Pc lent au demarage
pat2962
-
pat2962 -
pat2962 -
Bonjour,
mon pc est lent au demarage et mes connexions au web aussi.
je vous transmet mon rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42 VALR, on 07/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0220Mon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\fast.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Fast.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = © Windows XP Ultimate Edition VALR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [VisualTaskTip] \Program Files\VisualTaskTips\VisualTaskTips.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Administrateur.PCALR\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
mon pc est lent au demarage et mes connexions au web aussi.
je vous transmet mon rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42 VALR, on 07/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0220Mon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\fast.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Fast.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = © Windows XP Ultimate Edition VALR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [VisualTaskTip] \Program Files\VisualTaskTips\VisualTaskTips.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Administrateur.PCALR\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BA7CB57A-8B1C-4F63-8500-8EA25AEF9A62} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
A voir également:
- Pc lent au demarage
- Pc lent - Guide
- Reinitialiser pc au demarrage - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
32 réponses
Supprimes ce que tu as en quarantaine dans malwarebytes,ensuite
> Télécharge Dr Web CureIt sur ton Bureau :
- Double clique <drweb-cureit.exe> et ensuite clique sur <Analyse>;
- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
- De retour à la fenêtre principale : clique pour activer <Analyse complète>
- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
> Télécharge Dr Web CureIt sur ton Bureau :
- Double clique <drweb-cureit.exe> et ensuite clique sur <Analyse>;
- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
- De retour à la fenêtre principale : clique pour activer <Analyse complète>
- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\
_________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================
On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
>> Reviens sur le forum, et
copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
ComboFix 09-06-05.07 - Administrateur 06/06/2009 9:50.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1095 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur.PCALR\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\msconfig.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-06 au 2009-06-06 ))))))))))))))))))))))))))))))))))))
.
2009-05-29 15:34 . 2009-05-29 16:00 -------- d-----w- c:\documents and settings\Administrateur.PCALR\DoctorWeb
2009-05-29 14:30 . 2009-05-29 14:55 -------- d-----w- c:\program files\Navilog1
2009-05-12 05:03 . 2009-06-03 15:19 117760 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-05-12 05:02 . 2009-05-27 05:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com
2009-05-07 14:30 . 2009-05-07 14:30 -------- d-----w- c:\program files\CCleaner
2009-05-07 14:22 . 2009-05-07 14:22 -------- d-----w- c:\windows\system32\Kaspersky Lab
2009-05-07 12:36 . 2009-05-07 12:59 -------- d-----w- C:\UsbFix
2009-05-07 12:09 . 2009-05-07 12:09 -------- d-----w- C:\rsit
2009-05-07 08:57 . 2009-05-07 08:57 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\Malwarebytes
2009-05-07 08:57 . 2009-04-06 13:32 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-07 08:57 . 2009-04-06 13:32 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-07 08:57 . 2009-05-07 08:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-05-07 08:57 . 2009-05-07 08:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-07 08:26 . 2009-05-07 08:48 -------- d-----w- C:\ToolBar SD
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-04 19:14 . 2009-01-10 10:52 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\uTorrent
2009-05-13 15:15 . 2009-01-10 09:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-05-12 05:01 . 2007-09-01 09:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-05-12 04:59 . 2009-01-10 10:19 -------- d-----w- c:\program files\FlashFXP
2009-05-12 04:58 . 2009-01-10 10:18 -------- d-----w- c:\program files\TuneUp Utilities 2006
2009-05-07 14:35 . 2009-01-10 10:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-05-07 08:34 . 2009-01-09 08:50 -------- d-----w- c:\program files\Logitech
2009-05-07 07:37 . 2009-05-07 07:37 -------- d-----w- c:\program files\Trend Micro
2009-05-01 10:44 . 2009-05-01 10:42 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\DVD Shrink
2009-05-01 10:42 . 2009-05-01 10:42 -------- d-----w- c:\program files\DVD Shrink
2009-04-21 13:39 . 2009-04-22 05:12 2449344 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\maconfsetup.exe
2009-04-21 13:38 . 2009-04-22 05:12 429224 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
2009-04-20 20:18 . 2009-04-20 19:56 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\VSO
2009-04-20 19:55 . 2009-04-20 19:55 -------- d-----w- c:\program files\VSO
2009-04-16 17:22 . 2008-04-14 16:00 78558 ----a-w- c:\windows\system32\perfc00C.dat
2009-04-16 17:22 . 2008-04-14 16:00 494872 ----a-w- c:\windows\system32\perfh00C.dat
2007-01-30 18:31 . 2006-11-28 19:26 278528 -c--a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-08 40960]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"FastUser"="c:\windows\system32\fast.exe" [2001-10-19 49216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^e-Carte Bleue Caisse d'Epargne.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\e-Carte Bleue Caisse d'Epargne.lnk
backup=c:\windows\pss\e-Carte Bleue Caisse d'Epargne.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SMCWUSB-G2 Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SMCWUSB-G2 Wireless Utility.lnk
backup=c:\windows\pss\SMCWUSB-G2 Wireless Utility.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisablePagingExecutive"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [09/01/2009 12:51 VALR 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 11:33 VALR 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 11:33 VALR 72944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/01/2009 12:51 VALR 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [19/02/2009 20:02 VALR 55152]
R3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [09/01/2009 14:15 VALR 146112]
R3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [09/01/2009 14:15 VALR 6272]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 VALR 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [24/01/2009 15:46 VALR 216232]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [10/01/2009 14:15 VALR 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [10/01/2009 14:18 VALR 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [10/01/2009 14:18 VALR 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [10/01/2009 14:18 VALR 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [10/01/2009 14:19 VALR 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [10/01/2009 14:18 VALR 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [10/01/2009 14:18 VALR 97704]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 11:33 VALR 7408]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [08/01/2009 19:54 VALR 477696]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenu du dossier 'Tâches planifiées'
2009-06-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-28 20:18]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKU-Default-Run-VisualTaskTip - \Program Files\VisualTaskTips\VisualTaskTips.exe
SafeBoot-procexp90.Sys
.
------- Examen supplémentaire -------
.
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: {D1614682-5CC3-4A3B-A105-059DC78EF577} = 212.27.53.252,212.27.54.252
FF - ProfilePath - c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-06 09:58
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(660)
c:\windows\system32\SETUPAPI.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(716)
c:\windows\system32\setupapi.dll
.
Heure de fin: 2009-06-06 10:04
ComboFix-quarantined-files.txt 2009-06-06 08:04
ComboFix2.txt 2008-08-13 08:29
Avant-CF: 23 507 771 392 octets libres
Après-CF: 23 503 204 352 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NOGUIBOOT /noexecute=optin
191 --- E O F --- 2009-05-27 17:01
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1095 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur.PCALR\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\msconfig.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-06 au 2009-06-06 ))))))))))))))))))))))))))))))))))))
.
2009-05-29 15:34 . 2009-05-29 16:00 -------- d-----w- c:\documents and settings\Administrateur.PCALR\DoctorWeb
2009-05-29 14:30 . 2009-05-29 14:55 -------- d-----w- c:\program files\Navilog1
2009-05-12 05:03 . 2009-06-03 15:19 117760 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-05-12 05:02 . 2009-05-27 05:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com
2009-05-07 14:30 . 2009-05-07 14:30 -------- d-----w- c:\program files\CCleaner
2009-05-07 14:22 . 2009-05-07 14:22 -------- d-----w- c:\windows\system32\Kaspersky Lab
2009-05-07 12:36 . 2009-05-07 12:59 -------- d-----w- C:\UsbFix
2009-05-07 12:09 . 2009-05-07 12:09 -------- d-----w- C:\rsit
2009-05-07 08:57 . 2009-05-07 08:57 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\Malwarebytes
2009-05-07 08:57 . 2009-04-06 13:32 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-07 08:57 . 2009-04-06 13:32 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-07 08:57 . 2009-05-07 08:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-05-07 08:57 . 2009-05-07 08:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-07 08:26 . 2009-05-07 08:48 -------- d-----w- C:\ToolBar SD
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-04 19:14 . 2009-01-10 10:52 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\uTorrent
2009-05-13 15:15 . 2009-01-10 09:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-05-12 05:01 . 2007-09-01 09:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-05-12 04:59 . 2009-01-10 10:19 -------- d-----w- c:\program files\FlashFXP
2009-05-12 04:58 . 2009-01-10 10:18 -------- d-----w- c:\program files\TuneUp Utilities 2006
2009-05-07 14:35 . 2009-01-10 10:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-05-07 08:34 . 2009-01-09 08:50 -------- d-----w- c:\program files\Logitech
2009-05-07 07:37 . 2009-05-07 07:37 -------- d-----w- c:\program files\Trend Micro
2009-05-01 10:44 . 2009-05-01 10:42 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\DVD Shrink
2009-05-01 10:42 . 2009-05-01 10:42 -------- d-----w- c:\program files\DVD Shrink
2009-04-21 13:39 . 2009-04-22 05:12 2449344 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\maconfsetup.exe
2009-04-21 13:38 . 2009-04-22 05:12 429224 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
2009-04-20 20:18 . 2009-04-20 19:56 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\VSO
2009-04-20 19:55 . 2009-04-20 19:55 -------- d-----w- c:\program files\VSO
2009-04-16 17:22 . 2008-04-14 16:00 78558 ----a-w- c:\windows\system32\perfc00C.dat
2009-04-16 17:22 . 2008-04-14 16:00 494872 ----a-w- c:\windows\system32\perfh00C.dat
2007-01-30 18:31 . 2006-11-28 19:26 278528 -c--a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-08 40960]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"FastUser"="c:\windows\system32\fast.exe" [2001-10-19 49216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^e-Carte Bleue Caisse d'Epargne.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\e-Carte Bleue Caisse d'Epargne.lnk
backup=c:\windows\pss\e-Carte Bleue Caisse d'Epargne.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SMCWUSB-G2 Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SMCWUSB-G2 Wireless Utility.lnk
backup=c:\windows\pss\SMCWUSB-G2 Wireless Utility.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisablePagingExecutive"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [09/01/2009 12:51 VALR 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 11:33 VALR 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 11:33 VALR 72944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/01/2009 12:51 VALR 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [19/02/2009 20:02 VALR 55152]
R3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [09/01/2009 14:15 VALR 146112]
R3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [09/01/2009 14:15 VALR 6272]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 VALR 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [24/01/2009 15:46 VALR 216232]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [10/01/2009 14:15 VALR 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [10/01/2009 14:18 VALR 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [10/01/2009 14:18 VALR 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [10/01/2009 14:18 VALR 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [10/01/2009 14:19 VALR 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [10/01/2009 14:18 VALR 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [10/01/2009 14:18 VALR 97704]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 11:33 VALR 7408]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [08/01/2009 19:54 VALR 477696]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenu du dossier 'Tâches planifiées'
2009-06-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-28 20:18]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKU-Default-Run-VisualTaskTip - \Program Files\VisualTaskTips\VisualTaskTips.exe
SafeBoot-procexp90.Sys
.
------- Examen supplémentaire -------
.
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: {D1614682-5CC3-4A3B-A105-059DC78EF577} = 212.27.53.252,212.27.54.252
FF - ProfilePath - c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-06 09:58
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(660)
c:\windows\system32\SETUPAPI.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(716)
c:\windows\system32\setupapi.dll
.
Heure de fin: 2009-06-06 10:04
ComboFix-quarantined-files.txt 2009-06-06 08:04
ComboFix2.txt 2008-08-13 08:29
Avant-CF: 23 507 771 392 octets libres
Après-CF: 23 503 204 352 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NOGUIBOOT /noexecute=optin
191 --- E O F --- 2009-05-27 17:01
bonjour,
merci de ton rapport mais 80% ne vont pas nous servir.
va sur "Demarrer" "Executer" (Win XP) ou "rechercher" (Win Vista) la tape "dxdiag" et dit nous le rapport
merci de ton rapport mais 80% ne vont pas nous servir.
va sur "Demarrer" "Executer" (Win XP) ou "rechercher" (Win Vista) la tape "dxdiag" et dit nous le rapport
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
alex pompier tu penses que le rapport vista va nous dire ou sont les infections?On est vraiment c.. d'utiliser nos fix alors
gné ?
bonjour à tous
fix200
revois ton canned sur rsit stp
tu confonds %systemroot% et %systemdrive%
alex Pompier
prends des topics à la hauteur de tes connaissances ou alors au debut
Merci
loloetseb
bientot dans une nouvelle page :)
bonjour à tous
fix200
revois ton canned sur rsit stp
tu confonds %systemroot% et %systemdrive%
alex Pompier
prends des topics à la hauteur de tes connaissances ou alors au debut
Merci
loloetseb
bientot dans une nouvelle page :)
__________________________________________________________
=>/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement cet ordinateur,<=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=====|
---------------------------------------------------------------
Toujours avec toutes les protections désactivées, fais ceci :
• Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
• Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :
----------------------------------------------------------
Driver::
procexp90
------------------------------------------------------------------
• Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
• Quitte le Bloc Notes
• Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) Comme ceci
• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt
ComboFix 09-06-05.07 - Administrateur 06/06/2009 13:19.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1054 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur.PCALR\Bureau\desinfection pc\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Administrateur.PCALR\Bureau\CFScript.txt
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_PROCEXP90
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-06 au 2009-06-06 ))))))))))))))))))))))))))))))))))))
.
2009-06-06 08:30 . 2001-08-23 13:47 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-06-06 08:30 . 2001-08-23 13:47 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-06-06 08:24 . 2009-06-06 08:24 -------- d-----w- C:\Medion
2009-05-29 15:34 . 2009-05-29 16:00 -------- d-----w- c:\documents and settings\Administrateur.PCALR\DoctorWeb
2009-05-29 14:30 . 2009-05-29 14:55 -------- d-----w- c:\program files\Navilog1
2009-05-12 05:03 . 2009-06-03 15:19 117760 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-05-12 05:02 . 2009-05-27 05:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com
2009-05-07 14:30 . 2009-05-07 14:30 -------- d-----w- c:\program files\CCleaner
2009-05-07 14:22 . 2009-05-07 14:22 -------- d-----w- c:\windows\system32\Kaspersky Lab
2009-05-07 12:36 . 2009-05-07 12:59 -------- d-----w- C:\UsbFix
2009-05-07 12:09 . 2009-05-07 12:09 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-06 09:18 . 2009-04-20 19:56 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\VSO
2009-06-06 08:37 . 2009-01-09 13:09 1080 -c--a-w- c:\windows\AUTOLNCH.REG
2009-06-04 19:14 . 2009-01-10 10:52 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\uTorrent
2009-05-13 15:15 . 2009-01-10 09:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-05-12 05:01 . 2007-09-01 09:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-05-12 04:59 . 2009-01-10 10:19 -------- d-----w- c:\program files\FlashFXP
2009-05-12 04:58 . 2009-01-10 10:18 -------- d-----w- c:\program files\TuneUp Utilities 2006
2009-05-07 14:35 . 2009-01-10 10:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2007-01-30 18:31 . 2006-11-28 19:26 278528 -c--a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.
------- Sigcheck -------
[-] 2008-05-08 12:22 724480 DB3AB42404D66860A4C4E9ED8530D0FD c:\windows\system32\user32.dll
[-] 2008-05-08 12:22 568320 AE0D48AF37F5A48156D4A6BAE07C9121 c:\windows\system32\winlogon.exe
[-] 2007-10-29 09:53 1916416 D84567752FB42D8DC55CFB85FE0EDECE c:\windows\explorer.exe
[-] 2008-05-08 12:13 40960 58DB2EE838D5B7BAD0F7F10A6C920390 c:\windows\system32\ctfmon.exe
[-] 2008-05-15 17:53 1571840 A5780186A76EABA3E656E63B41862997 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-06-06_07.59.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2000-02-17 21:14 . 2000-02-17 21:14 57344 c:\windows\twain_32\FlatBed\PMXUSD.DLL
+ 1998-04-04 12:21 . 1998-04-04 12:21 98304 c:\windows\twain_32\FlatBed\ltfil90n.DLL
+ 2001-07-13 11:43 . 2001-07-13 11:43 45056 c:\windows\twain_32\FlatBed\ImgProc.dll
+ 1999-08-31 09:09 . 1999-08-31 09:09 57856 c:\windows\twain_32\FlatBed\gl.dll
+ 2000-07-10 05:21 . 2000-07-10 05:21 34816 c:\windows\twain_32\FlatBed\DelINF.EXE
+ 2009-06-06 11:31 . 2009-06-06 11:31 16384 c:\windows\Temp\Perflib_Perfdata_63c.dat
+ 2009-06-06 11:30 . 2009-06-06 11:30 16384 c:\windows\Temp\Perflib_Perfdata_590.dat
+ 2009-06-06 08:16 . 2009-06-06 08:16 16384 c:\windows\Temp\Perflib_Perfdata_58c.dat
+ 2009-06-06 08:16 . 2009-06-06 08:16 16384 c:\windows\Temp\Perflib_Perfdata_260.dat
+ 2002-05-20 00:22 . 2002-05-20 00:22 36864 c:\windows\system32\Vizmicro.dll
+ 1999-08-31 09:09 . 1999-08-31 09:09 57856 c:\windows\system32\gl.dll
- 2009-01-09 13:04 . 2008-04-13 08:45 15104 c:\windows\system32\drivers\usbscan.sys
+ 2009-01-09 13:04 . 2008-04-13 07:45 15104 c:\windows\system32\drivers\usbscan.sys
- 2009-01-09 13:04 . 2008-04-13 08:45 15104 c:\windows\system32\dllcache\usbscan.sys
+ 2009-01-09 13:04 . 2008-04-13 07:45 15104 c:\windows\system32\dllcache\usbscan.sys
+ 2000-08-02 12:47 . 2000-08-02 12:47 26112 c:\windows\RunUnDrv.exe
+ 2002-05-17 00:19 . 2002-05-17 00:19 172032 c:\windows\twain_32\FlatBed\VICEO.DLL
+ 2002-07-24 06:01 . 2002-07-24 06:01 118784 c:\windows\twain_32\FlatBed\UI3RD_32.DLL
+ 2002-05-17 11:17 . 2002-05-17 11:17 225280 c:\windows\twain_32\FlatBed\RtScan.dll
+ 2000-06-28 02:23 . 2000-06-28 02:23 110592 c:\windows\twain_32\FlatBed\prdirect.dll
+ 1998-04-04 12:21 . 1998-04-04 12:21 288256 c:\windows\twain_32\FlatBed\ltkrn90n.dll
+ 1998-04-04 12:22 . 1998-04-04 12:22 107008 c:\windows\twain_32\FlatBed\ltimg90n.dll
+ 1998-04-04 12:21 . 1998-04-04 12:21 220160 c:\windows\twain_32\FlatBed\LTDIS90n.dll
+ 1999-01-26 06:12 . 1999-01-26 06:12 122368 c:\windows\twain_32\FlatBed\DJpegDLL.dll
+ 1999-05-18 06:30 . 1999-05-18 06:30 144896 c:\windows\twain_32\FlatBed\divJPG.DLL
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-08 40960]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"AdobeUpdater"="c:\program files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"FastUser"="c:\windows\system32\fast.exe" [2001-10-19 49216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^e-Carte Bleue Caisse d'Epargne.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\e-Carte Bleue Caisse d'Epargne.lnk
backup=c:\windows\pss\e-Carte Bleue Caisse d'Epargne.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SMCWUSB-G2 Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SMCWUSB-G2 Wireless Utility.lnk
backup=c:\windows\pss\SMCWUSB-G2 Wireless Utility.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisablePagingExecutive"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [09/01/2009 12:51 VALR 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 11:33 VALR 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 11:33 VALR 72944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/01/2009 12:51 VALR 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [19/02/2009 20:02 VALR 55152]
R3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [09/01/2009 14:15 VALR 146112]
R3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [09/01/2009 14:15 VALR 6272]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 VALR 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [24/01/2009 15:46 VALR 216232]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [10/01/2009 14:15 VALR 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [10/01/2009 14:18 VALR 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [10/01/2009 14:18 VALR 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [10/01/2009 14:18 VALR 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [10/01/2009 14:19 VALR 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [10/01/2009 14:18 VALR 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [10/01/2009 14:18 VALR 97704]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 11:33 VALR 7408]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [08/01/2009 19:54 VALR 477696]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenu du dossier 'Tâches planifiées'
2009-06-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-28 20:18]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: {D1614682-5CC3-4A3B-A105-059DC78EF577} = 212.27.53.252,212.27.54.252
FF - ProfilePath - c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-06 13:31
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\SETUPAPI.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(736)
c:\windows\system32\setupapi.dll
- - - - - - - > 'explorer.exe'(2396)
c:\windows\system32\SHDOCVW.dll
c:\program files\RocketDock\RocketDock.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0/u\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Heure de fin: 2009-06-06 13:39 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-06 11:39
ComboFix2.txt 2009-06-06 08:04
ComboFix3.txt 2008-08-13 08:29
Avant-CF: 23 531 192 320 octets libres
Après-CF: 23 422 660 608 octets libres
239 --- E O F --- 2009-05-27 17:01
je fais le reste
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1054 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur.PCALR\Bureau\desinfection pc\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Administrateur.PCALR\Bureau\CFScript.txt
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_PROCEXP90
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-06 au 2009-06-06 ))))))))))))))))))))))))))))))))))))
.
2009-06-06 08:30 . 2001-08-23 13:47 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-06-06 08:30 . 2001-08-23 13:47 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-06-06 08:24 . 2009-06-06 08:24 -------- d-----w- C:\Medion
2009-05-29 15:34 . 2009-05-29 16:00 -------- d-----w- c:\documents and settings\Administrateur.PCALR\DoctorWeb
2009-05-29 14:30 . 2009-05-29 14:55 -------- d-----w- c:\program files\Navilog1
2009-05-12 05:03 . 2009-06-03 15:19 117760 ----a-w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-05-12 05:02 . 2009-05-27 05:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-12 05:02 . 2009-05-12 05:02 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\SUPERAntiSpyware.com
2009-05-07 14:30 . 2009-05-07 14:30 -------- d-----w- c:\program files\CCleaner
2009-05-07 14:22 . 2009-05-07 14:22 -------- d-----w- c:\windows\system32\Kaspersky Lab
2009-05-07 12:36 . 2009-05-07 12:59 -------- d-----w- C:\UsbFix
2009-05-07 12:09 . 2009-05-07 12:09 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-06 09:18 . 2009-04-20 19:56 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\VSO
2009-06-06 08:37 . 2009-01-09 13:09 1080 -c--a-w- c:\windows\AUTOLNCH.REG
2009-06-04 19:14 . 2009-01-10 10:52 -------- d-----w- c:\documents and settings\Administrateur.PCALR\Application Data\uTorrent
2009-05-13 15:15 . 2009-01-10 09:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-05-12 05:01 . 2007-09-01 09:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-05-12 04:59 . 2009-01-10 10:19 -------- d-----w- c:\program files\FlashFXP
2009-05-12 04:58 . 2009-01-10 10:18 -------- d-----w- c:\program files\TuneUp Utilities 2006
2009-05-07 14:35 . 2009-01-10 10:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2007-01-30 18:31 . 2006-11-28 19:26 278528 -c--a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.
------- Sigcheck -------
[-] 2008-05-08 12:22 724480 DB3AB42404D66860A4C4E9ED8530D0FD c:\windows\system32\user32.dll
[-] 2008-05-08 12:22 568320 AE0D48AF37F5A48156D4A6BAE07C9121 c:\windows\system32\winlogon.exe
[-] 2007-10-29 09:53 1916416 D84567752FB42D8DC55CFB85FE0EDECE c:\windows\explorer.exe
[-] 2008-05-08 12:13 40960 58DB2EE838D5B7BAD0F7F10A6C920390 c:\windows\system32\ctfmon.exe
[-] 2008-05-15 17:53 1571840 A5780186A76EABA3E656E63B41862997 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-06-06_07.59.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2000-02-17 21:14 . 2000-02-17 21:14 57344 c:\windows\twain_32\FlatBed\PMXUSD.DLL
+ 1998-04-04 12:21 . 1998-04-04 12:21 98304 c:\windows\twain_32\FlatBed\ltfil90n.DLL
+ 2001-07-13 11:43 . 2001-07-13 11:43 45056 c:\windows\twain_32\FlatBed\ImgProc.dll
+ 1999-08-31 09:09 . 1999-08-31 09:09 57856 c:\windows\twain_32\FlatBed\gl.dll
+ 2000-07-10 05:21 . 2000-07-10 05:21 34816 c:\windows\twain_32\FlatBed\DelINF.EXE
+ 2009-06-06 11:31 . 2009-06-06 11:31 16384 c:\windows\Temp\Perflib_Perfdata_63c.dat
+ 2009-06-06 11:30 . 2009-06-06 11:30 16384 c:\windows\Temp\Perflib_Perfdata_590.dat
+ 2009-06-06 08:16 . 2009-06-06 08:16 16384 c:\windows\Temp\Perflib_Perfdata_58c.dat
+ 2009-06-06 08:16 . 2009-06-06 08:16 16384 c:\windows\Temp\Perflib_Perfdata_260.dat
+ 2002-05-20 00:22 . 2002-05-20 00:22 36864 c:\windows\system32\Vizmicro.dll
+ 1999-08-31 09:09 . 1999-08-31 09:09 57856 c:\windows\system32\gl.dll
- 2009-01-09 13:04 . 2008-04-13 08:45 15104 c:\windows\system32\drivers\usbscan.sys
+ 2009-01-09 13:04 . 2008-04-13 07:45 15104 c:\windows\system32\drivers\usbscan.sys
- 2009-01-09 13:04 . 2008-04-13 08:45 15104 c:\windows\system32\dllcache\usbscan.sys
+ 2009-01-09 13:04 . 2008-04-13 07:45 15104 c:\windows\system32\dllcache\usbscan.sys
+ 2000-08-02 12:47 . 2000-08-02 12:47 26112 c:\windows\RunUnDrv.exe
+ 2002-05-17 00:19 . 2002-05-17 00:19 172032 c:\windows\twain_32\FlatBed\VICEO.DLL
+ 2002-07-24 06:01 . 2002-07-24 06:01 118784 c:\windows\twain_32\FlatBed\UI3RD_32.DLL
+ 2002-05-17 11:17 . 2002-05-17 11:17 225280 c:\windows\twain_32\FlatBed\RtScan.dll
+ 2000-06-28 02:23 . 2000-06-28 02:23 110592 c:\windows\twain_32\FlatBed\prdirect.dll
+ 1998-04-04 12:21 . 1998-04-04 12:21 288256 c:\windows\twain_32\FlatBed\ltkrn90n.dll
+ 1998-04-04 12:22 . 1998-04-04 12:22 107008 c:\windows\twain_32\FlatBed\ltimg90n.dll
+ 1998-04-04 12:21 . 1998-04-04 12:21 220160 c:\windows\twain_32\FlatBed\LTDIS90n.dll
+ 1999-01-26 06:12 . 1999-01-26 06:12 122368 c:\windows\twain_32\FlatBed\DJpegDLL.dll
+ 1999-05-18 06:30 . 1999-05-18 06:30 144896 c:\windows\twain_32\FlatBed\divJPG.DLL
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-08 40960]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"AdobeUpdater"="c:\program files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"FastUser"="c:\windows\system32\fast.exe" [2001-10-19 49216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^e-Carte Bleue Caisse d'Epargne.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\e-Carte Bleue Caisse d'Epargne.lnk
backup=c:\windows\pss\e-Carte Bleue Caisse d'Epargne.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SMCWUSB-G2 Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SMCWUSB-G2 Wireless Utility.lnk
backup=c:\windows\pss\SMCWUSB-G2 Wireless Utility.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisablePagingExecutive"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [09/01/2009 12:51 VALR 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 11:33 VALR 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 11:33 VALR 72944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/01/2009 12:51 VALR 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [19/02/2009 20:02 VALR 55152]
R3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [09/01/2009 14:15 VALR 146112]
R3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [09/01/2009 14:15 VALR 6272]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 VALR 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [24/01/2009 15:46 VALR 216232]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [10/01/2009 14:15 VALR 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [10/01/2009 14:18 VALR 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [10/01/2009 14:18 VALR 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [10/01/2009 14:18 VALR 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [10/01/2009 14:19 VALR 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [10/01/2009 14:18 VALR 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [10/01/2009 14:18 VALR 97704]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 11:33 VALR 7408]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [08/01/2009 19:54 VALR 477696]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contenu du dossier 'Tâches planifiées'
2009-06-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-28 20:18]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: {D1614682-5CC3-4A3B-A105-059DC78EF577} = 212.27.53.252,212.27.54.252
FF - ProfilePath - c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\Administrateur.PCALR\Application Data\Mozilla\Firefox\Profiles\3i5zixyd.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-06 13:31
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\SETUPAPI.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(736)
c:\windows\system32\setupapi.dll
- - - - - - - > 'explorer.exe'(2396)
c:\windows\system32\SHDOCVW.dll
c:\program files\RocketDock\RocketDock.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0/u\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Heure de fin: 2009-06-06 13:39 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-06 11:39
ComboFix2.txt 2009-06-06 08:04
ComboFix3.txt 2008-08-13 08:29
Avant-CF: 23 531 192 320 octets libres
Après-CF: 23 422 660 608 octets libres
239 --- E O F --- 2009-05-27 17:01
je fais le reste
Ensuite
Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau :
ou :ZHPDiag
!! déconnecte toi et ferme toutes tes applications en cours !!
* Clique droit sur le .zip que tu viens de télécharger et choisis " extraire tout " sur ton bureau ...
* Double-clique sur "ZHPDiag.exe" pour lancer l'outil :
> Clique sur le bouton " Tous " ( important ).
> puis clique sur le bouton de "la loupe" pour lancer le scan .
Laisses travailler l'outil ...
> Une fois terminé , le rapport s'affiche : clique sur bouton "appareil photo" pour sauvegarder le rapport obtenu ...
Enregistres bien ZHPDiag.txt de façon à le retrouver facilement ( sur le bureau par exemple ).
Puis ferme le programme ...
Enfin , fais un copier/coller du contenu du rapport sauvegardé dans ta prochaine réponse pour analyse ...
Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau :
ou :ZHPDiag
!! déconnecte toi et ferme toutes tes applications en cours !!
* Clique droit sur le .zip que tu viens de télécharger et choisis " extraire tout " sur ton bureau ...
* Double-clique sur "ZHPDiag.exe" pour lancer l'outil :
> Clique sur le bouton " Tous " ( important ).
> puis clique sur le bouton de "la loupe" pour lancer le scan .
Laisses travailler l'outil ...
> Une fois terminé , le rapport s'affiche : clique sur bouton "appareil photo" pour sauvegarder le rapport obtenu ...
Enregistres bien ZHPDiag.txt de façon à le retrouver facilement ( sur le bureau par exemple ).
Puis ferme le programme ...
Enfin , fais un copier/coller du contenu du rapport sauvegardé dans ta prochaine réponse pour analyse ...
je te l'envoie en plusieurs fois
Rapport de ZHPDiag v1.21 par Nicolas Coolman
Enregistré le 06/06/2009 13:47:49
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
MFIE: Mozilla Firefox (3.0.10)
---\\ Processus lancés
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ati2sgag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\services.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\Fast.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\spoolsv.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: 1 - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKLM\..\policies\Explorer: [NoDesktopCleanupWizard] Data="1"
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data="1"
O4 - HKLM\..\policies\Explorer: [NoLogOff] Data="0"
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data="67108863"
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="323"
O4 - HKLM\..\policies\Explorer: [NoDrives] Data="0"
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll,1000
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFBARH.ICO
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
---\\ Piratage de domaine (Lop.com) (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: 212.27.53.252,212.27.54.252
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: SABWINLOStartup - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: AtiStartupEvent - C:\WINDOWS\System32\Ati2evxx.dll
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: (Ati HotKey Poller) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InteractiveLogon (InteractiveLogon) - C:\WINDOWS\system32\Fast.exe -service
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11 - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Web Folders - {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: (no name) - {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx
O40 - ASIC: Volet Windows - {D58F39FF-953E-4F45-898F-59F243B9A523} - RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (no object) (aeaudio) - C:\WINDOWS\system32\drivers\aeaudio.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Filtre de bus AGP Intel (agp440) - C:\WINDOWS\system32\DRIVERS\agp440.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: (no object) (ati2mtag) - C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: Pilote de Gestionnaire de disque logique (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: driverhardwarev2 (driverhardwarev2) - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: ElbyCDIO Driver (ElbyCDIO) - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\DRIVERS\fltMgr.sys
O41 - Driver: FssFltr (fssfltr) - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (HidUsb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: (no object) (HSFHWBS2) - C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
O41 - Driver: (no object) (HSF_DP) - C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: ISO CD-ROM Device Driver (ISODrive) - C:\Program Files\UltraISO\drivers\ISODrive.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Logitech SetPoint PS/2 Mouse Filter Driver (L8042mou) - C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
O41 - Driver: Logitech SetPoint HID Mouse Filter Driver (LHidKe) - C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
O41 - Driver: Logitech SetPoint USB Receiver device driver (LHidUsbK) - C:\WINDOWS\System32\Drivers\LHidUsbK.Sys
O41 - Driver: Logitech SetPoint Mouse Filter Driver (LMouKE) - C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
O41 - Driver: (no object) (mdmxsdk) - C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleurs hôte IEEE 1394 compatible OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCAMPR5 NDIS Protocol Driver (PCAMPR5) - C:\WINDOWS\system32\PCAMPR5.SYS
O41 - Driver: PCANDIS5 NDIS Protocol Driver (PCANDIS5) - C:\WINDOWS\system32\PCANDIS5.SYS
O41 - Driver: Padus ASPI Shell (pfc) - C:\WINDOWS\system32\drivers\pfc.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de redirecteur de périphérique Terminal Server (rdpdr) - C:\WINDOWS\system32\DRIVERS\rdpdr.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Sony Ericsson Device 816 driver (WDM) (s816bus) - C:\WINDOWS\system32\DRIVERS\s816bus.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC Modem Filter (s816mdfl) - C:\WINDOWS\system32\DRIVERS\s816mdfl.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC Modem Driver (s816mdm) - C:\WINDOWS\system32\DRIVERS\s816mdm.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) (s816mgmt) - C:\WINDOWS\system32\DRIVERS\s816mgmt.sys
O41 - Driver: Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) (s816nd5) - C:\WINDOWS\system32\DRIVERS\s816nd5.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC OBEX Interface (s816obex) - C:\WINDOWS\system32\DRIVERS\s816obex.sys
O41 - Driver: Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) (s816unic) - C:\WINDOWS\system32\DRIVERS\s816unic.sys
O41 - Driver: SASDIFSV (SASDIFSV) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
O41 - Driver: SASENUM (SASENUM) - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
O41 - Driver: SASKUTIL (SASKUTIL) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: (no object) (smwdm) - C:\WINDOWS\system32\drivers\smwdm.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: SAMSUNG USB Composite Device driver (WDM) (sscdbus) - C:\WINDOWS\system32\DRIVERS\sscdbus.sys
O41 - Driver: SAMSUNG CDMA Modem Filter (sscdmdfl) - C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
O41 - Driver: SAMSUNG CDMA Modem Drivers (sscdmdm) - C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Concentrateur USB2 (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
O41 - Driver: Live! Cam Video IM (V0220Dev) - C:\WINDOWS\system32\DRIVERS\V0220Dev.sys
O41 - Driver: V0220VFX (V0220Vfx) - C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: (no object) (winachsf) - C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys
O41 - Driver: 802.11g Wireless USB2.0 Adapter Driver(SMC) (ZD1211BU(SMC)) - C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
O41 - Driver: ZDPSp50 NDIS Protocol Driver (ZDPSp50) - C:\WINDOWS\System32\Drivers\ZDPSp50.sys
Rapport de ZHPDiag v1.21 par Nicolas Coolman
Enregistré le 06/06/2009 13:47:49
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
MFIE: Mozilla Firefox (3.0.10)
---\\ Processus lancés
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ati2sgag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\services.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\Fast.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\spoolsv.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: 1 - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKLM\..\policies\Explorer: [NoDesktopCleanupWizard] Data="1"
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data="1"
O4 - HKLM\..\policies\Explorer: [NoLogOff] Data="0"
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data="67108863"
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="323"
O4 - HKLM\..\policies\Explorer: [NoDrives] Data="0"
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll,1000
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFBARH.ICO
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
---\\ Piratage de domaine (Lop.com) (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{D1614682-5CC3-4A3B-A105-059DC78EF577}: 212.27.53.252,212.27.54.252
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: SABWINLOStartup - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: AtiStartupEvent - C:\WINDOWS\System32\Ati2evxx.dll
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: (Ati HotKey Poller) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InteractiveLogon (InteractiveLogon) - C:\WINDOWS\system32\Fast.exe -service
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11 - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Web Folders - {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: (no name) - {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx
O40 - ASIC: Volet Windows - {D58F39FF-953E-4F45-898F-59F243B9A523} - RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (no object) (aeaudio) - C:\WINDOWS\system32\drivers\aeaudio.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Filtre de bus AGP Intel (agp440) - C:\WINDOWS\system32\DRIVERS\agp440.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: (no object) (ati2mtag) - C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: Pilote de Gestionnaire de disque logique (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: driverhardwarev2 (driverhardwarev2) - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: ElbyCDIO Driver (ElbyCDIO) - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\DRIVERS\fltMgr.sys
O41 - Driver: FssFltr (fssfltr) - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (HidUsb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: (no object) (HSFHWBS2) - C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
O41 - Driver: (no object) (HSF_DP) - C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: ISO CD-ROM Device Driver (ISODrive) - C:\Program Files\UltraISO\drivers\ISODrive.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Logitech SetPoint PS/2 Mouse Filter Driver (L8042mou) - C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
O41 - Driver: Logitech SetPoint HID Mouse Filter Driver (LHidKe) - C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
O41 - Driver: Logitech SetPoint USB Receiver device driver (LHidUsbK) - C:\WINDOWS\System32\Drivers\LHidUsbK.Sys
O41 - Driver: Logitech SetPoint Mouse Filter Driver (LMouKE) - C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
O41 - Driver: (no object) (mdmxsdk) - C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleurs hôte IEEE 1394 compatible OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCAMPR5 NDIS Protocol Driver (PCAMPR5) - C:\WINDOWS\system32\PCAMPR5.SYS
O41 - Driver: PCANDIS5 NDIS Protocol Driver (PCANDIS5) - C:\WINDOWS\system32\PCANDIS5.SYS
O41 - Driver: Padus ASPI Shell (pfc) - C:\WINDOWS\system32\drivers\pfc.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de redirecteur de périphérique Terminal Server (rdpdr) - C:\WINDOWS\system32\DRIVERS\rdpdr.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Sony Ericsson Device 816 driver (WDM) (s816bus) - C:\WINDOWS\system32\DRIVERS\s816bus.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC Modem Filter (s816mdfl) - C:\WINDOWS\system32\DRIVERS\s816mdfl.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC Modem Driver (s816mdm) - C:\WINDOWS\system32\DRIVERS\s816mdm.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) (s816mgmt) - C:\WINDOWS\system32\DRIVERS\s816mgmt.sys
O41 - Driver: Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) (s816nd5) - C:\WINDOWS\system32\DRIVERS\s816nd5.sys
O41 - Driver: Sony Ericsson Device 816 USB WMC OBEX Interface (s816obex) - C:\WINDOWS\system32\DRIVERS\s816obex.sys
O41 - Driver: Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) (s816unic) - C:\WINDOWS\system32\DRIVERS\s816unic.sys
O41 - Driver: SASDIFSV (SASDIFSV) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
O41 - Driver: SASENUM (SASENUM) - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
O41 - Driver: SASKUTIL (SASKUTIL) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: (no object) (smwdm) - C:\WINDOWS\system32\drivers\smwdm.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: SAMSUNG USB Composite Device driver (WDM) (sscdbus) - C:\WINDOWS\system32\DRIVERS\sscdbus.sys
O41 - Driver: SAMSUNG CDMA Modem Filter (sscdmdfl) - C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
O41 - Driver: SAMSUNG CDMA Modem Drivers (sscdmdm) - C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Concentrateur USB2 (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
O41 - Driver: Live! Cam Video IM (V0220Dev) - C:\WINDOWS\system32\DRIVERS\V0220Dev.sys
O41 - Driver: V0220VFX (V0220Vfx) - C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: (no object) (winachsf) - C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys
O41 - Driver: 802.11g Wireless USB2.0 Adapter Driver(SMC) (ZD1211BU(SMC)) - C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
O41 - Driver: ZDPSp50 NDIS Protocol Driver (ZDPSp50) - C:\WINDOWS\System32\Drivers\ZDPSp50.sys
la suite
---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1)
O42 - Logiciel: 7-Zip 4.42
O42 - Logiciel: ACDSee Pro
O42 - Logiciel: ATI - Software Uninstall Utility
O42 - Logiciel: ATI AVIVO Codecs
O42 - Logiciel: ATI Catalyst Control Center
O42 - Logiciel: ATI Display Driver
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Flash Player 9 ActiveX
O42 - Logiciel: Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Alky for Applications (Windows XP)
O42 - Logiciel: AnyDVD
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Catalyst Control Center - Branding
O42 - Logiciel: Choice Guard
O42 - Logiciel: Creative Live! Cam Video IM Driver (1.01.01.00)
O42 - Logiciel: DVD Shrink 3.2
O42 - Logiciel: Desktop Sidebar
O42 - Logiciel: Disc2Phone
O42 - Logiciel: Driver Genius Professional Edition
O42 - Logiciel: Driver Genius Professional Edition 2006 6.1.2518
O42 - Logiciel: EPSON CardMonitor
O42 - Logiciel: EPSON Logiciel imprimante
O42 - Logiciel: EPSON PRINT Image Framer Tool2.1
O42 - Logiciel: EPSON PhotoQuicker3.5
O42 - Logiciel: EPSON PhotoStarter3.1
O42 - Logiciel: EPSON Print CD
O42 - Logiciel: ESPR300 Guide des logiciels
O42 - Logiciel: FlashFXP v3
O42 - Logiciel: Free Mp3 Wma Converter V 1.8.0
O42 - Logiciel: Gadget Documents récents Microsoft Office 2007
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: IrfanView (remove only)
O42 - Logiciel: Java(TM) 6 Update 12
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: K-Lite Mega Codec Pack 1.62
O42 - Logiciel: KC Softwares VideoInspector
O42 - Logiciel: Kaspersky On-line Scanner
O42 - Logiciel: Kaspersky Online Scanner
O42 - Logiciel: Logitech SetPoint
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 6.0 Parser (KB925673)
O42 - Logiciel: MUSICMATCH(R) Jukebox
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft .NET Framework 3.0
O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office Access MUI (French) 2007
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007
O42 - Logiciel: Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Microsoft Office Outlook Connector
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Professional Plus 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
O42 - Logiciel: MozBackup 1.4.5
O42 - Logiciel: Mozilla Firefox (3.0.10)
O42 - Logiciel: Navilog1 3.7.7
O42 - Logiciel: Nero 7 Premium
O42 - Logiciel: Orange - Logiciels Internet
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PIF DESIGNER2.1
O42 - Logiciel: Paint.NET v3.0
O42 - Logiciel: Powertoys For Windows XP
O42 - Logiciel: RocketDock 1.3.5
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set
O42 - Logiciel: SAMSUNG Mobile Composite Device Software
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: SMCWUSB-G2 Wireless Utility
O42 - Logiciel: SUPERAntiSpyware Free Edition
O42 - Logiciel: Samsung Mobile phone USB driver Software
O42 - Logiciel: Samsung PC Studio 3
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Search Settings 1.2
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB960003)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB959997)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB950114)
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB956358)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB956828)
O42 - Logiciel: Segoe UI
O42 - Logiciel: SoftV92 Data Fax Modem
O42 - Logiciel: Sony Ericsson Device Data
O42 - Logiciel: Sony Ericsson Drivers
O42 - Logiciel: Sony Ericsson PC Suite
O42 - Logiciel: SoundMAX
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Spybot - Search & Destroy 1.4
O42 - Logiciel: TuneUp Utilities 2006
O42 - Logiciel: USB Scanner
O42 - Logiciel: UltraISO Premium V8.6
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB952142)
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb968503)
O42 - Logiciel: UsbFix
O42 - Logiciel: VSO Image Resizer 2.1.8.2
O42 - Logiciel: VideoLAN VLC media player 0.8.6
O42 - Logiciel: Volet Windows
O42 - Logiciel: Vopt 8.06
O42 - Logiciel: Vopt 9
O42 - Logiciel: Winamp (remove only)
O42 - Logiciel: Windows Communication Foundation
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Contrôle parental
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sync
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA)
O42 - Logiciel: Windows Workflow Foundation
O42 - Logiciel: Windows Workflow Foundation FR Language Pack
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XnView 1.82.4
O42 - Logiciel: avast! Antivirus
O42 - Logiciel: e-Carte Bleue Caisse d'Epargne
O42 - Logiciel: livebox
O42 - Logiciel: µTorrent
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ACD Systems
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ATI Technologies
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Borland Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Canon
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\EZB Systems
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Logitech
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\NewSoft
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Sony Digital Imaging
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Sony Ericsson Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Sony Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Teleca Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ulead Systems
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->11/03/2009 - 19:04:49
O44 - LFC:Last File Created - C:\WINDOWS\System32\kernel32.dll -->21/03/2009 - 15:07:58
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/05/2009 - 08:16:29
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->06/06/2009 - 12:33:43
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->06/04/2009 - 14:32:46
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06/04/2009 - 14:32:54
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACDSEE8PRO.EXE-3575F776.pf -->06/06/2009 - 11:28:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->06/06/2009 - 11:33:42
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->06/06/2009 - 12:32:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->06/06/2009 - 12:32:52
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHDISP.EXE-0B874892.pf -->06/06/2009 - 12:32:37
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf -->06/06/2009 - 12:32:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf -->06/06/2009 - 12:32:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATI2SGAG.EXE-034D00DE.pf -->06/06/2009 - 09:17:15
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATTRIB.CFEXE-07A4D3CF.pf -->06/06/2009 - 12:31:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATTRIB.EXE-39EAFB02.pf -->06/06/2009 - 12:17:47
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AURORA.SCR-05932349.pf -->12/05/2009 - 19:52:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AURORA.SCR-29BA5386.pf -->06/06/2009 - 08:24:52
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf -->06/06/2009 - 12:33:46
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CATCHME.CFEXE-0F2A0789.pf -->06/06/2009 - 12:40:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CATCHME.TMP-265A4B2E.pf -->06/06/2009 - 12:36:53
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CF20470.EXE-1D7BAE73.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHCP.COM-18156052.pf -->06/06/2009 - 12:34:16
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->06/06/2009 - 12:39:59
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXECF-27E83661.pf -->06/06/2009 - 12:17:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX-DOWNLOAD.CFEXE-1D161D68.pf -->06/06/2009 - 12:17:59
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX.EXE-0F799B77.pf -->06/06/2009 - 12:17:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSCRIPT.EXE-1C26180C.pf -->06/06/2009 - 12:37:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->06/06/2009 - 12:32:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->06/06/2009 - 10:05:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->06/06/2009 - 10:05:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPHIVE.CFEXE-2ED3B134.pf -->06/06/2009 - 12:39:42
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ERUNT.CFEXE-039977DB.pf -->06/06/2009 - 12:38:32
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->06/06/2009 - 12:38:13
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_S10MT2.EXE-0E680929.pf -->06/06/2009 - 12:45:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_S10RN2.EXE-38983110.pf -->06/06/2009 - 12:45:57
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_S1T0A2.EXE-204124AC.pf -->06/06/2009 - 12:46:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FAST.EXE-33115EFB.pf -->06/06/2009 - 12:31:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FINDSTR.CFEXE-38519B93.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf -->06/06/2009 - 12:34:20
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->06/06/2009 - 12:40:31
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FTRTSVC.EXE-3AF61018.pf -->06/06/2009 - 12:31:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GREP.CFEXE-20443039.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GREP.CFEXE-273BC5E1.pf -->06/06/2009 - 12:17:48
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRPCONV.EXE-111CD845.pf -->06/06/2009 - 12:17:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GSAR.CFEXE-0E6FCB31.pf -->06/06/2009 - 12:17:37
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GSAR.CFEXE-156760D9.pf -->06/06/2009 - 12:38:03
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HANDLE.CFEXE-13427ED2.pf -->06/06/2009 - 12:40:05
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPER.EXE-0415776D.pf -->06/06/2009 - 12:40:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIDEC.EXE-3818BC01.pf -->06/06/2009 - 12:32:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIDEC.EXE-3B166DB3.pf -->06/06/2009 - 12:17:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IPCONFIG.EXE-2395F30B.pf -->06/06/2009 - 12:39:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQS.EXE-1D781F77.pf -->06/06/2009 - 12:31:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf -->06/06/2009 - 12:40:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->06/06/2009 - 10:04:57
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf -->06/06/2009 - 12:32:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MTEE.CFEXE-1E067BC7.pf -->06/06/2009 - 12:40:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\N.COM-3222D14C.pf -->06/06/2009 - 12:17:33
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.CFEXE-19FF4781.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.COM-323C21EC.pf -->06/06/2009 - 12:37:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.EXE-2C39EF53.pf -->06/06/2009 - 12:40:05
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMDC.CFEXE-049E77E5.pf -->06/06/2009 - 12:40:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NMBGMONITOR.EXE-241A04E8.pf -->06/06/2009 - 12:32:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NMINDEXSTORESVR.EXE-22A7DEEF.pf -->06/06/2009 - 12:32:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->06/06/2009 - 12:40:12
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->06/06/2009 - 12:31:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OFFICELIVESIGNIN.EXE-042374FE.pf -->06/06/2009 - 11:28:13
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.CFEXE-26A9D6BD.pf -->06/06/2009 - 12:17:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.CFEXE-29A7886F.pf -->06/06/2009 - 12:39:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.EXE-0806C34B.pf -->06/06/2009 - 12:34:18
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.EXE-2937A365.pf -->06/06/2009 - 12:17:43
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOFILTRE.EXE-03E51D73.pf -->06/06/2009 - 10:13:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PING.EXE-31216D26.pf -->06/06/2009 - 12:17:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.CFEXE-0E6F2701.pf -->06/06/2009 - 12:39:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.CFEXE-23E4A9A0.pf -->06/06/2009 - 12:17:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.EXE-06A2AC78.pf -->06/06/2009 - 12:17:41
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf -->06/06/2009 - 12:40:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGT.CFEXE-15DB5DAE.pf -->06/06/2009 - 12:37:51
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RESIZE.EXE-12447F87.pf -->06/06/2009 - 10:18:23
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ROCKETDOCK.EXE-2D8AF8EC.pf -->06/06/2009 - 12:32:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1EE676D0.pf -->06/06/2009 - 12:17:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-23EFE92C.pf -->06/06/2009 - 12:34:03
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf -->06/06/2009 - 12:17:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEAPORT.EXE-2D9D4167.pf -->06/06/2009 - 12:31:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.CFEXE-238FCCA6.pf -->06/06/2009 - 12:17:47
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.CFEXE-268D7E58.pf -->06/06/2009 - 12:39:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.EXE-0F4B402F.pf -->06/06/2009 - 12:18:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SMAGENT.EXE-34504AD2.pf -->06/06/2009 - 12:31:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf -->06/06/2009 - 12:38:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf -->06/06/2009 - 12:31:30
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.CFEXE-2BF4FFCD.pf -->06/06/2009 - 12:39:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.EXE-0937BD77.pf -->06/06/2009 - 12:17:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.EXE-3560BE42.pf -->06/06/2009 - 12:18:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWSC.CFEXE-3B4FE4FE.pf -->06/06/2009 - 12:18:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWSC.EXE-17AFBFBF.pf -->06/06/2009 - 12:40:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf -->06/06/2009 - 10:16:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->06/06/2009 - 12:40:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VISTADRIVE.EXE-06D8D036.pf -->06/06/2009 - 12:32:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WGASETUP.EXE-060A30C0.pf -->06/06/2009 - 08:11:57
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->06/06/2009 - 10:16:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-07381162.pf -->06/06/2009 - 11:28:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf -->06/06/2009 - 12:35:30
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->06/06/2009 - 12:37:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->06/06/2009 - 12:34:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-2259336F.pf -->06/06/2009 - 12:47:41
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-281BFD31.pf -->06/06/2009 - 12:47:39
---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1)
O42 - Logiciel: 7-Zip 4.42
O42 - Logiciel: ACDSee Pro
O42 - Logiciel: ATI - Software Uninstall Utility
O42 - Logiciel: ATI AVIVO Codecs
O42 - Logiciel: ATI Catalyst Control Center
O42 - Logiciel: ATI Display Driver
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Flash Player 9 ActiveX
O42 - Logiciel: Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Alky for Applications (Windows XP)
O42 - Logiciel: AnyDVD
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Catalyst Control Center - Branding
O42 - Logiciel: Choice Guard
O42 - Logiciel: Creative Live! Cam Video IM Driver (1.01.01.00)
O42 - Logiciel: DVD Shrink 3.2
O42 - Logiciel: Desktop Sidebar
O42 - Logiciel: Disc2Phone
O42 - Logiciel: Driver Genius Professional Edition
O42 - Logiciel: Driver Genius Professional Edition 2006 6.1.2518
O42 - Logiciel: EPSON CardMonitor
O42 - Logiciel: EPSON Logiciel imprimante
O42 - Logiciel: EPSON PRINT Image Framer Tool2.1
O42 - Logiciel: EPSON PhotoQuicker3.5
O42 - Logiciel: EPSON PhotoStarter3.1
O42 - Logiciel: EPSON Print CD
O42 - Logiciel: ESPR300 Guide des logiciels
O42 - Logiciel: FlashFXP v3
O42 - Logiciel: Free Mp3 Wma Converter V 1.8.0
O42 - Logiciel: Gadget Documents récents Microsoft Office 2007
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: IrfanView (remove only)
O42 - Logiciel: Java(TM) 6 Update 12
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: K-Lite Mega Codec Pack 1.62
O42 - Logiciel: KC Softwares VideoInspector
O42 - Logiciel: Kaspersky On-line Scanner
O42 - Logiciel: Kaspersky Online Scanner
O42 - Logiciel: Logitech SetPoint
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 6.0 Parser (KB925673)
O42 - Logiciel: MUSICMATCH(R) Jukebox
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft .NET Framework 3.0
O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office Access MUI (French) 2007
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007
O42 - Logiciel: Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Microsoft Office Outlook Connector
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Professional Plus 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
O42 - Logiciel: MozBackup 1.4.5
O42 - Logiciel: Mozilla Firefox (3.0.10)
O42 - Logiciel: Navilog1 3.7.7
O42 - Logiciel: Nero 7 Premium
O42 - Logiciel: Orange - Logiciels Internet
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PIF DESIGNER2.1
O42 - Logiciel: Paint.NET v3.0
O42 - Logiciel: Powertoys For Windows XP
O42 - Logiciel: RocketDock 1.3.5
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set
O42 - Logiciel: SAMSUNG Mobile Composite Device Software
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: SMCWUSB-G2 Wireless Utility
O42 - Logiciel: SUPERAntiSpyware Free Edition
O42 - Logiciel: Samsung Mobile phone USB driver Software
O42 - Logiciel: Samsung PC Studio 3
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Search Settings 1.2
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB960003)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB959997)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB950114)
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB956358)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB956828)
O42 - Logiciel: Segoe UI
O42 - Logiciel: SoftV92 Data Fax Modem
O42 - Logiciel: Sony Ericsson Device Data
O42 - Logiciel: Sony Ericsson Drivers
O42 - Logiciel: Sony Ericsson PC Suite
O42 - Logiciel: SoundMAX
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Spybot - Search & Destroy 1.4
O42 - Logiciel: TuneUp Utilities 2006
O42 - Logiciel: USB Scanner
O42 - Logiciel: UltraISO Premium V8.6
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB952142)
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb968503)
O42 - Logiciel: UsbFix
O42 - Logiciel: VSO Image Resizer 2.1.8.2
O42 - Logiciel: VideoLAN VLC media player 0.8.6
O42 - Logiciel: Volet Windows
O42 - Logiciel: Vopt 8.06
O42 - Logiciel: Vopt 9
O42 - Logiciel: Winamp (remove only)
O42 - Logiciel: Windows Communication Foundation
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Contrôle parental
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sync
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA)
O42 - Logiciel: Windows Workflow Foundation
O42 - Logiciel: Windows Workflow Foundation FR Language Pack
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XnView 1.82.4
O42 - Logiciel: avast! Antivirus
O42 - Logiciel: e-Carte Bleue Caisse d'Epargne
O42 - Logiciel: livebox
O42 - Logiciel: µTorrent
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ACD Systems
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ATI Technologies
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Borland Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Canon
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\EZB Systems
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Logitech
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\NewSoft
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Sony Digital Imaging
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Sony Ericsson Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Sony Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Teleca Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ulead Systems
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->11/03/2009 - 19:04:49
O44 - LFC:Last File Created - C:\WINDOWS\System32\kernel32.dll -->21/03/2009 - 15:07:58
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/05/2009 - 08:16:29
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->16/04/2009 - 18:22:57
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->06/06/2009 - 12:33:43
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->06/04/2009 - 14:32:46
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06/04/2009 - 14:32:54
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACDSEE8PRO.EXE-3575F776.pf -->06/06/2009 - 11:28:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->06/06/2009 - 11:33:42
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->06/06/2009 - 12:32:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->06/06/2009 - 12:32:52
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHDISP.EXE-0B874892.pf -->06/06/2009 - 12:32:37
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf -->06/06/2009 - 12:32:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf -->06/06/2009 - 12:32:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATI2SGAG.EXE-034D00DE.pf -->06/06/2009 - 09:17:15
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATTRIB.CFEXE-07A4D3CF.pf -->06/06/2009 - 12:31:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATTRIB.EXE-39EAFB02.pf -->06/06/2009 - 12:17:47
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AURORA.SCR-05932349.pf -->12/05/2009 - 19:52:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AURORA.SCR-29BA5386.pf -->06/06/2009 - 08:24:52
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf -->06/06/2009 - 12:33:46
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CATCHME.CFEXE-0F2A0789.pf -->06/06/2009 - 12:40:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CATCHME.TMP-265A4B2E.pf -->06/06/2009 - 12:36:53
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CF20470.EXE-1D7BAE73.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHCP.COM-18156052.pf -->06/06/2009 - 12:34:16
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->06/06/2009 - 12:39:59
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXECF-27E83661.pf -->06/06/2009 - 12:17:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX-DOWNLOAD.CFEXE-1D161D68.pf -->06/06/2009 - 12:17:59
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX.EXE-0F799B77.pf -->06/06/2009 - 12:17:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSCRIPT.EXE-1C26180C.pf -->06/06/2009 - 12:37:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->06/06/2009 - 12:32:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->06/06/2009 - 10:05:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->06/06/2009 - 10:05:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPHIVE.CFEXE-2ED3B134.pf -->06/06/2009 - 12:39:42
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ERUNT.CFEXE-039977DB.pf -->06/06/2009 - 12:38:32
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->06/06/2009 - 12:38:13
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_S10MT2.EXE-0E680929.pf -->06/06/2009 - 12:45:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_S10RN2.EXE-38983110.pf -->06/06/2009 - 12:45:57
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_S1T0A2.EXE-204124AC.pf -->06/06/2009 - 12:46:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FAST.EXE-33115EFB.pf -->06/06/2009 - 12:31:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FINDSTR.CFEXE-38519B93.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf -->06/06/2009 - 12:34:20
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->06/06/2009 - 12:40:31
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FTRTSVC.EXE-3AF61018.pf -->06/06/2009 - 12:31:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GREP.CFEXE-20443039.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GREP.CFEXE-273BC5E1.pf -->06/06/2009 - 12:17:48
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRPCONV.EXE-111CD845.pf -->06/06/2009 - 12:17:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GSAR.CFEXE-0E6FCB31.pf -->06/06/2009 - 12:17:37
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GSAR.CFEXE-156760D9.pf -->06/06/2009 - 12:38:03
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HANDLE.CFEXE-13427ED2.pf -->06/06/2009 - 12:40:05
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPER.EXE-0415776D.pf -->06/06/2009 - 12:40:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIDEC.EXE-3818BC01.pf -->06/06/2009 - 12:32:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIDEC.EXE-3B166DB3.pf -->06/06/2009 - 12:17:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IPCONFIG.EXE-2395F30B.pf -->06/06/2009 - 12:39:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQS.EXE-1D781F77.pf -->06/06/2009 - 12:31:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf -->06/06/2009 - 12:40:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->06/06/2009 - 10:04:57
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf -->06/06/2009 - 12:32:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MTEE.CFEXE-1E067BC7.pf -->06/06/2009 - 12:40:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\N.COM-3222D14C.pf -->06/06/2009 - 12:17:33
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.CFEXE-19FF4781.pf -->06/06/2009 - 12:39:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.COM-323C21EC.pf -->06/06/2009 - 12:37:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.EXE-2C39EF53.pf -->06/06/2009 - 12:40:05
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMDC.CFEXE-049E77E5.pf -->06/06/2009 - 12:40:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NMBGMONITOR.EXE-241A04E8.pf -->06/06/2009 - 12:32:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NMINDEXSTORESVR.EXE-22A7DEEF.pf -->06/06/2009 - 12:32:39
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->06/06/2009 - 12:40:12
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->06/06/2009 - 12:31:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OFFICELIVESIGNIN.EXE-042374FE.pf -->06/06/2009 - 11:28:13
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.CFEXE-26A9D6BD.pf -->06/06/2009 - 12:17:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.CFEXE-29A7886F.pf -->06/06/2009 - 12:39:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.EXE-0806C34B.pf -->06/06/2009 - 12:34:18
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.EXE-2937A365.pf -->06/06/2009 - 12:17:43
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOFILTRE.EXE-03E51D73.pf -->06/06/2009 - 10:13:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PING.EXE-31216D26.pf -->06/06/2009 - 12:17:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.CFEXE-0E6F2701.pf -->06/06/2009 - 12:39:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.CFEXE-23E4A9A0.pf -->06/06/2009 - 12:17:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.EXE-06A2AC78.pf -->06/06/2009 - 12:17:41
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf -->06/06/2009 - 12:40:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGT.CFEXE-15DB5DAE.pf -->06/06/2009 - 12:37:51
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RESIZE.EXE-12447F87.pf -->06/06/2009 - 10:18:23
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ROCKETDOCK.EXE-2D8AF8EC.pf -->06/06/2009 - 12:32:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1EE676D0.pf -->06/06/2009 - 12:17:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-23EFE92C.pf -->06/06/2009 - 12:34:03
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf -->06/06/2009 - 12:17:35
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEAPORT.EXE-2D9D4167.pf -->06/06/2009 - 12:31:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.CFEXE-238FCCA6.pf -->06/06/2009 - 12:17:47
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.CFEXE-268D7E58.pf -->06/06/2009 - 12:39:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.EXE-0F4B402F.pf -->06/06/2009 - 12:18:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SMAGENT.EXE-34504AD2.pf -->06/06/2009 - 12:31:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf -->06/06/2009 - 12:38:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf -->06/06/2009 - 12:31:30
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.CFEXE-2BF4FFCD.pf -->06/06/2009 - 12:39:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.EXE-0937BD77.pf -->06/06/2009 - 12:17:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.EXE-3560BE42.pf -->06/06/2009 - 12:18:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWSC.CFEXE-3B4FE4FE.pf -->06/06/2009 - 12:18:01
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWSC.EXE-17AFBFBF.pf -->06/06/2009 - 12:40:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf -->06/06/2009 - 10:16:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->06/06/2009 - 12:40:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VISTADRIVE.EXE-06D8D036.pf -->06/06/2009 - 12:32:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WGASETUP.EXE-060A30C0.pf -->06/06/2009 - 08:11:57
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->06/06/2009 - 10:16:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-07381162.pf -->06/06/2009 - 11:28:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf -->06/06/2009 - 12:35:30
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->06/06/2009 - 12:37:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->06/06/2009 - 12:34:49
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-2259336F.pf -->06/06/2009 - 12:47:41
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-281BFD31.pf -->06/06/2009 - 12:47:39
la fin
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
O46 - SEH:ShellExecuteHooks - (no name) - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
O47 - AAKE:Key Export - "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
O47 - AAKE:Key Export - "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
O47 - AAKE:Key Export - "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\procexp90.Sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\procexp90.Sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers\"MSVideo.VF0220VFW"="V0220Vfw.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"MIDI1"="SYNCOR11.DLL"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.ac3acm"="ac3acm.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.wmv3"="wmv9vcm.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.FFDS"="ff_vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.ACDV"="ACDV.dll"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoStartBanner"=
O56 - MWPE:[HKCU\...\Policies\Explorer] - "MemCheckBoxInRunDlg"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSMBalloonTip"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoWelcomeScreen"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoStrCmpLogical"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoInstrumentation"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSMHelp"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoWinKeys"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoLogOff"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\1394bus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aavmker4.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aeaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\AGP440.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\AnyDVD.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswFsBlk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswmon.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswmon2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswRdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswSP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswTdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati2mtag.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\BRGSp50.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\BRGSp50a64.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\CCDECODE.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\DMusic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ElbyCDIO.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\enum1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fltMgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fssfltr_tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hdaudbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSFHWBS2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSF_CNXT.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSF_DP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imagedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imagesrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\L8042Kbd.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\L8042mou.Sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LHidKE.Sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LHidUsbK.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LMouKE.Sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mdmxsdk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPQM.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSTEE.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MxlW2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NABTSFEC.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NdisIP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ohci1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pfc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RegKill.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RTL8139.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816bus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816cm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816cmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816cr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816mdfl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816mdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816mgmt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816nd5.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816obex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816unic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816wh.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816whnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_mmc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SLIP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smsens.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smwdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sptd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdcm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdcmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdmdfl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdmdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdwh.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdwhnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\StarOpen.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\StreamIP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\USBSTOR.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\V0220Dev.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\V0220STB.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\V0220Vfx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wpdusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ws2ifsl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wudfpf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wudfrd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ZD1211BU.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ZDPSp50.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
End of the scan: 967 lines
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
O46 - SEH:ShellExecuteHooks - (no name) - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
O47 - AAKE:Key Export - "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
O47 - AAKE:Key Export - "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
O47 - AAKE:Key Export - "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\procexp90.Sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\procexp90.Sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers\"MSVideo.VF0220VFW"="V0220Vfw.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"MIDI1"="SYNCOR11.DLL"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.ac3acm"="ac3acm.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.wmv3"="wmv9vcm.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.FFDS"="ff_vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.ACDV"="ACDV.dll"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoStartBanner"=
O56 - MWPE:[HKCU\...\Policies\Explorer] - "MemCheckBoxInRunDlg"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSMBalloonTip"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoWelcomeScreen"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoStrCmpLogical"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoInstrumentation"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSMHelp"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoWinKeys"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoLogOff"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\1394bus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aavmker4.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aeaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\AGP440.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\AnyDVD.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswFsBlk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswmon.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswmon2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswRdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswSP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswTdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati2mtag.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\BRGSp50.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\BRGSp50a64.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\CCDECODE.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\DMusic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ElbyCDIO.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\enum1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fltMgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fssfltr_tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hdaudbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSFHWBS2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSF_CNXT.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSF_DP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imagedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imagesrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\L8042Kbd.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\L8042mou.Sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LHidKE.Sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LHidUsbK.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LMouKE.Sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mdmxsdk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPQM.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSTEE.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MxlW2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NABTSFEC.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NdisIP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ohci1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pfc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RegKill.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RTL8139.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816bus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816cm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816cmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816cr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816mdfl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816mdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816mgmt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816nd5.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816obex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816unic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816wh.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s816whnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_mmc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SLIP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smsens.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smwdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sptd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdcm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdcmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdmdfl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdmdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdwh.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sscdwhnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\StarOpen.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\StreamIP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\USBSTOR.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\V0220Dev.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\V0220STB.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\V0220Vfx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wpdusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ws2ifsl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wudfpf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wudfrd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ZD1211BU.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ZDPSp50.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
End of the scan: 967 lines
J'ai remarqué que tu avais avast! dans tes fichiers en plus de ton autre antivirus.
Si tu ne désinstalle pas avast! tu peux avoir des conflits sur ton ordinateur.
1 antivirus+ 1 antivirus= antivirus considéré comme virus.
Description imagée: Les allemands plus les Français au Ardennes à la 2ème guerre mondiale sont les deux antivirus. Ton ordinateur est le champ de bataille.
Ce qui veut dire en clair que les coups de canons et tout atterrissent sur le champ de bataille (qui est ton ordinateur).
Theo647
Si tu ne désinstalle pas avast! tu peux avoir des conflits sur ton ordinateur.
1 antivirus+ 1 antivirus= antivirus considéré comme virus.
Description imagée: Les allemands plus les Français au Ardennes à la 2ème guerre mondiale sont les deux antivirus. Ton ordinateur est le champ de bataille.
Ce qui veut dire en clair que les coups de canons et tout atterrissent sur le champ de bataille (qui est ton ordinateur).
Theo647
1/ Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse
* Veille a ce que dans les options le reglage soit au demarrage de windows et réglé sur "effacement securisé" 35 passes (guttman)
2/Peux-tu vérifier Console Java ? :
et installer la nouvelle version si besoin est (dans ce cas désinstalle avant l'ancienne version).
Pour info. ou en cas de problème :
Tuto
voici pour desinstaller :
JavaRa
Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
_________________________________________________
3/> Mets à jour Adobe Reader si ce n'est pas le cas (désinstalle avant la version antérieure)
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse
* Veille a ce que dans les options le reglage soit au demarrage de windows et réglé sur "effacement securisé" 35 passes (guttman)
2/Peux-tu vérifier Console Java ? :
et installer la nouvelle version si besoin est (dans ce cas désinstalle avant l'ancienne version).
Pour info. ou en cas de problème :
Tuto
voici pour desinstaller :
JavaRa
Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
_________________________________________________
3/> Mets à jour Adobe Reader si ce n'est pas le cas (désinstalle avant la version antérieure)
et après l'analyse le programme se ferme donc je ne peux pas avoir le rapport que dois je faire?