:\Program Files (x86)\Roxio O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 26/04/2011 - 23:20:22 - [82679395] ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 16/04/2011 - 02:18:22 - [177028360] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 16/04/2011 - 09:43:42 - [6180864] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 30/01/2011 - 07:49:16 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 14/07/2009 - 17:24:10 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 14/07/2009 - 17:24:10 - [5994114] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 27/04/2011 - 21:28:12 - [4605470] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 30/01/2011 - 06:01:48 - [3668633] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 15/04/2011 - 09:07:38 - [1247175] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 30/01/2011 - 06:28:42 - [3653351] ----D- C:\Program Files (x86)\Common Files\mcafee O43 - CFD: 30/01/2011 - 06:30:36 - [21191290] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 30/01/2011 - 06:08:10 - [166332] ----D- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 30/01/2011 - 06:33:08 - [305088] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 30/01/2011 - 06:09:32 - [4221400] ----D- C:\Program Files (x86)\Common Files\Reallusion O43 - CFD: 30/01/2011 - 06:33:08 - [6470778] ----D- C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 30/01/2011 - 06:33:08 - [372019] ----D- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 30/01/2011 - 06:22:28 - [7526487] ----D- C:\Program Files (x86)\Common Files\supportsoft O43 - CFD: 14/07/2009 - 17:24:10 - [10102259] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 30/01/2011 - 06:11:34 - [224545546] ----D- C:\Program Files (x86)\Common Files\Windows Live ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A10FEA3276813E1C44C50D4826F73C3A] - 29/04/2011 - 08:15:27 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14240] O44 - LFC:[MD5.A10FEA3276813E1C44C50D4826F73C3A] - 29/04/2011 - 08:15:27 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14240] O44 - LFC:[MD5.210000000000000000000000A8EF1800] - 29/04/2011 - 08:11:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2049277] O44 - LFC:[MD5.55B2CE80799C75C4D16090A7BBA719C2] - 29/04/2011 - 08:07:41 ---A- . (...) -- C:\Windows\setupact.log [22903] O44 - LFC:[MD5.F86146514B5F971B90159A27CAEE277A] - 29/04/2011 - 08:07:40 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.1DE395856BFEE5BED1548973063E5FE7] - 28/04/2011 - 22:58:21 ---A- . (...) -- C:\Windows\PFRO.log [13786] O44 - LFC:[MD5.1D7BA9095309BF00DBC4FEDBF7FFC832] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.E86C11FB6B5D2F257F8DC4196B208976] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106388] O44 - LFC:[MD5.32E6A5139968E5B59E31034FE9B7994C] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130754] O44 - LFC:[MD5.214E528064ECE0F3F26F77F36BD4D3C8] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616008] O44 - LFC:[MD5.54EED1F3AEFF9B9D27AD10AA205DFC97] - 28/04/2011 - 17:30:55 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704480] O44 - LFC:[MD5.C6D9924A98FFF222C3EFB48B18FF944C] - 21/04/2011 - 16:22:35 ---A- . (...) -- C:\Windows\BRPP2KA.INI [27] O44 - LFC:[MD5.96AB5888BC087FACFDB69D0956738724] - 21/04/2011 - 16:22:35 ---A- . (...) -- C:\Windows\BRWMARK.INI [434] O44 - LFC:[MD5.446C0D7AA4BA022B43BA37E78A40105B] - 16/04/2011 - 08:58:04 ---A- . (...) -- C:\Windows\IE9_main.log [4679] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 16/04/2011 - 08:55:30 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 16/04/2011 - 08:55:22 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822] O44 - LFC:[MD5.849E40A172A4F6B115EB2605EC9CFD24] - 16/04/2011 - 08:45:02 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [292872] O44 - LFC:[MD5.DFC565E821037C72788DA4EF7B522834] - 15/04/2011 - 09:14:50 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [472808] O44 - LFC:[MD5.8F443F9726349802839C7C0D1C8C904F] - 15/04/2011 - 09:14:49 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [145184] O44 - LFC:[MD5.A27AD8C3D4F0518F3E59CA1C9C5C0D18] - 15/04/2011 - 09:14:49 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184] O44 - LFC:[MD5.47E0BEDC36A30141133728B604A8F11D] - 15/04/2011 - 09:14:49 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472] O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080] O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104] O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 15/04/2011 - 08:12:40 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912] O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 14/04/2011 - 18:10:08 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [238968] O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 14/04/2011 - 18:09:29 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648] O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 14/04/2011 - 18:09:29 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016] O44 - LFC:[MD5.EDCB1DFDE6D5935856EB25517B633DAC] - 14/04/2011 - 11:04:40 ---A- . (...) -- C:\Windows\SysNative\license.rtf [53560] O44 - LFC:[MD5.EDCB1DFDE6D5935856EB25517B633DAC] - 14/04/2011 - 11:04:40 ---A- . (...) -- C:\Windows\System32\license.rtf [53560] ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 11/03/2011 - 07:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 11/03/2011 - 07:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.8655A2983A86D6675135B1FF6892055D] - 22/06/2010 - 06:07:24 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys [304760] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.F810E3EA3D1F3C3BA26F2F4719BDCA4F] - 23/02/2011 - 14:54:58 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [22360] O58 - SDL:[MD5.3687FD9CEDF56D3B9F18923F4E14F3F9] - 23/02/2011 - 14:55:05 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [64344] O58 - SDL:[MD5.E99E48596B35E5D5240104BCD61B3471] - 23/02/2011 - 14:55:13 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [31064] O58 - SDL:[MD5.84AD8FB3FD2EFA52D8599A0028BBB6FE] - 23/02/2011 - 14:57:01 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [505176] O58 - SDL:[MD5.8CBA6CC5DCA9E3829F1792BF98F06901] - 23/02/2011 - 14:57:04 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [280408] O58 - SDL:[MD5.184248F2DED7B1641C7F3B30381BAA2A] - 23/02/2011 - 14:55:53 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [53592] O58 - SDL:[MD5.FB7602C5C508BE281368AAE0B61B51C6] - 30/09/2009 - 17:34:32 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [121872] O58 - SDL:[MD5.52679612D742BF74CA1BA6AB86DDF431] - 22/01/2010 - 18:13:24 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [6233088] O58 - SDL:[MD5.414E0788920A8C856032BE2CBF29F984] - 22/01/2010 - 17:07:56 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [161280] O58 - SDL:[MD5.52679612D742BF74CA1BA6AB86DDF431] - 22/01/2010 - 18:13:24 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atipmdag.sys [6233088] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.E001DD475A7C27EBE5A0DB45C11BAD71] - 17/07/2009 - 17:06:00 ---A- . (.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\system32\drivers\bcm42rly.sys [22520] O58 - SDL:[MD5.F4CD5F52850BF2C978DE178F256BA372] - 17/07/2009 - 17:06:00 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL664.SYS [2769400] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.6BCFDC2B5B7F66D484486D4BD4B39A6B] - 01/07/2009 - 21:46:52 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [98344] O58 - SDL:[MD5.82DC8B7C626E526681C1BEBED2BC3FF9] - 01/07/2009 - 21:46:48 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [132648] O58 - SDL:[MD5.6149301DC3F81D6F9667A3FBAC410975] - 08/04/2009 - 00:33:08 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\system32\drivers\btwl2cap.sys [35104] O58 - SDL:[MD5.28E105AD3B79F440BF94780F507BF66A] - 01/07/2009 - 21:46:40 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [21160] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E02C9CDB15F13DE4EB2FF67660E62317] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\Windows\system32\drivers\cfwids.sys [62800] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.4CE9F703D1DD69FB656D1953E9C88103] - 28/05/2009 - 17:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\system32\drivers\CtAudDrv.sys [224768] O58 - SDL:[MD5.ED5CF92396A62F4C15110DCDB5E854D9] - 15/06/2009 - 20:06:42 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\system32\drivers\CtClsFlt.sys [172704] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.B6AC71AAA2B10848F57FC49D55A651AF] - 17/09/2009 - 20:54:00 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys [56344] O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888] O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 11/03/2011 - 07:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.3D3C4B63F11F63F50253E734F0ACE9F2] - 20/12/2010 - 17:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24152] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.C1556CA9695FCD6BBD23D75D402FD43D] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\system32\drivers\mfeapfk.sys [121248] O58 - SDL:[MD5.8857EE8B49F3338FC1FAD476BFCCA146] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [190136] O58 - SDL:[MD5.9B090B2C6D84F4E392B3E5FF168929DA] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\system32\drivers\mfeclnk.sys [9984] O58 - SDL:[MD5.19C44295F6BF085C83352D48397F7870] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\system32\drivers\mfefirek.sys [441328] O58 - SDL:[MD5.5F915E20AB56121C41C6BF9A91A83BDA] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [529128] O58 - SDL:[MD5.23AE332E32FF615CA5E5224C8D91AF11] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) -- C:\Windows\system32\drivers\mfenlfk.sys [75032] O58 - SDL:[MD5.9C7A9273E345F8D653394B5C542BF86A] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdet.sys [94864] O58 - SDL:[MD5.3140B2C56D7119BA314F68FC785683F0] - 13/10/2010 - 21:28:54 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\system32\drivers\mfewfpk.sys [283360] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.3B01789EE4EAEE97F5EB46B711387D5E] - 20/08/2009 - 17:05:00 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [239616] O58 - SDL:[MD5.697C927E0DE2ABAF1A5F455033F687CD] - 03/02/2010 - 02:36:58 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2263584] O58 - SDL:[MD5.502B316947EA887CDDD325D4745EB7D0] - 17/07/2009 - 04:14:00 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [220672] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [38224] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\atipmdag.sys - amdkmdag(amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK O64 - Services: CurCS - 30/12/1899 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\BCM42RLY.sys - BCM42RLY(BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) - LEGACY_BCM42RLY O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\cfwids.sys - McAfee Inc. cfwids(cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk(mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk(mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk01) .(...) - LEGACY_MFEAVFK01 O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk02) .(...) - LEGACY_MFEAVFK02 O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfefirek.sys - McAfee Inc. mfefirek(mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfefirek01) .(...) - LEGACY_MFEFIREK01 O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfehidk.sys - McAfee Inc. mfehidk(mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk01) .(...) - LEGACY_MFEHIDK01 O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\mfenlfk.sys - McAfee NDIS Light Filter(mfenlfk) .(.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - LEGACY_MFENLFK O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mferkdet.sys - McAfee Inc. mferkdet(mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\mfewfpk.sys - McAfee Inc. mfewfpk(mfewfpk) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFEWFPK O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {0B11C30C-7149-4331-BE3C-BBC8C36AA091} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {5D4C9D53-3960-4BFA-B3B5-FE459A520A07} [DefaultScope] - (Google) - http://www.google.com ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.A8D666FCE8EFD0788FA0DF14FB3491B4] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Amélie\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe [885536] [MD5.19CEE58DC4BD63D4AB21E3EC055EDF71] [SPRF] (.Microsoft Corporation - Barre d'outils Bing.) -- C:\Users\Amélie\AppData\Local\Temp\MSN83C2.exe [468232] [MD5.86E0FC3A8107C10FCA5CF63AAB259A14] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Amélie\AppData\Local\Temp\sai8B13.exe [20533281] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.) O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.) O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.) O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.) O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.) O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "{D8567662-4CDF-4C1E-B096-E88DFA3A71AB}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{CE64FFB3-5E46-4F73-99F6-7389020FEF6E}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe O87 - FAEL: "{877B51E0-9EBB-440D-8154-66FB7637F3C6}" | In - Public - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{74058109-BC26-48B5-801A-01D9BC757B15}" | In - Public - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{B854901E-DDCE-4492-9B83-E12BF0DCEB7A}" | In - Private - P6 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe O87 - FAEL: "{44C03C6E-915A-4C65-83E6-B0340BF94440}" | In - Private - P17 - TRUE | .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe ---\\ Scan Additionnel (O88) Database Version : 6502 - (28/04/2011) Number of Keys Founds (Clés trouvées) : 4 Number of Directories Founds (Dossiers trouvés) : 0 [HKCR\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] =>Adware.ClickPotato [HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] =>Adware.ClickPotato [HKLM\Software\Wow6432Node\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] =>Adware.ClickPotato [HKCU\Software\DC3_FEXEC] => ---\\ Recherche détournement de DNS routeur (O89) Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.229.147 209.85.229.99 209.85.229.104 Aliases: www.google.fr www.google.com ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe SR - | Auto 18/11/2009 0 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 18/08/2009 868128 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe SR - | Auto 09/06/2009 155648 | (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe SR - | Auto 30/09/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 10/03/2010 355440 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SS - | Demand 07/10/2010 509416 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe SS - | Disabled 10/03/2010 355440 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe SS - | Auto 13/10/2010 200056 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe SR - | Auto 13/10/2010 245352 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SS - | Auto 13/10/2010 149032 | (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe SR - | Auto 21/08/2010 689472 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe SR - | Auto 21/05/2009 206064 | (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe SR - | Auto 30/09/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 17/07/2009 33280 | (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Amélie at 29/04/2011 09:18:22 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Amélie at 29/04/2011 09:18:24 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (895 lines in 01mn 52s)(0)

Del-crosseur · le 29 Avr 2011 09:41

Bonjour ,

***Dans "Programmes" tu as ZHPDiag , cliques dessus pour le lancer
Lorsque la fenêtre de l'interface sera ouverte clique sur cette icône -->

Une nouvelle interface va se présenter (tu seras sur ZHPFix), dans celle-ci applique cette procédure :

• Dans la fenêtre d'application (blanche et vierge) copie et colle ceci dedans :

[HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}]
[HKCU\Software\AppDataLow\LastScanTime]
[MD5.86E0FC3A8107C10FCA5CF63AAB259A14] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Amélie\AppData\Local\Temp\sai8B13.exe [20533281]
EmptyFlash
Emptytemp

• En haut dans la barre de commandes clique sur --> H
pour activer les lignes Helpers.

***Clique sur "OK", puis sur "Tous", et pour terminer le lancement sur "Nettoyer".
Ne touche pas au pc pendant que ZHPFix travail , risque de plantage du logiciel.
Une fois le Scan terminer , tu obtiendras un rapport de nettoyage.
Poste-moi le rapport.

Ensuite ::

-Télécharge la mise à jours JaVa ici -> http://www.java.com/fr/download/windows ... w.java.com
-Va dans "Démarre"->Tous les programmes->"Windows Update" ; effectue La/Les mises à jours.

Voici la liste de tous les Antivirus que ton pc possède:

McAfee Security Center.
Avast®Antivirus
Network Associates®McAfee VirusScan
Network Associates®McAfee Internet Security Suite
Network Associate®Internet Security Suite
ESET Online Scanner
Microsoft Windows Defender

Je vais donc te demander de tous supprimer via "Ajout et suppression des programmes" sauf Avast®Antivirus .
Tu peut garder Malwarebytes , il te seras très utile prochainement...

Je te conseil fortement de changer de Mot de passe msn en y mettant un à 8 chiffres ex: alex1234

Voila , à tout :wink:

amelie034 · le 29 Avr 2011 09:50

merci pour tte ces manip.

voila le nouveau rapport:

Code: Tout sélectionner: Rapport de ZHPFix 1.12.3279 par Nicolas Coolman, Update du 27/04/2011 Fichier d'export Registre : C:\ZHPExportRegistry-29-04-2011-10-47-43.txt Run by Amélie at 29/04/2011 10:47:43 Windows 7 Home Premium Edition, 64-bit (Build 7600) Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html ========== Processus mémoire ========== C:\Users\Amélie\AppData\Local\Temp\sai8B13.exe [20533281] => Supprimé et mis en quarantaine ========== Clé(s) du Registre ========== HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29} => Clé supprimée avec succès HKCU\Software\AppDataLow\LastScanTime => Clé supprimée avec succès ========== Dossier(s) ========== Dossiers temporaires Windows supprimés: 145 ========== Fichier(s) ========== Fichiers temporaires Windows supprimés : 319 ========== Récapitulatif ========== 1 : Processus mémoire 2 : Clé(s) du Registre 1 : Dossier(s) 1 : Fichier(s) End of the scan

je fais le reste tout de suite

amelie034 · le 29 Avr 2011 11:06

voila tout est ok!

amelie034 · le 29 Avr 2011 12:13

il y a t'il encore quelque chose a effectuer?

et pour les conseils que tu devais me donner je suis preneuse

le petit frere de mon conjoint n'a desormais plus le droit d'acces sur ce pc. c'est lui que je soupçonne pour les sites bizarres qui m'auraient causer tous ces virus... grrr

merci mille fois en tout cas!

[Régle] AdAware.ClickPotato

[Régle] AdAware.ClickPotato

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Re: VIRUS msn...

Sujets similaires

Qui est en ligne