Bonjour à tous;
Si quelqu' un pouvait me sortir de cette galère;
Depuis 3 mois, je ne peux faire aucune mise à jour 'windows update" et j' ai toujours le code d' erreur, "80072 EFE". Et chaque fois que j' ouvre mon ordi, je dois m'y reprendre à 3 ou 4 fois car il ne peut se connexter à Windouws. Il semblerait que j' ai attrapé un virus.
J' ai la haine !!
Merci d' avance à vous tous.
[résolu] A l' aide !!!
-
nardino
- Modérateurs
- Messages : 11993
- Enregistré le : 05 févr. 2007, 17:38
- Localisation : Reims
- Contact :
Re: A l' aide !!!
Bonjour
Il faut commencer par faire de scans avec ton antivirus et Windows Defender par exemple.
Si les problèmes persistent, suis la procédure suivante.
Télécharge et installe Malwarebytes Anti-Malware de RubbeR DuckY
Double-clique sur le fichier mbam-setup-1.46.exe (sous Vista et 7 autorise les modifications)
A la fin de l'installation, veille à ce que les options suivantes soient cochées Clique sur Terminer
Une fenêtre Mise à jour de Malwarebytes' Anti-Malware va s'ouvrir avec une barre de progression.
Puis une autre annonçant le succès de la mise à jour de la base de données. Clique sur OK.
Le programme s'ouvre sur l'onglet Recherche.
Coche
Exécuter un examen rapide, clique sur le bouton 
A la fin du scan, sélectionne tout et clique sur Supprimer la sélection
Poste le rapport qui s'ouvre après cette suppression.
Redémarre le pc si cela est demandé
Tu peux retrouver le rapport dans l'onglet Rapports/Logs avec la date et l'heure d'exécution.
Télécharge ZHPDiag de Nicolas Coolman sur ton bureau.
Clique sur 
pour vérifier si une mise à jour du logiciel est disponible.
Clique sur 
pour lancer le scan.
Clique sur 
quand le scan sera terminé pour mettre le rapport dans le presse-papier.
Poste ce dernier dans ta réponse en appuyant sur les touches CTRL+V
Referme l'outil.
Le rapport sera enregistré sur le bureau. 
Rappel pour faire un copier-coller.
@+
Il faut commencer par faire de scans avec ton antivirus et Windows Defender par exemple.
Si les problèmes persistent, suis la procédure suivante.
Télécharge et installe Malwarebytes Anti-Malware de RubbeR DuckY Double-clique sur le fichier mbam-setup-1.46.exe (sous Vista et 7 autorise les modifications)A la fin de l'installation, veille à ce que les options suivantes soient cochées
- -Mettre à jour Malwarebytes' Anti-Malware
-Exécuter Malwarebytes' Anti-Malware
Clique sur TerminerUne fenêtre Mise à jour de Malwarebytes' Anti-Malware va s'ouvrir avec une barre de progression.
Puis une autre annonçant le succès de la mise à jour de la base de données. Clique sur OK.
Le programme s'ouvre sur l'onglet Recherche.
Coche
Exécuter un examen rapide, clique sur le bouton A la fin du scan, sélectionne tout et clique sur Supprimer la sélection Poste le rapport qui s'ouvre après cette suppression.Redémarre le pc si cela est demandé
Tu peux retrouver le rapport dans l'onglet Rapports/Logs avec la date et l'heure d'exécution.
Télécharge ZHPDiag de Nicolas Coolman sur ton bureau.- Clique sur
pour lancer l'installation.
Clique sur 
pour lancer le programme.
Clique sur pour vérifier si une mise à jour du logiciel est disponible. Clique sur pour lancer le scan. Clique sur quand le scan sera terminé pour mettre le rapport dans le presse-papier. Poste ce dernier dans ta réponse en appuyant sur les touches CTRL+V Referme l'outil. Le rapport sera enregistré sur le bureau. Rappel pour faire un copier-coller.- Appuie sur les touches CTRL+A pour sélectionner tout le rapport, puis sur CTRL+C pour tout copier dans le presse-papier.
Dans ta réponse tu appuies sur CTRL+V pour coller le contenu du presse-papier.
Tu renouvelles pour chaque rapport demandé.
@+
Clic sur l'image pour ouvrir le site.
Re: A l' aide !!!
bonsoir Nardino,
Comme prévu, j' ai essayé de suivre vos instructions. Voici le 1er rapport.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4532
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
02/09/2010 21:02:42
mbam-log-2010-09-02 (21-02-42).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 165119
Temps écoulé: 14 minute(s), 8 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 35
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 29
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\smartshopper.hbax (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.hbax.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.hbinfoband (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.hbinfoband.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebutton (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebutton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttona (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttona.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttonb (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttonb.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.smrtshprctl (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.smrtshprctl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{08aa0598-6a23-4364-9bf4-6d5f57f42993} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b0e8c398-dabe-4ce1-b4d9-ed43b64923f5} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c7f127df-8877-4e1e-a196-fbbecbc5bc6d} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{064c57b4-b9ec-425f-b9b3-bceffeea74d9} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0755e4f0-3f92-4a67-ad14-e9f287f76fbc} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{137e6e5e-a205-4657-a49f-1ab865787089} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2260d608-c844-435d-90fd-dc16cfa577f2} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bceb373d-a35a-4200-bd43-8586cd9dfae7} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{2615f050-9c18-4267-b711-8e3687dc0145} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ca295d63-514a-4ed0-9b5f-640890f2366b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cb0d9d8c-535e-4352-ba8f-65c3c8676612} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2ba1c226-ec1b-4471-a65f-d0688ac6ee3a} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ba1c226-ec1b-4471-a65f-d0688ac6ee3a} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\google updater (Backdoor.IRCBot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\smartshopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\Bin (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\Bin\2.5.0 (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Stéphane\AppData\Local\Temp\trzB1D.tmp (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf0.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf1.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf2.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf5.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf6.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf8.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf9.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sfz.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sg0.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgb.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgc.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sge.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgf.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgk.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgn.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgr.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgu.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgx.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP0000006F3F0E74F30C138A4E (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\antiphishing.html (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\phishAlert.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\x.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\xActive.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper - Comapre product prices.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper - Compare travel rate.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper Help.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\Uninstall SmartShopper.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Roaming\chrtmp (Malware.Trace) -> Quarantined and deleted successfully.
Comme prévu, j' ai essayé de suivre vos instructions. Voici le 1er rapport.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4532
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
02/09/2010 21:02:42
mbam-log-2010-09-02 (21-02-42).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 165119
Temps écoulé: 14 minute(s), 8 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 35
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 29
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\smartshopper.hbax (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.hbax.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.hbinfoband (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.hbinfoband.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebutton (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebutton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttona (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttona.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttonb (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.iebuttonb.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.smrtshprctl (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smartshopper.smrtshprctl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{08aa0598-6a23-4364-9bf4-6d5f57f42993} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b0e8c398-dabe-4ce1-b4d9-ed43b64923f5} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c7f127df-8877-4e1e-a196-fbbecbc5bc6d} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{064c57b4-b9ec-425f-b9b3-bceffeea74d9} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0755e4f0-3f92-4a67-ad14-e9f287f76fbc} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{137e6e5e-a205-4657-a49f-1ab865787089} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2260d608-c844-435d-90fd-dc16cfa577f2} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bceb373d-a35a-4200-bd43-8586cd9dfae7} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{2615f050-9c18-4267-b711-8e3687dc0145} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ca295d63-514a-4ed0-9b5f-640890f2366b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cb0d9d8c-535e-4352-ba8f-65c3c8676612} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2ba1c226-ec1b-4471-a65f-d0688ac6ee3a} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ba1c226-ec1b-4471-a65f-d0688ac6ee3a} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\google updater (Backdoor.IRCBot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\smartshopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\Bin (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\Bin\2.5.0 (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Stéphane\AppData\Local\Temp\trzB1D.tmp (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf0.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf1.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf2.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf5.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf6.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf8.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sf9.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sfz.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sg0.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgb.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgc.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sge.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgf.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgk.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgn.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgr.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgu.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Local\Temp\Sgx.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP0000006F3F0E74F30C138A4E (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\antiphishing.html (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\phishAlert.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\x.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\smartshopper\cs\antiphishing\xActive.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper - Comapre product prices.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper - Compare travel rate.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper Help.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\Uninstall SmartShopper.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Users\Stéphane\AppData\Roaming\chrtmp (Malware.Trace) -> Quarantined and deleted successfully.
Re: A l' aide !!!
2ème rapport (1ère partie)
Rapport de ZHPDiag v1.26.57 par Nicolas Coolman, Update du 24/08/2010
Run by Stéphane at 02/09/2010 21:25:57
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18904
---\\ System Information
Platform : Windows Vista (TM) Home Basic (6.0.6002) Service Pack 2
Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 893 MB (33% free)
System drive C: has 25 GB (23%) free of 108 GB
---\\ Logged in mode
Computer Name: PC-DE-STÉPHANE
User Name: Stéphane
All Users Names: vors, Stéphane, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 108 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 27 Go of 27 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
---\\ Processus lancés
[MD5.56CB0B799AE61EA3BB8FBEB693ABF7D3] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
[MD5.A086B1BDCCA45A5D346187B14BE3D7BC] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4317184]
[MD5.D0CB6BF215D2F222211C4214CEF798CA] - (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe [1476608]
[MD5.0282F454BF380AF26EFC3913C6D435FF] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1983816]
[MD5.38AE7A942FC3FAB1C6A27EB65DE8F827] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2837864]
[MD5.C45617113F717A1A155844A6F3FF4A52] - (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe [484888]
[MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.5A5D3967788653B73ECC260B6329AC5B] - (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe [100304]
[MD5.E207A39FF4847AA5805CC223778BBFE1] - (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe [6061400]
[MD5.27F8BF031D9332C9C02AE8C1357185B3] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [168792]
[MD5.723FCCFC592E5A022BD7FFC87B55AE91] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [651096]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.AA3C50EFF3007C9A421D8300B4E033F5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [547328]
---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.50106.0.) -- c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {472734EA-242A-422b-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) (3, 0, 0, 204) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} . (.Microsoft Corporation - Family Safety Browser Helper Object Library.) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [MoneyStartUp10.0] . (.Microsoft Corporation - Microsoft Money Startup.) -- C:\Program Files\Microsoft Money\System\Activation.exe
O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] . (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SMSTray] . (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [PCTools FGuard] . (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKCU\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - Global Startup: Canon IJ Status Monitor Canon MP250 series Printer.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\system32\rundll32.exe
O4 - Global Startup: Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech - Product Registration.) -- C:\Program Files\Logitech\Ereg\eReg.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.co ... 3289628705
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.photoweb.fr/telechargement/t ... .5.6.0.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service (Browser Defender Update Service) . (.Threat Expert Ltd. - Browser Defender Update Service.) - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire - Pas de description.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McciCMService (McciCMService) . (.Motive Communications, Inc. - mcci+McciCMService.) - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{0B79F7E2-3D61-4EE1-9AB9-4950D04FDB3D}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{27C63E4E-3208-4113-BD0B-94047F79BC3A}.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{F37CDB89-CEDA-4AF5-8FB6-96D1BA683A96} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\INF\mswmp.inf
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r82.) -- C:\Windows\system32\Macromed\Flash\Flash10i.ocx
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center Ex - (.ATI Technologies Inc..) [HKLM] -- {00905C35-3A76-5952-CB6A-CDAFCD6B517D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.2.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A82000000003}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Ares 2.1.2 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
O42 - Logiciel: AstroriX - (.Pas de propriétaire.) [HKLM] -- AstroriX
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B}
O42 - Logiciel: Browser Defender 3.0 - (.Threat Expert Ltd..) [HKLM] -- Browser Defender
O42 - Logiciel: Bubbletown - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}
O42 - Logiciel: Call Of Atlantis - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115704307}
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}
O42 - Logiciel: Canon Easy-WebPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-WebPrint EX
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0
O42 - Logiciel: Canon MP250 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Casse Tête Mania - (.SDLL.) [HKLM] -- {6D58EAA4-9777-4493-B14D-804CC9693362}
O42 - Logiciel: Casse-brique DELUXE - (.Pas de propriétaire.) [HKLM] -- Casse-brique DELUXE
O42 - Logiciel: Charm School Demo version 1.11 - (.Pas de propriétaire.) [HKLM] -- Charm School Demo
O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F}
O42 - Logiciel: Digimax Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: DoomBall - (.Pas de propriétaire.) [HKLM] -- DoomBall
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: Enregistrement utilisateur de Canon MP250 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP250 series
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CA6047C-D28B-4295-834A-07C52BA20C2D}
O42 - Logiciel: Franklin la Tortue et le club secret - (.Pas de propriétaire.) [HKLM] -- Franklin la Tortue et le club secret
O42 - Logiciel: Galerie de cliparts v1.14 - (.Cete Normandie Centre..) [HKLM] -- Galerie de cliparts
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Java(TM) 6 Update 21 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}
O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}
O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
O42 - Logiciel: Logitech Vid - (.Logitech Inc..) [HKLM] -- {4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware
O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live
O42 - Logiciel: Messenger_Plus_Live_France Toolbar - (.Pas de propriétaire.) [HKLM] -- Messenger_Plus_Live_France Toolbar
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Mon atelier d'écriture - (.Pas de propriétaire.) [HKLM] -- Mon atelier d'écriture
O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- {E7298FD8-1386-11D5-8D6C-0050DAD32D95}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mots Croisés et Autres Jeux de Mots V3 - (.Pas de propriétaire.) [HKLM] -- Mots Croisés et Autres Jeux de Mots V3
O42 - Logiciel: MultiDiff-Explorer 1.0 - (.Pas de propriétaire.) [HKLM] -- MultiDiff-Explorer
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {D34D82E0-4600-407B-9478-8506C1DD1036}
O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] -- Live Search
O42 - Logiciel: OpenOffice.org 2.1 - (.OpenOffice.org.) [HKLM] -- {E5430A11-6799-41E0-A9D5-F68BDC67AAD8}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCFix - (.Dubai Click LLC.) [HKLM] -- PC Fix 2010
O42 - Logiciel: Paintball Party 1.1 - (.Pas de propriétaire.) [HKLM] -- Paintball Party
O42 - Logiciel: Pinball - (.Pas de propriétaire.) [HKLM] -- {5F647107-C2BA-11D3-9A6D-0000B455B172}
O42 - Logiciel: Ploing 2 - demo - (.suricate software.) [HKLM] -- Ploing 2 - demo
O42 - Logiciel: Polices de caractères Ministère v1.2 - (.Pas de propriétaire.) [HKLM] -- Installation de Polices de caractères
O42 - Logiciel: Puzzle Bobble 2x - (.Pas de propriétaire.) [HKLM] -- PB2DeinstKey
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung USB Driver - (.Pas de propriétaire.) [HKLM] -- {86D6A20D-3910-4441-A3E5-EB6977251C86}
O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM] -- {EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Surligneur (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {81B5F83F-2291-48B0-8375-36B63A9BF5B0}
O42 - Logiciel: SweetIM for Messenger 2.5 - (.SweetIM Technologies Ltd..) [HKLM] -- {EC6BD2CC-2DCF-4AD8-A8DD-DF89D29EEF3F}
O42 - Logiciel: Test Quelle célébrité êtes-vous ? - (.Pas de propriétaire.) [HKCU] -- QuelleCelebriteEtesVous
O42 - Logiciel: Test_OnlineDiagnostic - (.Ihr Firmenname.) [HKLM] -- {538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VideoLAN VLC media player 0.8.6c - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: live assistant - (.Pas de propriétaire.) [HKLM] -- live assistant
O42 - Logiciel: livebox - (.SAGEM.) [HKLM] -- {17342E3B-0818-4A6F-BFF8-99476605ADD6}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\SmartShopper]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Ares]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\FotoWire]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\LanConfig]
[HKCU\Software\Leadertech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Motive]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nurium_Games]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orange]
[HKCU\Software\PCFix]
[HKCU\Software\Patchou]
[HKCU\Software\Pointsoft]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\Samsung Media Studio]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Stoik]
[HKCU\Software\Symantec]
[HKCU\Software\Threat Expert]
[HKCU\Software\Trolltech]
[HKCU\Software\Windows Live]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\ahead]
[HKCU\Software\eMule]
[HKCU\Software\keyhole.com]
[HKCU\Software\shockwave.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Anuman Interactive]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Contrôle Parental]
[HKLM\Software\DigimaxMaster]
[HKLM\Software\EPSON]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\Fujitsu Siemens]
[HKLM\Software\GNU]
[HKLM\Software\Gamebank]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Knowledge Adventure]
[HKLM\Software\Licenses]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MarkAny]
[HKLM\Software\Messenger_Plus_Live_France]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Orange]
[HKLM\Software\PCTools]
[HKLM\Software\Patchou]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\Redoubt]
[HKLM\Software\Reflexive Entertainment]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SECURITOO]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sagem]
[HKLM\Software\Samsung]
[HKLM\Software\Sensible Vision]
[HKLM\Software\Silver]
[HKLM\Software\Springfield]
[HKLM\Software\Symantec]
[HKLM\Software\The Learning Company]
[HKLM\Software\Threat Expert]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Windows]
[HKLM\Software\ahead]
[HKLM\Software\mozilla.org]
Rapport de ZHPDiag v1.26.57 par Nicolas Coolman, Update du 24/08/2010
Run by Stéphane at 02/09/2010 21:25:57
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18904
---\\ System Information
Platform : Windows Vista (TM) Home Basic (6.0.6002) Service Pack 2
Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 893 MB (33% free)
System drive C: has 25 GB (23%) free of 108 GB
---\\ Logged in mode
Computer Name: PC-DE-STÉPHANE
User Name: Stéphane
All Users Names: vors, Stéphane, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 108 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 27 Go of 27 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
---\\ Processus lancés
[MD5.56CB0B799AE61EA3BB8FBEB693ABF7D3] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
[MD5.A086B1BDCCA45A5D346187B14BE3D7BC] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4317184]
[MD5.D0CB6BF215D2F222211C4214CEF798CA] - (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe [1476608]
[MD5.0282F454BF380AF26EFC3913C6D435FF] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1983816]
[MD5.38AE7A942FC3FAB1C6A27EB65DE8F827] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2837864]
[MD5.C45617113F717A1A155844A6F3FF4A52] - (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe [484888]
[MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.5A5D3967788653B73ECC260B6329AC5B] - (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe [100304]
[MD5.E207A39FF4847AA5805CC223778BBFE1] - (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe [6061400]
[MD5.27F8BF031D9332C9C02AE8C1357185B3] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [168792]
[MD5.723FCCFC592E5A022BD7FFC87B55AE91] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [651096]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.AA3C50EFF3007C9A421D8300B4E033F5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [547328]
---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.50106.0.) -- c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {472734EA-242A-422b-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) (3, 0, 0, 204) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} . (.Microsoft Corporation - Family Safety Browser Helper Object Library.) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [MoneyStartUp10.0] . (.Microsoft Corporation - Microsoft Money Startup.) -- C:\Program Files\Microsoft Money\System\Activation.exe
O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] . (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SMSTray] . (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [PCTools FGuard] . (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKCU\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - Global Startup: Canon IJ Status Monitor Canon MP250 series Printer.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\system32\rundll32.exe
O4 - Global Startup: Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech - Product Registration.) -- C:\Program Files\Logitech\Ereg\eReg.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.co ... 3289628705
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.photoweb.fr/telechargement/t ... .5.6.0.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service (Browser Defender Update Service) . (.Threat Expert Ltd. - Browser Defender Update Service.) - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire - Pas de description.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McciCMService (McciCMService) . (.Motive Communications, Inc. - mcci+McciCMService.) - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{0B79F7E2-3D61-4EE1-9AB9-4950D04FDB3D}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{27C63E4E-3208-4113-BD0B-94047F79BC3A}.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{F37CDB89-CEDA-4AF5-8FB6-96D1BA683A96} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\INF\mswmp.inf
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r82.) -- C:\Windows\system32\Macromed\Flash\Flash10i.ocx
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center Ex - (.ATI Technologies Inc..) [HKLM] -- {00905C35-3A76-5952-CB6A-CDAFCD6B517D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.2.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A82000000003}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Ares 2.1.2 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
O42 - Logiciel: AstroriX - (.Pas de propriétaire.) [HKLM] -- AstroriX
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B}
O42 - Logiciel: Browser Defender 3.0 - (.Threat Expert Ltd..) [HKLM] -- Browser Defender
O42 - Logiciel: Bubbletown - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}
O42 - Logiciel: Call Of Atlantis - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115704307}
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}
O42 - Logiciel: Canon Easy-WebPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-WebPrint EX
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0
O42 - Logiciel: Canon MP250 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Casse Tête Mania - (.SDLL.) [HKLM] -- {6D58EAA4-9777-4493-B14D-804CC9693362}
O42 - Logiciel: Casse-brique DELUXE - (.Pas de propriétaire.) [HKLM] -- Casse-brique DELUXE
O42 - Logiciel: Charm School Demo version 1.11 - (.Pas de propriétaire.) [HKLM] -- Charm School Demo
O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F}
O42 - Logiciel: Digimax Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: DoomBall - (.Pas de propriétaire.) [HKLM] -- DoomBall
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: Enregistrement utilisateur de Canon MP250 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP250 series
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CA6047C-D28B-4295-834A-07C52BA20C2D}
O42 - Logiciel: Franklin la Tortue et le club secret - (.Pas de propriétaire.) [HKLM] -- Franklin la Tortue et le club secret
O42 - Logiciel: Galerie de cliparts v1.14 - (.Cete Normandie Centre..) [HKLM] -- Galerie de cliparts
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Java(TM) 6 Update 21 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}
O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}
O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
O42 - Logiciel: Logitech Vid - (.Logitech Inc..) [HKLM] -- {4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware
O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live
O42 - Logiciel: Messenger_Plus_Live_France Toolbar - (.Pas de propriétaire.) [HKLM] -- Messenger_Plus_Live_France Toolbar
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Mon atelier d'écriture - (.Pas de propriétaire.) [HKLM] -- Mon atelier d'écriture
O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- {E7298FD8-1386-11D5-8D6C-0050DAD32D95}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mots Croisés et Autres Jeux de Mots V3 - (.Pas de propriétaire.) [HKLM] -- Mots Croisés et Autres Jeux de Mots V3
O42 - Logiciel: MultiDiff-Explorer 1.0 - (.Pas de propriétaire.) [HKLM] -- MultiDiff-Explorer
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {D34D82E0-4600-407B-9478-8506C1DD1036}
O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] -- Live Search
O42 - Logiciel: OpenOffice.org 2.1 - (.OpenOffice.org.) [HKLM] -- {E5430A11-6799-41E0-A9D5-F68BDC67AAD8}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCFix - (.Dubai Click LLC.) [HKLM] -- PC Fix 2010
O42 - Logiciel: Paintball Party 1.1 - (.Pas de propriétaire.) [HKLM] -- Paintball Party
O42 - Logiciel: Pinball - (.Pas de propriétaire.) [HKLM] -- {5F647107-C2BA-11D3-9A6D-0000B455B172}
O42 - Logiciel: Ploing 2 - demo - (.suricate software.) [HKLM] -- Ploing 2 - demo
O42 - Logiciel: Polices de caractères Ministère v1.2 - (.Pas de propriétaire.) [HKLM] -- Installation de Polices de caractères
O42 - Logiciel: Puzzle Bobble 2x - (.Pas de propriétaire.) [HKLM] -- PB2DeinstKey
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung USB Driver - (.Pas de propriétaire.) [HKLM] -- {86D6A20D-3910-4441-A3E5-EB6977251C86}
O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM] -- {EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Surligneur (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {81B5F83F-2291-48B0-8375-36B63A9BF5B0}
O42 - Logiciel: SweetIM for Messenger 2.5 - (.SweetIM Technologies Ltd..) [HKLM] -- {EC6BD2CC-2DCF-4AD8-A8DD-DF89D29EEF3F}
O42 - Logiciel: Test Quelle célébrité êtes-vous ? - (.Pas de propriétaire.) [HKCU] -- QuelleCelebriteEtesVous
O42 - Logiciel: Test_OnlineDiagnostic - (.Ihr Firmenname.) [HKLM] -- {538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VideoLAN VLC media player 0.8.6c - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: live assistant - (.Pas de propriétaire.) [HKLM] -- live assistant
O42 - Logiciel: livebox - (.SAGEM.) [HKLM] -- {17342E3B-0818-4A6F-BFF8-99476605ADD6}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\SmartShopper]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Ares]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\FotoWire]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\LanConfig]
[HKCU\Software\Leadertech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Motive]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nurium_Games]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orange]
[HKCU\Software\PCFix]
[HKCU\Software\Patchou]
[HKCU\Software\Pointsoft]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\Samsung Media Studio]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Stoik]
[HKCU\Software\Symantec]
[HKCU\Software\Threat Expert]
[HKCU\Software\Trolltech]
[HKCU\Software\Windows Live]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\ahead]
[HKCU\Software\eMule]
[HKCU\Software\keyhole.com]
[HKCU\Software\shockwave.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Anuman Interactive]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Contrôle Parental]
[HKLM\Software\DigimaxMaster]
[HKLM\Software\EPSON]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\Fujitsu Siemens]
[HKLM\Software\GNU]
[HKLM\Software\Gamebank]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Knowledge Adventure]
[HKLM\Software\Licenses]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MarkAny]
[HKLM\Software\Messenger_Plus_Live_France]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Orange]
[HKLM\Software\PCTools]
[HKLM\Software\Patchou]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\Redoubt]
[HKLM\Software\Reflexive Entertainment]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SECURITOO]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sagem]
[HKLM\Software\Samsung]
[HKLM\Software\Sensible Vision]
[HKLM\Software\Silver]
[HKLM\Software\Springfield]
[HKLM\Software\Symantec]
[HKLM\Software\The Learning Company]
[HKLM\Software\Threat Expert]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Windows]
[HKLM\Software\ahead]
[HKLM\Software\mozilla.org]
Re: A l' aide !!!
2ème rapport (1ère partie)
Rapport de ZHPDiag v1.26.57 par Nicolas Coolman, Update du 24/08/2010
Run by Stéphane at 02/09/2010 21:25:57
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18904
---\\ System Information
Platform : Windows Vista (TM) Home Basic (6.0.6002) Service Pack 2
Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 893 MB (33% free)
System drive C: has 25 GB (23%) free of 108 GB
---\\ Logged in mode
Computer Name: PC-DE-STÉPHANE
User Name: Stéphane
All Users Names: vors, Stéphane, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 108 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 27 Go of 27 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
---\\ Processus lancés
[MD5.56CB0B799AE61EA3BB8FBEB693ABF7D3] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
[MD5.A086B1BDCCA45A5D346187B14BE3D7BC] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4317184]
[MD5.D0CB6BF215D2F222211C4214CEF798CA] - (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe [1476608]
[MD5.0282F454BF380AF26EFC3913C6D435FF] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1983816]
[MD5.38AE7A942FC3FAB1C6A27EB65DE8F827] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2837864]
[MD5.C45617113F717A1A155844A6F3FF4A52] - (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe [484888]
[MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.5A5D3967788653B73ECC260B6329AC5B] - (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe [100304]
[MD5.E207A39FF4847AA5805CC223778BBFE1] - (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe [6061400]
[MD5.27F8BF031D9332C9C02AE8C1357185B3] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [168792]
[MD5.723FCCFC592E5A022BD7FFC87B55AE91] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [651096]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.AA3C50EFF3007C9A421D8300B4E033F5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [547328]
---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.50106.0.) -- c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {472734EA-242A-422b-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) (3, 0, 0, 204) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} . (.Microsoft Corporation - Family Safety Browser Helper Object Library.) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [MoneyStartUp10.0] . (.Microsoft Corporation - Microsoft Money Startup.) -- C:\Program Files\Microsoft Money\System\Activation.exe
O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] . (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SMSTray] . (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [PCTools FGuard] . (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKCU\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - Global Startup: Canon IJ Status Monitor Canon MP250 series Printer.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\system32\rundll32.exe
O4 - Global Startup: Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech - Product Registration.) -- C:\Program Files\Logitech\Ereg\eReg.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.co ... 3289628705
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.photoweb.fr/telechargement/t ... .5.6.0.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service (Browser Defender Update Service) . (.Threat Expert Ltd. - Browser Defender Update Service.) - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire - Pas de description.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McciCMService (McciCMService) . (.Motive Communications, Inc. - mcci+McciCMService.) - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{0B79F7E2-3D61-4EE1-9AB9-4950D04FDB3D}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{27C63E4E-3208-4113-BD0B-94047F79BC3A}.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{F37CDB89-CEDA-4AF5-8FB6-96D1BA683A96} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\INF\mswmp.inf
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r82.) -- C:\Windows\system32\Macromed\Flash\Flash10i.ocx
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center Ex - (.ATI Technologies Inc..) [HKLM] -- {00905C35-3A76-5952-CB6A-CDAFCD6B517D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.2.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A82000000003}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Ares 2.1.2 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
O42 - Logiciel: AstroriX - (.Pas de propriétaire.) [HKLM] -- AstroriX
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B}
O42 - Logiciel: Browser Defender 3.0 - (.Threat Expert Ltd..) [HKLM] -- Browser Defender
O42 - Logiciel: Bubbletown - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}
O42 - Logiciel: Call Of Atlantis - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115704307}
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}
O42 - Logiciel: Canon Easy-WebPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-WebPrint EX
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0
O42 - Logiciel: Canon MP250 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Casse Tête Mania - (.SDLL.) [HKLM] -- {6D58EAA4-9777-4493-B14D-804CC9693362}
O42 - Logiciel: Casse-brique DELUXE - (.Pas de propriétaire.) [HKLM] -- Casse-brique DELUXE
O42 - Logiciel: Charm School Demo version 1.11 - (.Pas de propriétaire.) [HKLM] -- Charm School Demo
O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F}
O42 - Logiciel: Digimax Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: DoomBall - (.Pas de propriétaire.) [HKLM] -- DoomBall
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: Enregistrement utilisateur de Canon MP250 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP250 series
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CA6047C-D28B-4295-834A-07C52BA20C2D}
O42 - Logiciel: Franklin la Tortue et le club secret - (.Pas de propriétaire.) [HKLM] -- Franklin la Tortue et le club secret
O42 - Logiciel: Galerie de cliparts v1.14 - (.Cete Normandie Centre..) [HKLM] -- Galerie de cliparts
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Java(TM) 6 Update 21 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}
O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}
O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
O42 - Logiciel: Logitech Vid - (.Logitech Inc..) [HKLM] -- {4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware
O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live
O42 - Logiciel: Messenger_Plus_Live_France Toolbar - (.Pas de propriétaire.) [HKLM] -- Messenger_Plus_Live_France Toolbar
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Mon atelier d'écriture - (.Pas de propriétaire.) [HKLM] -- Mon atelier d'écriture
O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- {E7298FD8-1386-11D5-8D6C-0050DAD32D95}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mots Croisés et Autres Jeux de Mots V3 - (.Pas de propriétaire.) [HKLM] -- Mots Croisés et Autres Jeux de Mots V3
O42 - Logiciel: MultiDiff-Explorer 1.0 - (.Pas de propriétaire.) [HKLM] -- MultiDiff-Explorer
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {D34D82E0-4600-407B-9478-8506C1DD1036}
O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] -- Live Search
O42 - Logiciel: OpenOffice.org 2.1 - (.OpenOffice.org.) [HKLM] -- {E5430A11-6799-41E0-A9D5-F68BDC67AAD8}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCFix - (.Dubai Click LLC.) [HKLM] -- PC Fix 2010
O42 - Logiciel: Paintball Party 1.1 - (.Pas de propriétaire.) [HKLM] -- Paintball Party
O42 - Logiciel: Pinball - (.Pas de propriétaire.) [HKLM] -- {5F647107-C2BA-11D3-9A6D-0000B455B172}
O42 - Logiciel: Ploing 2 - demo - (.suricate software.) [HKLM] -- Ploing 2 - demo
O42 - Logiciel: Polices de caractères Ministère v1.2 - (.Pas de propriétaire.) [HKLM] -- Installation de Polices de caractères
O42 - Logiciel: Puzzle Bobble 2x - (.Pas de propriétaire.) [HKLM] -- PB2DeinstKey
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung USB Driver - (.Pas de propriétaire.) [HKLM] -- {86D6A20D-3910-4441-A3E5-EB6977251C86}
O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM] -- {EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Surligneur (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {81B5F83F-2291-48B0-8375-36B63A9BF5B0}
O42 - Logiciel: SweetIM for Messenger 2.5 - (.SweetIM Technologies Ltd..) [HKLM] -- {EC6BD2CC-2DCF-4AD8-A8DD-DF89D29EEF3F}
O42 - Logiciel: Test Quelle célébrité êtes-vous ? - (.Pas de propriétaire.) [HKCU] -- QuelleCelebriteEtesVous
O42 - Logiciel: Test_OnlineDiagnostic - (.Ihr Firmenname.) [HKLM] -- {538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VideoLAN VLC media player 0.8.6c - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: live assistant - (.Pas de propriétaire.) [HKLM] -- live assistant
O42 - Logiciel: livebox - (.SAGEM.) [HKLM] -- {17342E3B-0818-4A6F-BFF8-99476605ADD6}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\SmartShopper]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Ares]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\FotoWire]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\LanConfig]
[HKCU\Software\Leadertech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Motive]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nurium_Games]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orange]
[HKCU\Software\PCFix]
[HKCU\Software\Patchou]
[HKCU\Software\Pointsoft]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\Samsung Media Studio]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Stoik]
[HKCU\Software\Symantec]
[HKCU\Software\Threat Expert]
[HKCU\Software\Trolltech]
[HKCU\Software\Windows Live]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\ahead]
[HKCU\Software\eMule]
[HKCU\Software\keyhole.com]
[HKCU\Software\shockwave.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Anuman Interactive]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Contrôle Parental]
[HKLM\Software\DigimaxMaster]
[HKLM\Software\EPSON]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\Fujitsu Siemens]
[HKLM\Software\GNU]
[HKLM\Software\Gamebank]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Knowledge Adventure]
[HKLM\Software\Licenses]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MarkAny]
[HKLM\Software\Messenger_Plus_Live_France]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Orange]
[HKLM\Software\PCTools]
[HKLM\Software\Patchou]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\Redoubt]
[HKLM\Software\Reflexive Entertainment]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SECURITOO]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sagem]
[HKLM\Software\Samsung]
[HKLM\Software\Sensible Vision]
[HKLM\Software\Silver]
[HKLM\Software\Springfield]
[HKLM\Software\Symantec]
[HKLM\Software\The Learning Company]
[HKLM\Software\Threat Expert]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Windows]
[HKLM\Software\ahead]
[HKLM\Software\mozilla.org]
Rapport de ZHPDiag v1.26.57 par Nicolas Coolman, Update du 24/08/2010
Run by Stéphane at 02/09/2010 21:25:57
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18904
---\\ System Information
Platform : Windows Vista (TM) Home Basic (6.0.6002) Service Pack 2
Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 893 MB (33% free)
System drive C: has 25 GB (23%) free of 108 GB
---\\ Logged in mode
Computer Name: PC-DE-STÉPHANE
User Name: Stéphane
All Users Names: vors, Stéphane, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 108 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 27 Go of 27 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
---\\ Processus lancés
[MD5.56CB0B799AE61EA3BB8FBEB693ABF7D3] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25984]
[MD5.A086B1BDCCA45A5D346187B14BE3D7BC] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4317184]
[MD5.D0CB6BF215D2F222211C4214CEF798CA] - (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe [1476608]
[MD5.0282F454BF380AF26EFC3913C6D435FF] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1983816]
[MD5.38AE7A942FC3FAB1C6A27EB65DE8F827] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2837864]
[MD5.C45617113F717A1A155844A6F3FF4A52] - (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe [484888]
[MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.5A5D3967788653B73ECC260B6329AC5B] - (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe [100304]
[MD5.E207A39FF4847AA5805CC223778BBFE1] - (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe [6061400]
[MD5.27F8BF031D9332C9C02AE8C1357185B3] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [168792]
[MD5.723FCCFC592E5A022BD7FFC87B55AE91] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [651096]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.AA3C50EFF3007C9A421D8300B4E033F5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [547328]
---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.50106.0.) -- c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 0, 10) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {472734EA-242A-422b-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) (3, 0, 0, 204) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} . (.Microsoft Corporation - Family Safety Browser Helper Object Library.) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [MoneyStartUp10.0] . (.Microsoft Corporation - Microsoft Money Startup.) -- C:\Program Files\Microsoft Money\System\Activation.exe
O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Orange_McciTrayApp] . (.Motive Communications, Inc. - mcci+McciTrayApp.) -- C:\Program Files\Orange\LiveAssistant.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SMSTray] . (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [PCTools FGuard] . (.Pas de propriétaire - FakeGuard Module.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKCU\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [StartServiceLMEPRSSF] Clé orpheline
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\vid.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [PCFix] . (.Pas de propriétaire - PC Fix 2010 | Registry Cleaner.) -- C:\Program Files\PCFix\PCFix.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKUS\S-1-5-21-2714508919-2839471004-3664764919-1000\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.exe6725-434B-863A-7D7B3DCCF703}; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729) -http:\\www.vivelejeu.com\games\Santa-Balls-2 (.not file.)
O4 - Global Startup: Canon IJ Status Monitor Canon MP250 series Printer.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\system32\rundll32.exe
O4 - Global Startup: Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech - Product Registration.) -- C:\Program Files\Logitech\Ereg\eReg.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.co ... 3289628705
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.photoweb.fr/telechargement/t ... .5.6.0.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8BB3228B-D0B2-4223-B5A3-411DC2CC70C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service (Browser Defender Update Service) . (.Threat Expert Ltd. - Browser Defender Update Service.) - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire - Pas de description.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McciCMService (McciCMService) . (.Motive Communications, Inc. - mcci+McciCMService.) - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{0B79F7E2-3D61-4EE1-9AB9-4950D04FDB3D}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{27C63E4E-3208-4113-BD0B-94047F79BC3A}.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{F37CDB89-CEDA-4AF5-8FB6-96D1BA683A96} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\INF\mswmp.inf
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r82.) -- C:\Windows\system32\Macromed\Flash\Flash10i.ocx
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center Ex - (.ATI Technologies Inc..) [HKLM] -- {00905C35-3A76-5952-CB6A-CDAFCD6B517D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.2.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A82000000003}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Ares 2.1.2 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
O42 - Logiciel: AstroriX - (.Pas de propriétaire.) [HKLM] -- AstroriX
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B}
O42 - Logiciel: Browser Defender 3.0 - (.Threat Expert Ltd..) [HKLM] -- Browser Defender
O42 - Logiciel: Bubbletown - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}
O42 - Logiciel: Call Of Atlantis - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115704307}
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}
O42 - Logiciel: Canon Easy-WebPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-WebPrint EX
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0
O42 - Logiciel: Canon MP250 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Casse Tête Mania - (.SDLL.) [HKLM] -- {6D58EAA4-9777-4493-B14D-804CC9693362}
O42 - Logiciel: Casse-brique DELUXE - (.Pas de propriétaire.) [HKLM] -- Casse-brique DELUXE
O42 - Logiciel: Charm School Demo version 1.11 - (.Pas de propriétaire.) [HKLM] -- Charm School Demo
O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10
O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F}
O42 - Logiciel: Digimax Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: DoomBall - (.Pas de propriétaire.) [HKLM] -- DoomBall
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: EmoDio - (.SAMSUNG.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6}
O42 - Logiciel: Enregistrement utilisateur de Canon MP250 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP250 series
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CA6047C-D28B-4295-834A-07C52BA20C2D}
O42 - Logiciel: Franklin la Tortue et le club secret - (.Pas de propriétaire.) [HKLM] -- Franklin la Tortue et le club secret
O42 - Logiciel: Galerie de cliparts v1.14 - (.Cete Normandie Centre..) [HKLM] -- Galerie de cliparts
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Java(TM) 6 Update 21 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}
O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}
O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
O42 - Logiciel: Logitech Vid - (.Logitech Inc..) [HKLM] -- {4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware
O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live
O42 - Logiciel: Messenger_Plus_Live_France Toolbar - (.Pas de propriétaire.) [HKLM] -- Messenger_Plus_Live_France Toolbar
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Mon atelier d'écriture - (.Pas de propriétaire.) [HKLM] -- Mon atelier d'écriture
O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- {E7298FD8-1386-11D5-8D6C-0050DAD32D95}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mots Croisés et Autres Jeux de Mots V3 - (.Pas de propriétaire.) [HKLM] -- Mots Croisés et Autres Jeux de Mots V3
O42 - Logiciel: MultiDiff-Explorer 1.0 - (.Pas de propriétaire.) [HKLM] -- MultiDiff-Explorer
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {D34D82E0-4600-407B-9478-8506C1DD1036}
O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] -- Live Search
O42 - Logiciel: OpenOffice.org 2.1 - (.OpenOffice.org.) [HKLM] -- {E5430A11-6799-41E0-A9D5-F68BDC67AAD8}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCFix - (.Dubai Click LLC.) [HKLM] -- PC Fix 2010
O42 - Logiciel: Paintball Party 1.1 - (.Pas de propriétaire.) [HKLM] -- Paintball Party
O42 - Logiciel: Pinball - (.Pas de propriétaire.) [HKLM] -- {5F647107-C2BA-11D3-9A6D-0000B455B172}
O42 - Logiciel: Ploing 2 - demo - (.suricate software.) [HKLM] -- Ploing 2 - demo
O42 - Logiciel: Polices de caractères Ministère v1.2 - (.Pas de propriétaire.) [HKLM] -- Installation de Polices de caractères
O42 - Logiciel: Puzzle Bobble 2x - (.Pas de propriétaire.) [HKLM] -- PB2DeinstKey
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung USB Driver - (.Pas de propriétaire.) [HKLM] -- {86D6A20D-3910-4441-A3E5-EB6977251C86}
O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM] -- {EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Surligneur (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {81B5F83F-2291-48B0-8375-36B63A9BF5B0}
O42 - Logiciel: SweetIM for Messenger 2.5 - (.SweetIM Technologies Ltd..) [HKLM] -- {EC6BD2CC-2DCF-4AD8-A8DD-DF89D29EEF3F}
O42 - Logiciel: Test Quelle célébrité êtes-vous ? - (.Pas de propriétaire.) [HKCU] -- QuelleCelebriteEtesVous
O42 - Logiciel: Test_OnlineDiagnostic - (.Ihr Firmenname.) [HKLM] -- {538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VideoLAN VLC media player 0.8.6c - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: live assistant - (.Pas de propriétaire.) [HKLM] -- live assistant
O42 - Logiciel: livebox - (.SAGEM.) [HKLM] -- {17342E3B-0818-4A6F-BFF8-99476605ADD6}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\SmartShopper]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Ares]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\FotoWire]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\LanConfig]
[HKCU\Software\Leadertech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Motive]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nurium_Games]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orange]
[HKCU\Software\PCFix]
[HKCU\Software\Patchou]
[HKCU\Software\Pointsoft]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\Samsung Media Studio]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Stoik]
[HKCU\Software\Symantec]
[HKCU\Software\Threat Expert]
[HKCU\Software\Trolltech]
[HKCU\Software\Windows Live]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\ahead]
[HKCU\Software\eMule]
[HKCU\Software\keyhole.com]
[HKCU\Software\shockwave.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Anuman Interactive]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Contrôle Parental]
[HKLM\Software\DigimaxMaster]
[HKLM\Software\EPSON]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\Fujitsu Siemens]
[HKLM\Software\GNU]
[HKLM\Software\Gamebank]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Knowledge Adventure]
[HKLM\Software\Licenses]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MarkAny]
[HKLM\Software\Messenger_Plus_Live_France]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Orange]
[HKLM\Software\PCTools]
[HKLM\Software\Patchou]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\Redoubt]
[HKLM\Software\Reflexive Entertainment]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SECURITOO]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sagem]
[HKLM\Software\Samsung]
[HKLM\Software\Sensible Vision]
[HKLM\Software\Silver]
[HKLM\Software\Springfield]
[HKLM\Software\Symantec]
[HKLM\Software\The Learning Company]
[HKLM\Software\Threat Expert]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Windows]
[HKLM\Software\ahead]
[HKLM\Software\mozilla.org]
Re: A l' aide !!!
2ème rapport (2ème envoi)
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\Ask Search Assistant
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory --H-D- C:\Program Files\CanonBJ
O43 - CFD:Common File Directory ----D- C:\Program Files\Charm School
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Conduit
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\MarkAny
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger_Plus_Live_France
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Kids
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MultiDiff-Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\NCD Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Nurium_Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 2.1
O43 - CFD:Common File Directory ----D- C:\Program Files\Orange
O43 - CFD:Common File Directory ----D- C:\Program Files\PC Tools Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PCFix
O43 - CFD:Common File Directory ----D- C:\Program Files\Puzzle Bobble 2x
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Redoubt
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\ReflexiveArcade
O43 - CFD:Common File Directory ----D- C:\Program Files\Ricochet Xtreme
O43 - CFD:Common File Directory ----D- C:\Program Files\SAGEM
O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung
O43 - CFD:Common File Directory ----D- C:\Program Files\SDLL
O43 - CFD:Common File Directory ----D- C:\Program Files\Skullbyte
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\SweetIM
O43 - CFD:Common File Directory ----D- C:\Program Files\The Learning Company
O43 - CFD:Common File Directory ----D- C:\Program Files\Uniblue
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\CANON
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Fujitsu Siemens Computers
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LWS
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Motive
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PC Tools
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SWF Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Alwil Software
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonBJ
O43 - CFD:Common File Directory ----D- C:\ProgramData\CanonIJ
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJEGV
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJEPPEX
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJMyPrinter
O43 - CFD:Common File Directory ----D- C:\ProgramData\CanonIJPLM
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJScan
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJSolutionMenu
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\GamesBar
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\LogiShrd
O43 - CFD:Common File Directory ----D- C:\ProgramData\Logitech
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory ----D- C:\ProgramData\Messenger Plus!
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Motive
O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Tools
O43 - CFD:Common File Directory ----D- C:\ProgramData\Playrix Entertainment
O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sun
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch
O43 - CFD:Common File Directory ----D- C:\ProgramData\WLInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Zylom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\CANON
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Fujitsu Siemens Computers
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LWS
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Motive
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PC Tools
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SWF Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 02/09/2010 - 20:18:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1438537]
O44 - LFC:[MD5.C66EBC40594E73187F1FCE33265035F9] - 02/09/2010 - 20:14:03 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/09/2010 - 20:13:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\lvuvc.hs [0]
O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 02/09/2010 - 19:46:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 02/09/2010 - 19:46:36 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.C4CABE044C04A9CFFBAC801436DD8331] - 02/09/2010 - 19:36:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [148880131]
O44 - LFC:[MD5.224E45A4C8E3B77FCEDAF9504B30FE3E] - 02/09/2010 - 19:36:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [113788]
O44 - LFC:[MD5.52303DAC7EF59B3B167B0878A4924525] - 01/09/2010 - 17:49:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\IDB.zip [131]
O44 - LFC:[MD5.87DCBB13F42F40F0D3BB2B33686F444A] - 01/09/2010 - 17:49:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\RegISSImport.xml [879]
O44 - LFC:[MD5.48D9A979CFFBEF66EEB50855454780E8] - 01/09/2010 - 17:45:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Cat.DB [1864674]
O44 - LFC:[MD5.676537EAFC51797FFEE8D3990590FD42] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1470810]
O44 - LFC:[MD5.A8681A3C26D5D96D5630B95D6CB731AE] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [101052]
O44 - LFC:[MD5.E791F9ED36C9BF8B6BCDB21705C12737] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [123350]
O44 - LFC:[MD5.5D3FB1F1B14FED4FE630D4FDF1DEF564] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [586980]
O44 - LFC:[MD5.7BC6ACDD8AF9DB048F63931058F733C3] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [669328]
O44 - LFC:[MD5.C3AD6917FA0C3683B4E5F651E54040F9] - 31/08/2010 - 17:39:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [50527]
O44 - LFC:[MD5.4F73F8CD2AB41CCE646B486FE58D35E0] - 01/09/2010 - 07:49:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [385838]
O44 - LFC:[MD5.D8F2B7F2D3D5414A6809D31693BA5868] - 30/08/2010 - 12:57:02 ---A- . (.Threat Expert Ltd. - Browser Defender Core.) -- C:\Windows\PCTBDCore.dll [1865680]
O44 - LFC:[MD5.70023598E5BEBE91A0D12AD47DDE379A] - 30/08/2010 - 12:57:02 ---A- . (.Threat Expert Ltd. - Browser Defender Resources File.) -- C:\Windows\PCTBDRes.dll [739280]
O44 - LFC:[MD5.3F8B5210BB4B1A0E4079E19A597AE931] - 30/08/2010 - 12:57:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\BDTSupport.dll [767952]
O44 - LFC:[MD5.E4478DF37C06221A5E3F4EAE52F88F90] - 27/08/2010 - 22:32:33 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [145184]
O44 - LFC:[MD5.359B080F9226D078847E363C7AEDA903] - 27/08/2010 - 22:32:33 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]
O44 - LFC:[MD5.06CCE24882D9577D3795432E1B22FE4A] - 27/08/2010 - 22:32:33 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [153376]
O44 - LFC:[MD5.06C5756311828763DE40D9A496E66FFA] - 27/08/2010 - 22:32:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\jupdate-1.6.0_21-b07.log [5193]
O44 - LFC:[MD5.9B8179250728489CF45FDE50505B6431] - 26/08/2010 - 08:30:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\UDB.zip [2074]
O44 - LFC:[MD5.5C98C6EE70D10C891F2233B89FEF539E] - 26/08/2010 - 07:10:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [257088]
O44 - LFC:[MD5.048E9EF938690E601721401EF99C0E6D] - 25/08/2010 - 08:48:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\wininit.ini [253]
O44 - LFC:[MD5.9CC6F54680137E9145A662A917B6A7F4] - 23/08/2010 - 08:36:38 ---A- . (.PC Tools - SG Detection Tool.) -- C:\Windows\SGDetectionTool.dll [149456]
O44 - LFC:[MD5.631CFC7F3EFD3519669DDE3EEC5978BF] - 21/08/2010 - 17:42:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\lvcoinst.log [16871]
O44 - LFC:[MD5.99B95B92DBD7A944F0087A99D90B407C] - 21/08/2010 - 16:24:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\LDPINST.LOG [4970]
O44 - LFC:[MD5.41688C3529C21CA3832F7CA8B6370094] - 20/08/2010 - 08:50:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\RegSDImport.xml [882]
O44 - LFC:[MD5.12EE91079F09AE7DC2867EF8AD218BEB] - 06/08/2010 - 20:36:26 ---A- . (.Logitech Inc. - Logitech Co-Installer.) -- C:\Windows\System32\lvci12101110.dll [199192]
O44 - LFC:[MD5.835C775A6871D2A2EA6FC343B6B4C9A2] - 06/08/2010 - 20:36:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\LVAFT.cfg [266828]
O44 - LFC:[MD5.73B0CE289F75A103DFA3F5CDC9513970] - 05/08/2010 - 22:32:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\LogiSetup.log [90]
O44 - LFC:[MD5.A00548FA155798321F00F64471FC6838] - 05/08/2010 - 22:30:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\Installer.log [1042]
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{e29b82b9-adb7-11de-852c-001a9219cac9}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- D:\setupSNK.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\iyvu9_32.dll
O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\Iac25_32.ax
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\ares [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Ares\Ares.exe
O53 - SMSR:HKLM\...\startupreg\ATICCC [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe
O53 - SMSR:HKLM\...\startupreg\CollaborationHost [Key] . (.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O53 - SMSR:HKLM\...\startupreg\DXM6Patch_981116 [Key] . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Windows\p_981116.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\osCheck [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Norton Internet Security\osCheck.exe
O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\wgswy [Key] . (.Pas de propriétaire - Pas de description.) -- c:\users\stéphane\appdata\local\wgswy.exe
O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2
O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.0C0B08847F2F24BAA7BD43D8F2C6C8B0] - 28/06/2010 - 21:32:33 ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys
O58 - SDL:[MD5.EFFC39A1EDF04E83A42279D9DAA696A7] - 28/06/2010 - 21:32:56 ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys
O58 - SDL:[MD5.F385FFD39165453FDA96736AA3EDFD9D] - 28/06/2010 - 21:33:13 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys
O58 - SDL:[MD5.45ADEA26BF613A54FED64ECDD12E58A7] - 28/06/2010 - 21:37:30 ---A- . (.ALWIL Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys
O58 - SDL:[MD5.C4EE975C87176F1900662D2874233C7F] - 28/06/2010 - 21:37:52 ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys
O58 - SDL:[MD5.AE8A0EDF1F1627CDF33C0E3059686CDF] - 06/12/2006 - 00:05:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.AF280405C10F0D20F37670B7432E5C2F] - 15/05/2010 - 23:02:14 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\Windows\system32\drivers\lvpopflt.sys
O58 - SDL:[MD5.8BE71D7EDB8C7494913722059F760DD0] - 07/05/2010 - 17:43:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\LVPr2Mon.sys
O58 - SDL:[MD5.E52F5A2CADCF08D07F559962F807A0A2] - 15/05/2010 - 23:02:26 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys
O58 - SDL:[MD5.C3D02260BEB2B48DEA1EFDFCA91E4B69] - 15/05/2010 - 23:04:02 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc.sys
O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys
O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:[MD5.C61B3B87F3856CEF0C9F204028C6860D] - 02/01/2007 - 13:41:34 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys
O58 - SDL:[MD5.5E01AB8AB1ACF8850B2D64A6FD068E46] - 29/10/2008 - 15:29:54 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100 NDIS 5.1 Driver.) -- C:\Windows\system32\drivers\Rtnicxp.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys
O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)
---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.ALWIL Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR
O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\system32\audiosrv.dll (Audiosrv) .(.Microsoft Corporation - Service Audio Windows.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - C:\Windows\system32\Drivers\dfsc.sys - Dfs Client Driver (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRVI7
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fssfltr.sys - FssFltr (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (WFP Callout).) - LEGACY_FSSFLTR
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(.Pas de propriétaire - Pas de description.) - LEGACY_IDSVIX86
O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - C:\Windows\system32\Drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON
O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - (.not file.) - MpKsl72250721 (MpKsl72250721) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL72250721
O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys - MRESP50 NDIS Protocol Driver (MRESP50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_MRESP50
O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50
O64 - Services: CurCS - C:\Windows\system32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50
O64 - Services: CurCS - (.not file.) - PC Tools Data Store (pctDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTDS
O64 - Services: CurCS - (.not file.) - PC Tools Extended File Attributes (pctEFA) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTEFA
O64 - Services: CurCS - (.not file.) - PCTSDInjDriver32 (PCTSDInjDriver32) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTSDINJDRIVER32
O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Application sous-système spouleur.) - LEGACY_SPOOLER
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\Windows\system32\drivers\vsmraid.sys - vsmraid (vsmraid) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) - LEGACY_VSMRAID
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000
O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {18EAB056-9057-F224-FD4C-1F6569C4D8D2} - (Ask) - http://www.plusnetwork.com
O69 - SBI: SearchScopes [HKCU] {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (Recherche Crawler) - http://www.crawler.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Messenger Plus Live France Customized Web Search) - http://search.conduit.com
---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by Stéphane at 02/09/2010 21:29:14
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85ACBAC8]<<
kernel: MBR read successfully
user & kernel MBR OK
---\\ Internet Feature Controls (IFC) (O81)
O81 - IFC: Internet Feature Controls [HKLM] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
---\\ Recherche des services démarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [122880]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [595456]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/08/2009 144672 | Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SR - | Auto 06/12/2006 557056 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe
SR - | Auto 28/06/2010 40384 | avast! Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 28/06/2010 40384 | avast! Mail Scanner (avast! Mail Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 28/06/2010 40384 | avast! Web Scanner (avast! Web Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 12/12/2008 238888 | Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 30/08/2010 235472 | Browser Defender Update Service (Browser Defender Update Service) . (.Threat Expert Ltd..) - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
SS - | Auto 30/08/2010 0 | Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Auto 28/12/2009 135664 | Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 10/02/2009 116104 | Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 07/05/2010 162648 | Process Monitor (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
SR - | Auto 10/09/2008 303104 | McciCMService (McciCMService) . (.Motive Communications, Inc..) - C:\Program Files\Common Files\Motive\McciCMService.exe
SR - | Auto 26/01/2009 1153368 | SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 14/11/2006 204800 | Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers.) - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
---\\ Infection BT - BHO/Toolbar (Possible)
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
End of the scan (1030 lines in 03mn 20s)(0)
J' ai envoyé cette seconde partie d' un autre ordi car le mien plantait.
Merci beaucoup pour votre aide !!!
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\Ask Search Assistant
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory --H-D- C:\Program Files\CanonBJ
O43 - CFD:Common File Directory ----D- C:\Program Files\Charm School
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Conduit
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\MarkAny
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger_Plus_Live_France
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Kids
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MultiDiff-Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\NCD Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Nurium_Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 2.1
O43 - CFD:Common File Directory ----D- C:\Program Files\Orange
O43 - CFD:Common File Directory ----D- C:\Program Files\PC Tools Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PCFix
O43 - CFD:Common File Directory ----D- C:\Program Files\Puzzle Bobble 2x
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Redoubt
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\ReflexiveArcade
O43 - CFD:Common File Directory ----D- C:\Program Files\Ricochet Xtreme
O43 - CFD:Common File Directory ----D- C:\Program Files\SAGEM
O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung
O43 - CFD:Common File Directory ----D- C:\Program Files\SDLL
O43 - CFD:Common File Directory ----D- C:\Program Files\Skullbyte
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\SweetIM
O43 - CFD:Common File Directory ----D- C:\Program Files\The Learning Company
O43 - CFD:Common File Directory ----D- C:\Program Files\Uniblue
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\CANON
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Fujitsu Siemens Computers
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LWS
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Motive
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PC Tools
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SWF Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Alwil Software
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonBJ
O43 - CFD:Common File Directory ----D- C:\ProgramData\CanonIJ
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJEGV
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJEPPEX
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJMyPrinter
O43 - CFD:Common File Directory ----D- C:\ProgramData\CanonIJPLM
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJScan
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJSolutionMenu
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\GamesBar
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\LogiShrd
O43 - CFD:Common File Directory ----D- C:\ProgramData\Logitech
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory ----D- C:\ProgramData\Messenger Plus!
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Motive
O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Tools
O43 - CFD:Common File Directory ----D- C:\ProgramData\Playrix Entertainment
O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sun
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch
O43 - CFD:Common File Directory ----D- C:\ProgramData\WLInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Zylom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\CANON
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Fujitsu Siemens Computers
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LWS
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Motive
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PC Tools
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SWF Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 02/09/2010 - 20:18:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1438537]
O44 - LFC:[MD5.C66EBC40594E73187F1FCE33265035F9] - 02/09/2010 - 20:14:03 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/09/2010 - 20:13:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\lvuvc.hs [0]
O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 02/09/2010 - 19:46:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 02/09/2010 - 19:46:36 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.C4CABE044C04A9CFFBAC801436DD8331] - 02/09/2010 - 19:36:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [148880131]
O44 - LFC:[MD5.224E45A4C8E3B77FCEDAF9504B30FE3E] - 02/09/2010 - 19:36:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [113788]
O44 - LFC:[MD5.52303DAC7EF59B3B167B0878A4924525] - 01/09/2010 - 17:49:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\IDB.zip [131]
O44 - LFC:[MD5.87DCBB13F42F40F0D3BB2B33686F444A] - 01/09/2010 - 17:49:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\RegISSImport.xml [879]
O44 - LFC:[MD5.48D9A979CFFBEF66EEB50855454780E8] - 01/09/2010 - 17:45:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Cat.DB [1864674]
O44 - LFC:[MD5.676537EAFC51797FFEE8D3990590FD42] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1470810]
O44 - LFC:[MD5.A8681A3C26D5D96D5630B95D6CB731AE] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [101052]
O44 - LFC:[MD5.E791F9ED36C9BF8B6BCDB21705C12737] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [123350]
O44 - LFC:[MD5.5D3FB1F1B14FED4FE630D4FDF1DEF564] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [586980]
O44 - LFC:[MD5.7BC6ACDD8AF9DB048F63931058F733C3] - 31/08/2010 - 17:41:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [669328]
O44 - LFC:[MD5.C3AD6917FA0C3683B4E5F651E54040F9] - 31/08/2010 - 17:39:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [50527]
O44 - LFC:[MD5.4F73F8CD2AB41CCE646B486FE58D35E0] - 01/09/2010 - 07:49:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [385838]
O44 - LFC:[MD5.D8F2B7F2D3D5414A6809D31693BA5868] - 30/08/2010 - 12:57:02 ---A- . (.Threat Expert Ltd. - Browser Defender Core.) -- C:\Windows\PCTBDCore.dll [1865680]
O44 - LFC:[MD5.70023598E5BEBE91A0D12AD47DDE379A] - 30/08/2010 - 12:57:02 ---A- . (.Threat Expert Ltd. - Browser Defender Resources File.) -- C:\Windows\PCTBDRes.dll [739280]
O44 - LFC:[MD5.3F8B5210BB4B1A0E4079E19A597AE931] - 30/08/2010 - 12:57:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\BDTSupport.dll [767952]
O44 - LFC:[MD5.E4478DF37C06221A5E3F4EAE52F88F90] - 27/08/2010 - 22:32:33 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [145184]
O44 - LFC:[MD5.359B080F9226D078847E363C7AEDA903] - 27/08/2010 - 22:32:33 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]
O44 - LFC:[MD5.06CCE24882D9577D3795432E1B22FE4A] - 27/08/2010 - 22:32:33 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [153376]
O44 - LFC:[MD5.06C5756311828763DE40D9A496E66FFA] - 27/08/2010 - 22:32:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\jupdate-1.6.0_21-b07.log [5193]
O44 - LFC:[MD5.9B8179250728489CF45FDE50505B6431] - 26/08/2010 - 08:30:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\UDB.zip [2074]
O44 - LFC:[MD5.5C98C6EE70D10C891F2233B89FEF539E] - 26/08/2010 - 07:10:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [257088]
O44 - LFC:[MD5.048E9EF938690E601721401EF99C0E6D] - 25/08/2010 - 08:48:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\wininit.ini [253]
O44 - LFC:[MD5.9CC6F54680137E9145A662A917B6A7F4] - 23/08/2010 - 08:36:38 ---A- . (.PC Tools - SG Detection Tool.) -- C:\Windows\SGDetectionTool.dll [149456]
O44 - LFC:[MD5.631CFC7F3EFD3519669DDE3EEC5978BF] - 21/08/2010 - 17:42:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\lvcoinst.log [16871]
O44 - LFC:[MD5.99B95B92DBD7A944F0087A99D90B407C] - 21/08/2010 - 16:24:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\LDPINST.LOG [4970]
O44 - LFC:[MD5.41688C3529C21CA3832F7CA8B6370094] - 20/08/2010 - 08:50:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\RegSDImport.xml [882]
O44 - LFC:[MD5.12EE91079F09AE7DC2867EF8AD218BEB] - 06/08/2010 - 20:36:26 ---A- . (.Logitech Inc. - Logitech Co-Installer.) -- C:\Windows\System32\lvci12101110.dll [199192]
O44 - LFC:[MD5.835C775A6871D2A2EA6FC343B6B4C9A2] - 06/08/2010 - 20:36:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\LVAFT.cfg [266828]
O44 - LFC:[MD5.73B0CE289F75A103DFA3F5CDC9513970] - 05/08/2010 - 22:32:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\LogiSetup.log [90]
O44 - LFC:[MD5.A00548FA155798321F00F64471FC6838] - 05/08/2010 - 22:30:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\Installer.log [1042]
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{e29b82b9-adb7-11de-852c-001a9219cac9}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- D:\setupSNK.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\iyvu9_32.dll
O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\Iac25_32.ax
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\ares [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Ares\Ares.exe
O53 - SMSR:HKLM\...\startupreg\ATICCC [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe
O53 - SMSR:HKLM\...\startupreg\CollaborationHost [Key] . (.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O53 - SMSR:HKLM\...\startupreg\DXM6Patch_981116 [Key] . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Windows\p_981116.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\osCheck [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Norton Internet Security\osCheck.exe
O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\wgswy [Key] . (.Pas de propriétaire - Pas de description.) -- c:\users\stéphane\appdata\local\wgswy.exe
O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2
O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.0C0B08847F2F24BAA7BD43D8F2C6C8B0] - 28/06/2010 - 21:32:33 ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys
O58 - SDL:[MD5.EFFC39A1EDF04E83A42279D9DAA696A7] - 28/06/2010 - 21:32:56 ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys
O58 - SDL:[MD5.F385FFD39165453FDA96736AA3EDFD9D] - 28/06/2010 - 21:33:13 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys
O58 - SDL:[MD5.45ADEA26BF613A54FED64ECDD12E58A7] - 28/06/2010 - 21:37:30 ---A- . (.ALWIL Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys
O58 - SDL:[MD5.C4EE975C87176F1900662D2874233C7F] - 28/06/2010 - 21:37:52 ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys
O58 - SDL:[MD5.AE8A0EDF1F1627CDF33C0E3059686CDF] - 06/12/2006 - 00:05:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.AF280405C10F0D20F37670B7432E5C2F] - 15/05/2010 - 23:02:14 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\Windows\system32\drivers\lvpopflt.sys
O58 - SDL:[MD5.8BE71D7EDB8C7494913722059F760DD0] - 07/05/2010 - 17:43:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\LVPr2Mon.sys
O58 - SDL:[MD5.E52F5A2CADCF08D07F559962F807A0A2] - 15/05/2010 - 23:02:26 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys
O58 - SDL:[MD5.C3D02260BEB2B48DEA1EFDFCA91E4B69] - 15/05/2010 - 23:04:02 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc.sys
O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys
O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:[MD5.C61B3B87F3856CEF0C9F204028C6860D] - 02/01/2007 - 13:41:34 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys
O58 - SDL:[MD5.5E01AB8AB1ACF8850B2D64A6FD068E46] - 29/10/2008 - 15:29:54 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100 NDIS 5.1 Driver.) -- C:\Windows\system32\drivers\Rtnicxp.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys
O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)
---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.ALWIL Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR
O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\system32\audiosrv.dll (Audiosrv) .(.Microsoft Corporation - Service Audio Windows.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - C:\Windows\system32\Drivers\dfsc.sys - Dfs Client Driver (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRVI7
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fssfltr.sys - FssFltr (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (WFP Callout).) - LEGACY_FSSFLTR
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(.Pas de propriétaire - Pas de description.) - LEGACY_IDSVIX86
O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - C:\Windows\system32\Drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON
O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - (.not file.) - MpKsl72250721 (MpKsl72250721) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL72250721
O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys - MRESP50 NDIS Protocol Driver (MRESP50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_MRESP50
O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50
O64 - Services: CurCS - C:\Windows\system32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50
O64 - Services: CurCS - (.not file.) - PC Tools Data Store (pctDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTDS
O64 - Services: CurCS - (.not file.) - PC Tools Extended File Attributes (pctEFA) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTEFA
O64 - Services: CurCS - (.not file.) - PCTSDInjDriver32 (PCTSDInjDriver32) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTSDINJDRIVER32
O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Application sous-système spouleur.) - LEGACY_SPOOLER
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\Windows\system32\drivers\vsmraid.sys - vsmraid (vsmraid) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) - LEGACY_VSMRAID
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000
O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {18EAB056-9057-F224-FD4C-1F6569C4D8D2} - (Ask) - http://www.plusnetwork.com
O69 - SBI: SearchScopes [HKCU] {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (Recherche Crawler) - http://www.crawler.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Messenger Plus Live France Customized Web Search) - http://search.conduit.com
---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by Stéphane at 02/09/2010 21:29:14
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85ACBAC8]<<
kernel: MBR read successfully
user & kernel MBR OK
---\\ Internet Feature Controls (IFC) (O81)
O81 - IFC: Internet Feature Controls [HKLM] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
---\\ Recherche des services démarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [122880]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [595456]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/08/2009 144672 | Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SR - | Auto 06/12/2006 557056 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe
SR - | Auto 28/06/2010 40384 | avast! Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 28/06/2010 40384 | avast! Mail Scanner (avast! Mail Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 28/06/2010 40384 | avast! Web Scanner (avast! Web Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 12/12/2008 238888 | Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 30/08/2010 235472 | Browser Defender Update Service (Browser Defender Update Service) . (.Threat Expert Ltd..) - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
SS - | Auto 30/08/2010 0 | Symantec Lic NetConnect service (CLTNetCnService) . (.Pas de propriétaire.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Auto 28/12/2009 135664 | Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 10/02/2009 116104 | Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 07/05/2010 162648 | Process Monitor (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
SR - | Auto 10/09/2008 303104 | McciCMService (McciCMService) . (.Motive Communications, Inc..) - C:\Program Files\Common Files\Motive\McciCMService.exe
SR - | Auto 26/01/2009 1153368 | SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 14/11/2006 204800 | Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers.) - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
---\\ Infection BT - BHO/Toolbar (Possible)
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
End of the scan (1030 lines in 03mn 20s)(0)
J' ai envoyé cette seconde partie d' un autre ordi car le mien plantait.
Merci beaucoup pour votre aide !!!
-
nardino
- Modérateurs
- Messages : 11993
- Enregistré le : 05 févr. 2007, 17:38
- Localisation : Reims
- Contact :
Re: A l' aide !!!
Bonjour
1- Télécharge Toolbar-S&D de Eric_71
Sur ton bureau, impératif.
Double clique sur l'icône ToolBar SD.exe.
(Sous Vista, faire un clic droit sur cette icône, Exécuter en tant qu'administrateur (Elévation des privilèges.), puis Continuer.)
Dans la fenêtre DOS bleue, Tape F, puis appuie sur Entrer.
Ensuite tape 2 et appuie sur Entrer.
Le système va redémarrer et le scan prendra quelques minutes.
Une fois terminé un rapport TB.txt va s'ouvrir.
Tu le postes
Tu fermes le rapport sur ton bureau et tu attends les résultats de l'analyse.
Ce rapport sera enregistré à la racine du système : C:\TB.txt.
2- Quelques programmes à désinstaller par Programmes et fonctionnalités :
C:\Program Files\Uniblue\RegistryBooster
C:\Program Files\PCFix
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Orange
3- Symantec a été mal désinstallé.
Passe ce programme :
Désinstalleur Symantec
4- Assure toi d'avoir fermé le maximum d'applications, avant de faire ce qui suit.
Désactive ton antivirus.
Double clique sur OTL.exe pour le lancer.
Sous l'emplacement "Personnalisation" copie colle la liste ci-dessous et sous Rapport en haut, coche Rapport standard :
http://assiste.com.free.fr/m/nick/OTL-main-fr.png
Le pc va redémarrer.
Copie-colle dans ta prochaine réponse le contenu des deux fichiers de rapports, sauvegardés au même endroit qu'OTL.exe.
@+
1-
Télécharge Toolbar-S&D de Eric_71 Sur ton bureau, impératif.
Double clique sur l'icône ToolBar SD.exe.
(Sous Vista, faire un clic droit sur cette icône, Exécuter en tant qu'administrateur (Elévation des privilèges.), puis Continuer.)
Dans la fenêtre DOS bleue, Tape F, puis appuie sur Entrer.Ensuite tape 2 et appuie sur Entrer.
Le système va redémarrer et le scan prendra quelques minutes.
Une fois terminé un rapport TB.txt va s'ouvrir.
Tu le postesTu fermes le rapport sur ton bureau et tu attends les résultats de l'analyse.
Ce rapport sera enregistré à la racine du système : C:\TB.txt.
2- Quelques programmes à désinstaller par Programmes et fonctionnalités :
C:\Program Files\Uniblue\RegistryBooster
C:\Program Files\PCFix
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Orange
3- Symantec a été mal désinstallé.
Passe ce programme :
Désinstalleur Symantec
4- Assure toi d'avoir fermé le maximum d'applications, avant de faire ce qui suit.
Désactive ton antivirus.
Double clique sur OTL.exe pour le lancer.
Sous l'emplacement "Personnalisation" copie colle la liste ci-dessous et sous Rapport en haut, coche Rapport standard :
http://assiste.com.free.fr/m/nick/OTL-main-fr.png
Clique sur le bouton "Correction". Ne change aucun réglage. Le scan sera rapide.:Files
c:\users\stéphane\appdata\local\wgswy.exe
:Commands
[Purity]
[EMPTYTEMP]
Le pc va redémarrer.
Copie-colle dans ta prochaine réponse le contenu des deux fichiers de rapports, sauvegardés au même endroit qu'OTL.exe.
@+
Clic sur l'image pour ouvrir le site.
Re: A l' aide !!!
Bonsoir Nardino,
Envoi du premier rapport
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 03/09/2010|18:02 )
[ UAC => 1 ]
-----------\\ SUPPRESSION
Supprime! - C:\ProgramData\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Start Page"="http://www.orange.fr/portail"
"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\Windows\\System32\\blank.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Cookies\st‚phane@www.cuntcrack[2].txt
C:\Users\STPHAN~1\Perso\Nouveau dossier (2)\Disque amovible\Jacques Dutronc - Crack Boum Hue.MP3
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 03/09/2010|18:04 - Option : [2]
Encore merci pour tout !!!
Envoi du premier rapport
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 03/09/2010|18:02 )
[ UAC => 1 ]
-----------\\ SUPPRESSION
Supprime! - C:\ProgramData\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Start Page"="http://www.orange.fr/portail"
"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\Windows\\System32\\blank.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Cookies\st‚phane@www.cuntcrack[2].txt
C:\Users\STPHAN~1\Perso\Nouveau dossier (2)\Disque amovible\Jacques Dutronc - Crack Boum Hue.MP3
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 03/09/2010|18:04 - Option : [2]
Encore merci pour tout !!!
Re: A l' aide !!!
Re-bonsoir Nardino,
Je me permets de vous envoyer ce message car je ne comprends pas pour
suivre votre démarche.
Paragraphe 4 : j' ai désactiver mon antivirus. mais où est ce que je trouve OTL.exe?
Où se situe "personnalisation" ??,
qu'est ce que je fais avec ce site : http://assiste;com.free.fr...........
Désolé, mais j' ai vraiment du mal, voire impossible, à comprendre ce 4 ème paragraphe.
merci d'avoir l' amabilité de m' expliquer différemment.
D' avance, merci.
Je me permets de vous envoyer ce message car je ne comprends pas pour
suivre votre démarche.
Paragraphe 4 : j' ai désactiver mon antivirus. mais où est ce que je trouve OTL.exe?
Où se situe "personnalisation" ??,
qu'est ce que je fais avec ce site : http://assiste;com.free.fr...........
Désolé, mais j' ai vraiment du mal, voire impossible, à comprendre ce 4 ème paragraphe.
merci d'avoir l' amabilité de m' expliquer différemment.
D' avance, merci.
-
nardino
- Modérateurs
- Messages : 11993
- Enregistré le : 05 févr. 2007, 17:38
- Localisation : Reims
- Contact :
Re: A l' aide !!!
Bonjour
Autant pour moi j'ai confondu deux rapports.
Oublie ce que je dis sur OTL.
Lance ZHPDiag, fais un scan et celui-ci terminé clique sur le bouton
Il se lance par double clic sous Xp, par clic droit et "exécuter en tant qu'administrateur sous Vista et Seven.
Dans la fenêtre qui s'ouvre
Tu coches devant :
O53 - SMSR:HKLM\...\startupreg\wgswy [Key] . (.Pas de propriétaire - Pas de description.) -- c:\users\stéphane\appdata\local\wgswy.exe
Puis tu cliques sur le bouton Nettoyer.
Un rapport va s'afficher que tu postes par copier-coller.
@+
Autant pour moi j'ai confondu deux rapports.
Oublie ce que je dis sur OTL.
Lance ZHPDiag, fais un scan et celui-ci terminé clique sur le bouton
Il se lance par double clic sous Xp, par clic droit et "exécuter en tant qu'administrateur sous Vista et Seven.
Dans la fenêtre qui s'ouvre
Tu coches devant :
O53 - SMSR:HKLM\...\startupreg\wgswy [Key] . (.Pas de propriétaire - Pas de description.) -- c:\users\stéphane\appdata\local\wgswy.exe
Puis tu cliques sur le bouton Nettoyer.
Un rapport va s'afficher que tu postes par copier-coller.
@+
Clic sur l'image pour ouvrir le site.
Re: A l' aide !!!
Bonsoir Nardino,
Voilà le rapport, j' ai suivi le plan comme indiqué.
Rapport de ZHPFix v1.12.3142 par Nicolas Coolman, Update du 31/08/2010
Fichier d'export Registre : C:\ZHPExportRegistry-06-09-2010-18-39-09.txt
Run by Stéphane at 06/09/2010 18:39:09
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
O53 - SMSR:HKLM\...\startupreg\wgswy [Key] . (.Pas de propriétaire - Pas de description.) -- c:\users\stéphane\appdata\local\wgswy.exe => Clé supprimée avec succès
========== Fichier(s) ==========
c:\users\stéphane\appdata\local\wgswy.exe => Supprimé et mis en quarantaine
========== Récapitulatif ==========
1 : Clé(s) du Registre
1 : Fichier(s)
End of the scan
Merci encore,
Voilà le rapport, j' ai suivi le plan comme indiqué.
Rapport de ZHPFix v1.12.3142 par Nicolas Coolman, Update du 31/08/2010
Fichier d'export Registre : C:\ZHPExportRegistry-06-09-2010-18-39-09.txt
Run by Stéphane at 06/09/2010 18:39:09
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
O53 - SMSR:HKLM\...\startupreg\wgswy [Key] . (.Pas de propriétaire - Pas de description.) -- c:\users\stéphane\appdata\local\wgswy.exe => Clé supprimée avec succès
========== Fichier(s) ==========
c:\users\stéphane\appdata\local\wgswy.exe => Supprimé et mis en quarantaine
========== Récapitulatif ==========
1 : Clé(s) du Registre
1 : Fichier(s)
End of the scan
Merci encore,
-
nardino
- Modérateurs
- Messages : 11993
- Enregistré le : 05 févr. 2007, 17:38
- Localisation : Reims
- Contact :
Re: A l' aide !!!
Bonsoir
C'est ok.
Comment va le pc après ceci ?
@+
C'est ok.
Comment va le pc après ceci ?
@+
Clic sur l'image pour ouvrir le site.
Re: A l' aide !!!
Bonjour,
Il semblerait que l' ordinateur marche mieux et est plus rapide. Toutefois, je ne peux toujours pas faire les mises à jour, et j' ai toujours le même code erreur "code 80072 EFE".
Bonne journée.
Il semblerait que l' ordinateur marche mieux et est plus rapide. Toutefois, je ne peux toujours pas faire les mises à jour, et j' ai toujours le même code erreur "code 80072 EFE".
Bonne journée.
-
nardino
- Modérateurs
- Messages : 11993
- Enregistré le : 05 févr. 2007, 17:38
- Localisation : Reims
- Contact :
Re: A l' aide !!!
Bonjour,
Télécharge Combofix
IMPORTANT. Enregistre ComboFix.exe sur le Bureau.
Désactive les applications antivirus et anti-malware résidentes, en général via un clic droit sur l'icône de la Zone de notification, sinon elles risquent d'interférer avec l'outil.
Fais un double clic sur l'icône et suis les invites.
Lorsque l'outil aura terminé, il affichera un rapport.
Surtout ne lance aucune application pendant le scan et après le redémarrage parfois nécessaire et provoqué.
Attends l'affichage du rapport
Copie le contenu dans ta prochaine réponse.
Il sera enregistré sous C:\Combofix.txt
Avertissement:
@+
Télécharge Combofix IMPORTANT. Enregistre ComboFix.exe sur le Bureau.Désactive les applications antivirus et anti-malware résidentes, en général via un clic droit sur l'icône de la Zone de notification, sinon elles risquent d'interférer avec l'outil.
Fais un double clic sur l'icône et suis les invites. Lorsque l'outil aura terminé, il affichera un rapport. Surtout ne lance aucune application pendant le scan et après le redémarrage parfois nécessaire et provoqué.Attends l'affichage du rapport
Copie le contenu dans ta prochaine réponse.
Il sera enregistré sous C:\Combofix.txt
Avertissement:
@+
Clic sur l'image pour ouvrir le site.
Re: A l' aide !!!
bonsoir Nardino;
Comme convenu, je vous prie de bien vouloir trouver ci-joint le rapport de Combofix.
Mais, à aucun moment, je n' ai trouver le tableau "rootkit activity persist..." comme annexé dans votre précédent courrier.
ComboFix 10-09-06.04 - Stéphane 07/09/2010 19:35:03.1.2 - x86
Lancé depuis: c:\users\Stéphane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JJUYXQ6Q\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Fonts\unins000.exe
c:\windows\system32\%appdata%
c:\windows\system32\muzapp.exe
Une copie infectée de c:\windows\system32\drivers\smb.sys a été trouvée et désinfectée
Copie restaurée à partir de - Kitty had a snack :p
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-07 au 2010-09-07 ))))))))))))))))))))))))))))))))))))
.
2010-09-07 17:52 . 2010-09-07 17:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-07 17:52 . 2010-09-07 17:52 -------- d-----w- c:\users\vors\AppData\Local\temp
2010-09-03 15:52 . 2010-09-03 16:40 -------- d-----w- C:\ToolBar SD
2010-09-02 20:54 . 2010-09-02 20:54 -------- d-----w- c:\users\vors\AppData\Local\MigWiz
2010-09-02 19:22 . 2010-09-06 16:39 -------- d-----w- c:\program files\ZHPDiag
2010-09-02 18:46 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-02 18:46 . 2010-09-02 18:46 -------- d-----w- c:\programdata\Malwarebytes
2010-09-02 18:46 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-02 18:46 . 2010-09-02 18:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-01 16:49 . 2010-08-30 11:57 767952 ----a-w- c:\windows\BDTSupport.dll
2010-09-01 16:49 . 2010-08-26 07:30 2074 ----a-w- c:\windows\UDB.zip
2010-09-01 16:49 . 2010-08-23 07:36 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-09-01 16:49 . 2008-11-26 09:08 131 ----a-w- c:\windows\IDB.zip
2010-09-01 16:49 . 2010-08-30 11:57 739280 ----a-w- c:\windows\PCTBDRes.dll
2010-09-01 16:49 . 2010-08-30 11:57 1865680 ----a-w- c:\windows\PCTBDCore.dll
2010-09-01 16:43 . 2010-09-02 18:34 -------- d-----w- c:\program files\Common Files\PC Tools
2010-09-01 16:43 . 2010-09-02 18:34 -------- d-----w- c:\program files\PC Tools Security
2010-09-01 13:39 . 2010-09-02 18:29 -------- d-----w- c:\programdata\PC Tools
2010-09-01 06:44 . 2010-09-01 06:44 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing
2010-08-27 21:52 . 2010-08-27 21:52 -------- d-----w- c:\program files\Common Files\Java
2010-08-25 12:14 . 2010-08-25 12:14 365230920 ----a-w- c:\users\vors\Windows6.0-KB948465-X86.exe
2010-08-25 08:20 . 2010-08-25 08:20 58016 ----a-w- c:\users\vors\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-25 07:13 . 2010-09-03 16:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-25 07:13 . 2010-09-03 16:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-08-25 06:44 . 2010-08-25 06:44 -------- d-----w- c:\users\vors\AppData\Roaming\Motive
2010-08-25 06:42 . 2010-09-02 20:54 -------- d-----w- c:\users\vors\AppData\Local\VirtualStore
2010-08-24 09:25 . 2010-08-24 09:26 -------- d-----w- c:\users\Invité
2010-08-21 15:18 . 2010-09-07 18:05 -------- d-----w- c:\windows\system32\logishrd
2010-08-21 15:18 . 2010-08-21 15:18 -------- d-----w- c:\programdata\Logitech
2010-08-21 15:17 . 2010-08-21 15:17 -------- d-----w- c:\program files\Common Files\LWS
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 18:09 . 2006-11-02 15:45 669328 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-07 18:09 . 2006-11-02 15:45 123350 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-07 18:04 . 2010-08-19 16:00 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-09-02 20:25 . 2010-02-16 19:07 -------- d-----w- c:\programdata\CanonIJPLM
2010-09-01 16:45 . 2010-09-01 16:44 1864674 ----a-w- c:\windows\system32\drivers\Cat.DB
2010-08-27 21:32 . 2008-10-12 18:45 -------- d-----w- c:\program files\Java
2010-08-21 16:41 . 2010-08-06 19:35 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-08-21 15:24 . 2010-07-23 08:35 -------- d-----w- c:\program files\Logitech
2010-08-19 22:54 . 2008-07-30 11:49 -------- d-----w- c:\program files\Google
2010-08-19 19:30 . 2010-08-06 19:34 -------- d-----w- c:\programdata\LogiShrd
2010-08-19 19:27 . 2007-03-01 18:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-18 15:54 . 2008-10-12 18:43 -------- d-----w- c:\program files\Orange
2010-08-08 17:34 . 2010-08-08 17:34 -------- d-----w- c:\program files\Ask Search Assistant
2010-08-08 17:34 . 2010-07-04 09:15 -------- d-----w- c:\program files\Messenger Plus! Live
2010-07-17 03:00 . 2010-04-19 19:13 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-28 20:57 . 2010-07-08 15:44 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2010-04-28 19:30 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-28 19:30 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-28 19:30 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-28 19:30 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-28 19:30 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-28 20:32 . 2010-04-28 19:30 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2010-05-11 6061400]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 4317184]
"Orange_McciTrayApp"="c:\program files\Orange\LiveAssistant.exe" [2008-10-06 1476608]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2009-03-21 484888]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-08-23 100304]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
c:\users\St‚phane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Canon IJ Status Monitor Canon MP250 series Printer.lnk - c:\windows\system32\rundll32.exe [2006-11-2 44544]
Logitech . Enregistrement du produit.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^E_SPSU01.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\E_SPSU01.lnk
backup=c:\windows\pss\E_SPSU01.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Stéphane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.1.lnk]
path=c:\users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.1.lnk
backup=c:\windows\pss\OpenOffice.org 2.1.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Stéphane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Outil de notification Live Search.lnk]
path=c:\users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de notification Live Search.lnk
backup=c:\windows\pss\Outil de notification Live Search.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-07-11 16:12 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CollaborationHost]
2008-01-19 07:33 192000 ----a-w- c:\windows\System32\p2phost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXM6Patch_981116]
1998-11-30 17:04 497376 ----a-w- c:\windows\p_981116.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2006-12-29 10:11 4317184 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a7,6c,4b,92,97,d2,ca,01
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-27 135664]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [2010-08-30 235472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-27 22:14]
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-27 22:14]
2010-09-07 c:\windows\Tasks\User_Feed_Synchronization-{0B79F7E2-3D61-4EE1-9AB9-4950D04FDB3D}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
2010-09-06 c:\windows\Tasks\User_Feed_Synchronization-{27C63E4E-3208-4113-BD0B-94047F79BC3A}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/portail
mWindow Title =
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: motive.com\pfttbc.ft
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.
.
------- Associations de fichier -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-StartServiceLMEPRSSF - (no file)
HKCU-Run-PCFix - c:\program files\PCFix\PCFix.exe
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
MSConfigStartUp-ares - c:\program files\Ares\Ares.exe
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-osCheck - c:\program files\Norton Internet Security\osCheck.exe
AddRemove-Ares - c:\program files\Ares\uninstall.exe
AddRemove-DoomBall - c:\program files\Alawar\DoomBall\uninstal.exe
AddRemove-Installation de Polices de caractères_is1 - c:\windows\Fonts\unins000.exe
AddRemove-Ploing 2 - demo - c:\progra~1\PLOING~1\UNWISE.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-07 20:18
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Alwil Software\Avast5\AvastUI.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Heure de fin: 2010-09-07 20:30:27 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-07 18:30
Avant-CF: 26 520 920 064 octets libres
Après-CF: 29 295 218 688 octets libres
- - End Of File - - 84DA6B84E902B0840F07CE7B5BCA7545
Encore merci pour tout !!!
Comme convenu, je vous prie de bien vouloir trouver ci-joint le rapport de Combofix.
Mais, à aucun moment, je n' ai trouver le tableau "rootkit activity persist..." comme annexé dans votre précédent courrier.
ComboFix 10-09-06.04 - Stéphane 07/09/2010 19:35:03.1.2 - x86
Lancé depuis: c:\users\Stéphane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JJUYXQ6Q\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Fonts\unins000.exe
c:\windows\system32\%appdata%
c:\windows\system32\muzapp.exe
Une copie infectée de c:\windows\system32\drivers\smb.sys a été trouvée et désinfectée
Copie restaurée à partir de - Kitty had a snack :p
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-07 au 2010-09-07 ))))))))))))))))))))))))))))))))))))
.
2010-09-07 17:52 . 2010-09-07 17:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-07 17:52 . 2010-09-07 17:52 -------- d-----w- c:\users\vors\AppData\Local\temp
2010-09-03 15:52 . 2010-09-03 16:40 -------- d-----w- C:\ToolBar SD
2010-09-02 20:54 . 2010-09-02 20:54 -------- d-----w- c:\users\vors\AppData\Local\MigWiz
2010-09-02 19:22 . 2010-09-06 16:39 -------- d-----w- c:\program files\ZHPDiag
2010-09-02 18:46 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-02 18:46 . 2010-09-02 18:46 -------- d-----w- c:\programdata\Malwarebytes
2010-09-02 18:46 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-02 18:46 . 2010-09-02 18:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-01 16:49 . 2010-08-30 11:57 767952 ----a-w- c:\windows\BDTSupport.dll
2010-09-01 16:49 . 2010-08-26 07:30 2074 ----a-w- c:\windows\UDB.zip
2010-09-01 16:49 . 2010-08-23 07:36 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-09-01 16:49 . 2008-11-26 09:08 131 ----a-w- c:\windows\IDB.zip
2010-09-01 16:49 . 2010-08-30 11:57 739280 ----a-w- c:\windows\PCTBDRes.dll
2010-09-01 16:49 . 2010-08-30 11:57 1865680 ----a-w- c:\windows\PCTBDCore.dll
2010-09-01 16:43 . 2010-09-02 18:34 -------- d-----w- c:\program files\Common Files\PC Tools
2010-09-01 16:43 . 2010-09-02 18:34 -------- d-----w- c:\program files\PC Tools Security
2010-09-01 13:39 . 2010-09-02 18:29 -------- d-----w- c:\programdata\PC Tools
2010-09-01 06:44 . 2010-09-01 06:44 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing
2010-08-27 21:52 . 2010-08-27 21:52 -------- d-----w- c:\program files\Common Files\Java
2010-08-25 12:14 . 2010-08-25 12:14 365230920 ----a-w- c:\users\vors\Windows6.0-KB948465-X86.exe
2010-08-25 08:20 . 2010-08-25 08:20 58016 ----a-w- c:\users\vors\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-25 07:13 . 2010-09-03 16:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-25 07:13 . 2010-09-03 16:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-08-25 06:44 . 2010-08-25 06:44 -------- d-----w- c:\users\vors\AppData\Roaming\Motive
2010-08-25 06:42 . 2010-09-02 20:54 -------- d-----w- c:\users\vors\AppData\Local\VirtualStore
2010-08-24 09:25 . 2010-08-24 09:26 -------- d-----w- c:\users\Invité
2010-08-21 15:18 . 2010-09-07 18:05 -------- d-----w- c:\windows\system32\logishrd
2010-08-21 15:18 . 2010-08-21 15:18 -------- d-----w- c:\programdata\Logitech
2010-08-21 15:17 . 2010-08-21 15:17 -------- d-----w- c:\program files\Common Files\LWS
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 18:09 . 2006-11-02 15:45 669328 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-07 18:09 . 2006-11-02 15:45 123350 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-07 18:04 . 2010-08-19 16:00 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-09-02 20:25 . 2010-02-16 19:07 -------- d-----w- c:\programdata\CanonIJPLM
2010-09-01 16:45 . 2010-09-01 16:44 1864674 ----a-w- c:\windows\system32\drivers\Cat.DB
2010-08-27 21:32 . 2008-10-12 18:45 -------- d-----w- c:\program files\Java
2010-08-21 16:41 . 2010-08-06 19:35 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-08-21 15:24 . 2010-07-23 08:35 -------- d-----w- c:\program files\Logitech
2010-08-19 22:54 . 2008-07-30 11:49 -------- d-----w- c:\program files\Google
2010-08-19 19:30 . 2010-08-06 19:34 -------- d-----w- c:\programdata\LogiShrd
2010-08-19 19:27 . 2007-03-01 18:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-18 15:54 . 2008-10-12 18:43 -------- d-----w- c:\program files\Orange
2010-08-08 17:34 . 2010-08-08 17:34 -------- d-----w- c:\program files\Ask Search Assistant
2010-08-08 17:34 . 2010-07-04 09:15 -------- d-----w- c:\program files\Messenger Plus! Live
2010-07-17 03:00 . 2010-04-19 19:13 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-28 20:57 . 2010-07-08 15:44 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2010-04-28 19:30 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-28 19:30 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-28 19:30 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-28 19:30 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-28 19:30 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-28 20:32 . 2010-04-28 19:30 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2010-05-11 6061400]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 4317184]
"Orange_McciTrayApp"="c:\program files\Orange\LiveAssistant.exe" [2008-10-06 1476608]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2009-03-21 484888]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-08-23 100304]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
c:\users\St‚phane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Canon IJ Status Monitor Canon MP250 series Printer.lnk - c:\windows\system32\rundll32.exe [2006-11-2 44544]
Logitech . Enregistrement du produit.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^E_SPSU01.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\E_SPSU01.lnk
backup=c:\windows\pss\E_SPSU01.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Stéphane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.1.lnk]
path=c:\users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.1.lnk
backup=c:\windows\pss\OpenOffice.org 2.1.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Stéphane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Outil de notification Live Search.lnk]
path=c:\users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de notification Live Search.lnk
backup=c:\windows\pss\Outil de notification Live Search.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-07-11 16:12 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CollaborationHost]
2008-01-19 07:33 192000 ----a-w- c:\windows\System32\p2phost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXM6Patch_981116]
1998-11-30 17:04 497376 ----a-w- c:\windows\p_981116.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2006-12-29 10:11 4317184 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a7,6c,4b,92,97,d2,ca,01
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-27 135664]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [2010-08-30 235472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-27 22:14]
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-27 22:14]
2010-09-07 c:\windows\Tasks\User_Feed_Synchronization-{0B79F7E2-3D61-4EE1-9AB9-4950D04FDB3D}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
2010-09-06 c:\windows\Tasks\User_Feed_Synchronization-{27C63E4E-3208-4113-BD0B-94047F79BC3A}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/portail
mWindow Title =
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: motive.com\pfttbc.ft
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.
.
------- Associations de fichier -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-StartServiceLMEPRSSF - (no file)
HKCU-Run-PCFix - c:\program files\PCFix\PCFix.exe
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
MSConfigStartUp-ares - c:\program files\Ares\Ares.exe
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-osCheck - c:\program files\Norton Internet Security\osCheck.exe
AddRemove-Ares - c:\program files\Ares\uninstall.exe
AddRemove-DoomBall - c:\program files\Alawar\DoomBall\uninstal.exe
AddRemove-Installation de Polices de caractères_is1 - c:\windows\Fonts\unins000.exe
AddRemove-Ploing 2 - demo - c:\progra~1\PLOING~1\UNWISE.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-07 20:18
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Alwil Software\Avast5\AvastUI.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Heure de fin: 2010-09-07 20:30:27 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-07 18:30
Avant-CF: 26 520 920 064 octets libres
Après-CF: 29 295 218 688 octets libres
- - End Of File - - 84DA6B84E902B0840F07CE7B5BCA7545
Encore merci pour tout !!!