Problème de PUB's intempestives.
Fermé
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
-
31 juil. 2009 à 14:02
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 7 août 2009 à 14:45
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 7 août 2009 à 14:45
32 réponses
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
1 août 2009 à 13:15
1 août 2009 à 13:15
Bonjour,
Ouvre ce lien et télécharge ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
hxxp://telechargement.zebulon.fr/telecharger-zhpdiag.html
Enregistre le sur ton Bureau.
Une fois le téléchargement achevé, lance ZHPDiag.exe.
Clique sur la clé à molette puis sur Tous pour cocher toutes les cases des options.
Décoche la case O61.
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Ouvre le fichier sauvegardé (ZHPDiag.txt)avec le Bloc-Notes et copie son contenu dans ta réponse.
Ouvre ce lien et télécharge ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
hxxp://telechargement.zebulon.fr/telecharger-zhpdiag.html
Enregistre le sur ton Bureau.
Une fois le téléchargement achevé, lance ZHPDiag.exe.
Clique sur la clé à molette puis sur Tous pour cocher toutes les cases des options.
Décoche la case O61.
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Ouvre le fichier sauvegardé (ZHPDiag.txt)avec le Bloc-Notes et copie son contenu dans ta réponse.
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
1 août 2009 à 13:58
1 août 2009 à 13:58
Re,
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
====
Télécharge Lop S&D ici :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation
Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
=========
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\mkcbunliudbl.dll
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant
(si tu ne trouves pas le fichier, fais ceci :
->Affiche tous les fichiers et dossiers :
clique sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage
[Coche] « afficher les dossiers et fichiers cachés »
[Décoche] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »
[Décoche] « masquer les extensions dont le type est connu »
Puis fais [appliquer] pour valider les changements.
Et [Ok]
)
=======
Recommence avec :
C:\WINDOWS\System32\nzewbpdrsshx.exe
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
====
Télécharge Lop S&D ici :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation
Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
=========
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\mkcbunliudbl.dll
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant
(si tu ne trouves pas le fichier, fais ceci :
->Affiche tous les fichiers et dossiers :
clique sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage
[Coche] « afficher les dossiers et fichiers cachés »
[Décoche] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »
[Décoche] « masquer les extensions dont le type est connu »
Puis fais [appliquer] pour valider les changements.
Et [Ok]
)
=======
Recommence avec :
C:\WINDOWS\System32\nzewbpdrsshx.exe
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
1 août 2009 à 14:40
1 août 2009 à 14:40
Re,
après les scans sur Virustotal, tu feras ceci :
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
====
Ensuite, tu relances ZHPdiag.
Tu cliques sur la clé à molette et tu coches les cases O42, O43, O44, O47, O52 et O55.
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Ouvre le fichier sauvegardé (ZHPDiag.txt)avec le Bloc-Notes et copie son contenu dans ta réponse.
après les scans sur Virustotal, tu feras ceci :
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
====
Ensuite, tu relances ZHPdiag.
Tu cliques sur la clé à molette et tu coches les cases O42, O43, O44, O47, O52 et O55.
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Ouvre le fichier sauvegardé (ZHPDiag.txt)avec le Bloc-Notes et copie son contenu dans ta réponse.
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
1 août 2009 à 15:39
1 août 2009 à 15:39
Re,
C'est toi qui a installé C:\Program Files\Smart-Ads-Solutions ?
Déconnecte toi d'Internet et ferme toutes les applications ouvertes.
Copie dans le Presse-papier les lignes ci-dessous (sélectionne les avec la souris et fais simultanément Ctrl et C)
Relance ZHPDiag sur ton Bureau.
Clique sur la loupe.
Clique sur l'icône Bouclier qui est apparue à coté de la clé à molette.
Clique successivement sur l'icône H puis sur l'icône du moniteur.
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur OK, ce qui fait apparaaître un carré à gauche de chaque ligne.
Clique sur "Tous" puis sur "Nettoyer".
Laisse l'outil travailler.
Si il te demande de redémarrer l'ordi pour achever le nettoyage, fais le immmédiatement.
Le rapport d'exécution va apparaître dans la fenêtre.
Copie le dans ta réponse.
C'est toi qui a installé C:\Program Files\Smart-Ads-Solutions ?
Déconnecte toi d'Internet et ferme toutes les applications ouvertes.
Copie dans le Presse-papier les lignes ci-dessous (sélectionne les avec la souris et fais simultanément Ctrl et C)
O2 - BHO: agadoo browser enhancer - {0E3CE546-2D06-C1C1-7684-9867AD8658D2} - C:\WINDOWS\system32\mkcbunliudbl.dll
O2 - BHO: Google Plus - {C8CD2017-F1E5-4F1A-B58A-EE0B1AF0D0D8} - C:\PROGRA~1\GOOGLE~1\16GOOG~1.DLL
O4 - HKLM\..\Run: [rdshltzpakgpdsifk] C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll
O42 - Logiciel: RON Too1 Agadoo
O44 - LFC:Last File Created 22/07/2009 - 13:19:48 ---A- C:\WINDOWS\System32\mkcbunliudbl.dll
O47 - AAKE:Key Export SP - "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"
Relance ZHPDiag sur ton Bureau.
Clique sur la loupe.
Clique sur l'icône Bouclier qui est apparue à coté de la clé à molette.
Clique successivement sur l'icône H puis sur l'icône du moniteur.
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur OK, ce qui fait apparaaître un carré à gauche de chaque ligne.
Clique sur "Tous" puis sur "Nettoyer".
Laisse l'outil travailler.
Si il te demande de redémarrer l'ordi pour achever le nettoyage, fais le immmédiatement.
Le rapport d'exécution va apparaître dans la fenêtre.
Copie le dans ta réponse.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
3 août 2009 à 18:09
3 août 2009 à 18:09
Salut à vous deux ... =)
Lyonnais92 ,
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
> https://www.systemlookup.com/lists.php?list=1&type=clsid&search=5948A52A-BA3A-49A8-BCAF-D578502BDA9D&s=
Et
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
La CLSID 5C255C8A-E604-49b4-9D64-90988571CECB est légitime mais pas avec ce nom de fichier > https://www.systemlookup.com/lists.php?list=1&type=clsid&search=5C255C8A-E604-49b4-9D64-90988571CECB&s=
MsgUpdate83.dll
> http://www.prevx.com/filenames/X2274543229517449785-X1/MSGUPDATE83.DLL.html
Un VT à faire peut-être ...
Bonne chasse ...
;)
Lyonnais92 ,
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
> https://www.systemlookup.com/lists.php?list=1&type=clsid&search=5948A52A-BA3A-49A8-BCAF-D578502BDA9D&s=
Et
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
La CLSID 5C255C8A-E604-49b4-9D64-90988571CECB est légitime mais pas avec ce nom de fichier > https://www.systemlookup.com/lists.php?list=1&type=clsid&search=5C255C8A-E604-49b4-9D64-90988571CECB&s=
MsgUpdate83.dll
> http://www.prevx.com/filenames/X2274543229517449785-X1/MSGUPDATE83.DLL.html
Un VT à faire peut-être ...
Bonne chasse ...
;)
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
31 juil. 2009 à 14:50
31 juil. 2009 à 14:50
Je viens de faire findykill, il ne m'a trouvé que des fichiers corrompus.
Et j'ai aussi fait aller ccleaner, mais rien n'a changé.
Toujours autant de PUB's
Je reçois aussi des pub's fr.888.
S'il-vous-plait.
Et j'ai aussi fait aller ccleaner, mais rien n'a changé.
Toujours autant de PUB's
Je reçois aussi des pub's fr.888.
S'il-vous-plait.
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 13:09
1 août 2009 à 13:09
Personne ?
Rien à faire, les PUB continuent.
Rien à faire, les PUB continuent.
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 13:29
1 août 2009 à 13:29
Le voici. Je le poste en deux parties (il ne le prend pas en une seule partie).
Rapport de ZHPDiag v1.24.02 par Nicolas Coolman
Enregistré le 01/08/2009 13:19:18
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: agadoo browser enhancer - {0E3CE546-2D06-C1C1-7684-9867AD8658D2} - C:\WINDOWS\system32\mkcbunliudbl.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Plus - {C8CD2017-F1E5-4F1A-B58A-EE0B1AF0D0D8} - C:\PROGRA~1\GOOGLE~1\16GOOG~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark 2200 Series] C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] C:\Program Files\Softwin\BitDefender10\bdagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [rdshltzpakgpdsifk] C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll
O20 - AppInit_DLLs: sockspy.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LexBce Server (LexBceS) - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service
O23 - Service: W2K PCtel speaker phone (Pctspk) - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service
O23 - Service: BitDefender Communicator (XCOMM) - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\WINDOWS\system32\Adobe\Director\swdir.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Adobe Shockwave Director 11.0.3 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Énumérateur de ports jeu Aureal (admjoy) - C:\WINDOWS\system32\DRIVERS\admjoy.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: bdfdll (bdfdll) - C:\Program Files\Softwin\BitDefender10\bdfdll.sys
O41 - Driver: BitDefender Firewall NDIS Filter Service (Bdfndisf) - C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
O41 - Driver: BDFSDRV (BDFSDRV) - C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys
O41 - Driver: BitDefender Firewall TDI Filter (bdftdif) - C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys
O41 - Driver: bdpredir (bdpredir) - C:\Program Files\Softwin\BitDefender10\bdpredir.sys
O41 - Driver: BDRSDRV (BDRSDRV) - C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys
O41 - Driver: C-Media PCI Audio Driver (WDM) (cmpci) - C:\WINDOWS\system32\drivers\cmaudio.sys
O41 - Driver: CrystalSysInfo (CrystalSysInfo) - C:\Program Files\MediaCoder\SysInfo.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: Pilote de Gestionnaire de disque logique (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Carte réseau virtuelle FreeBox USB (fbxusb) - C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Énumérateur de port jeu (gameenum) - C:\WINDOWS\system32\DRIVERS\gameenum.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (HidUsb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Périphérique de filtrage de flux Unimodem (MODEMCSA) - C:\WINDOWS\system32\drivers\MODEMCSA.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Pilote UART MIDI MPU-401 Microsoft (ms_mpu401) - C:\WINDOWS\system32\drivers\msmpu401.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Pilote processeur Intel Pentium III (P3) - C:\WINDOWS\system32\DRIVERS\p3.sys
O41 - Driver: (no object) (pavboot) - C:\WINDOWS\system32\drivers\pavboot.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de redirecteur de périphérique Terminal Server (rdpdr) - C:\WINDOWS\system32\DRIVERS\rdpdr.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Apple Mobile USB Driver (USBAAPL) - C:\WINDOWS\System32\Drivers\usbaapl.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
O41 - Driver: Filtre de bus AGP VIA (viaagp) - C:\WINDOWS\system32\DRIVERS\viaagp.sys
O41 - Driver: W2K Vmodem (Vmodem) - C:\WINDOWS\system32\DRIVERS\vmodem.sys
O41 - Driver: W2K Vpctcom (Vpctcom) - C:\WINDOWS\system32\DRIVERS\vpctcom.sys
O41 - Driver: W2K Vvoice (Vvoice) - C:\WINDOWS\system32\DRIVERS\vvoice.sys
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Shockwave Player 11
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BitDefender Internet Security v10
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Change Extension
O42 - Logiciel: Choice Guard
O42 - Logiciel: EasyCleaner
O42 - Logiciel: FindyKill
O42 - Logiciel: Guitar Pro 4.0
O42 - Logiciel: HSP56 MicroModem Drivers
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Lexmark 2200 Series
O42 - Logiciel: MSVCRT
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Nero - Burning Rom
O42 - Logiciel: Ogg Vorbis CLI
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PCI Audio Driver
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: PhotoFiltre
O42 - Logiciel: Popims Animator
O42 - Logiciel: PowerDVD
O42 - Logiciel: Prism Video Converter
O42 - Logiciel: QuickTime
O42 - Logiciel: RON Too1 Agadoo
O42 - Logiciel: RealPlayer
O42 - Logiciel: Segoe UI
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: WinISO 5.3
O42 - Logiciel: WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: dBpowerAMP
O42 - Logiciel: dBpowerAMP Musepack Codec
O42 - Logiciel: dBpowerAMP Music Converter
O42 - Logiciel: dBpowerAMP Ogg Vorbis Codec
O42 - Logiciel: dBpowerAMP WMA V7 Codec
O42 - Logiciel: dBpowerAMP WMA V8 Codec
O42 - Logiciel: dBpowerAMP WMA V9 Codec
O42 - Logiciel: dMC Power Pack
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AskBarDis
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\BitTorrent Fastest Tool
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Change Extension
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Easy iPod MP4 PSP 3GP
O43 - CFD:Common File Directory ----D- C:\Program Files\EasySearch
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\GooglePlusVideos
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4
O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark 2200 Series
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre Studio X
O43 - CFD:Common File Directory ----D- C:\Program Files\Popims
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickMediaConverter
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Red Kawa
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart-Ads-Solutions
O43 - CFD:Common File Directory ----D- C:\Program Files\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinISO
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/08/2009 - 11:57:09 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:18 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:22 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 01/08/2009 - 12:05:32 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 01/08/2009 - 12:14:36 ---A- C:\WINDOWS\System32\bdss.log
O44 - LFC:Last File Created 05/07/2009 - 10:55:46 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 07/07/2009 - 16:10:56 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 15/07/2009 - 20:37:03 ---A- C:\WINDOWS\lexstat.ini
O44 - LFC:Last File Created 19/07/2009 - 14:29:19 ---A- C:\WINDOWS\System32\ieframe.dll
O44 - LFC:Last File Created 19/07/2009 - 14:29:21 ---A- C:\WINDOWS\System32\mshtml.dll
O44 - LFC:Last File Created 22/07/2009 - 13:19:48 ---A- C:\WINDOWS\System32\mkcbunliudbl.dll
O44 - LFC:Last File Created 23/07/2009 - 11:31:45 ---A- C:\WINDOWS\CDPlayer.ini
O44 - LFC:Last File Created 24/07/2009 - 19:10:40 ---A- C:\WINDOWS\System32\nzewbpdrsshx.exe
O44 - LFC:Last File Created 28/07/2009 - 18:15:46 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:54:21 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:11 ---A- C:\WINDOWS\msmqinst.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:19 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\MedCtrOC.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\netfxocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\KB972260-IE7.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tabletoc.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 29/07/2009 - 14:46:30 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 29/07/2009 - 18:44:22 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 29/07/2009 - 19:16:03 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 29/07/2009 - 19:26:52 ---A- C:\WINDOWS\System32\d3d9caps.dat
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 11:59:00 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 11:59:28 ---A- C:\WINDOWS\Prefetch\IPODSERVICE.EXE-3192DE38.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 11:59:34 ---A- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:00:53 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:02:07 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:02:39 ---A- C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:14:17 ---A- C:\WINDOWS\Prefetch\UPGREPL.EXE-3220E7B2.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:14:19 ---A- C:\WINDOWS\Prefetch\BDSS.EXE-00372D30.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:17:36 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
O45 - LFCP:Last File Created Prefetch 04/07/2009 - 11:55:07 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf
O45 - LFCP:Last File Created Prefetch 13/07/2009 - 10:08:14 ---A- C:\WINDOWS\Prefetch\POWERMGR.EXE-390087D9.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 19:50:29 ---A- C:\WINDOWS\Prefetch\ACRORD32.EXE-0781811F.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 20:06:50 ---A- C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 20:23:04 ---A- C:\WINDOWS\Prefetch\LXBVPSWX.EXE-1706E3C6.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 20:23:05 ---A- C:\WINDOWS\Prefetch\LXBVJSWX.EXE-1BBE26A6.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:43:53 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-389C02EF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:48:12 ---A- C:\WINDOWS\Prefetch\WINDOWS-KB890830-V2.12-DELTA.-2B5E42FE.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:48:16 ---A- C:\WINDOWS\Prefetch\MRTSTUB.EXE-2AE608BF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:49:05 ---A- C:\WINDOWS\Prefetch\MRT.EXE-1B4A8D49.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 12:20:33 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-322ED2DF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 12:26:18 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-250E40AF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 18:28:00 ---A- C:\WINDOWS\Prefetch\GANG.EXE-316EC0AE.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 19:01:30 ---A- C:\WINDOWS\Prefetch\SMARTASF27.EXE-1C52ABBA.pf
O45 - LFCP:Last File Created Prefetch 17/07/2009 - 16:11:01 ---A- C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
O45 - LFCP:Last File Created Prefetch 18/07/2009 - 13:39:48 ---A- C:\WINDOWS\Prefetch\SETHC.EXE-0D6CE1BC.pf
O45 - LFCP:Last File Created Prefetch 18/07/2009 - 13:40:10 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-39FC0E28.pf
O45 - LFCP:Last File Created Prefetch 18/07/2009 - 15:38:03 ---A- C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-22969AE5.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:09 ---A- C:\WINDOWS\Prefetch\TROPIC~1.EXE-0B1D48A5.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:11 ---A- C:\WINDOWS\Prefetch\UNWISE.EXE-2FDEC116.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:12 ---A- C:\WINDOWS\Prefetch\GLB1A2B.EXE-007A8CAF.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:29 ---A- C:\WINDOWS\Prefetch\FWQCKWNVPMBOFMRL.EXE-35CF14DB.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:54:02 ---A- C:\WINDOWS\Prefetch\UNINS000.EXE-399ECB54.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:54:33 ---A- C:\WINDOWS\Prefetch\UNINSTALL.EXE-18C4FBD0.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:25 ---A- C:\WINDOWS\Prefetch\UNINSTALL.EXE-020B1C5B.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:35 ---A- C:\WINDOWS\Prefetch\PICASAPHOTOVIEWER.EXE-1247CDA5.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:37 ---A- C:\WINDOWS\Prefetch\PXHPINST.EXE-19CAC65A.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:37 ---A- C:\WINDOWS\Prefetch\PXSETUP.EXE-263B508C.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:44 ---A- C:\WINDOWS\Prefetch\GPHOTOS.SCR-1CD5C24E.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:55 ---A- C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-3AB369BE.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:56 ---A- C:\WINDOWS\Prefetch\GUS1C.TMP-2D845007.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 11:38:42 ---A- C:\WINDOWS\Prefetch\EXPAND.EXE-2490DB85.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 11:38:50 ---A- C:\WINDOWS\Prefetch\CHROME_UPDATER.EXE-06743F6E.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 11:38:53 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-2B939CBA.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 12:13:41 ---A- C:\WINDOWS\Prefetch\DLLHOST.EXE-205D880D.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 12:13:43 ---A- C:\WINDOWS\Prefetch\SOFTWAREUPDATE.EXE-1415D1B8.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 17:12:51 ---A- C:\WINDOWS\Prefetch\UNINSTAL.EXE-025641BD.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 19:21:28 ---A- C:\WINDOWS\Prefetch\POPIMSANIMATOR.EXE-39F3ED6C.pf
O45 - LFCP:Last File Created Prefetch 22/07/2009 - 15:55:02 ---A- C:\WINDOWS\Prefetch\LXBVAIOX.EXE-2FAD52F3.pf
O45 - LFCP:Last File Created Prefetch 22/07/2009 - 18:39:53 ---A- C:\WINDOWS\Prefetch\CHARMAP.EXE-294D64C0.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:19:27 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-496AE69A.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:22:11 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-46525C8E.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:31:10 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-1BCF8320.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:31:31 ---A- C:\WINDOWS\Prefetch\CHROME.EXE-361C44F2.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:31:56 ---A- C:\WINDOWS\Prefetch\MUSICCONVERTER.EXE-0510E7B7.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:37:10 ---A- C:\WINDOWS\Prefetch\UNINS000.EXE-347318F5.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:37:27 ---A- C:\WINDOWS\Prefetch\_IU14D2N.TMP-03F32760.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:37:35 ---A- C:\WINDOWS\Prefetch\_REGDLL.TMP-06632796.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:38:33 ---A- C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-12C23155.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:38:35 ---A- C:\WINDOWS\Prefetch\UNINSTALL.EXE-3A07AF8D.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:38:51 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A9A5A38.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:41:12 ---A- C:\WINDOWS\Prefetch\UNINST.EXE-15884C75.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:41:33 ---A- C:\WINDOWS\Prefetch\AU_.EXE-09733B99.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:42:29 ---A- C:\WINDOWS\Prefetch\WDUNINST.EXE-03CFDBFC.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:48:08 ---A- C:\WINDOWS\Prefetch\DEL1D.TMP-16B484C6.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:53:58 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:57:08 ---A- C:\WINDOWS\Prefetch\SYSOCMGR.EXE-31169C54.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 13:05:00 ---A- C:\WINDOWS\Prefetch\EASYCLEA.EXE-1E6767AE.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 14:18:07 ---A- C:\WINDOWS\Prefetch\CDGRAB.EXE-0FC6FABD.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 14:18:23 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 20:22:54 ---A- C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD6.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 17:49:41 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D35EED0.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 18:27:43 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 18:45:00 ---A- C:\WINDOWS\Prefetch\BDLITE.EXE-29F93AC8.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 19:10:21 ---A- C:\WINDOWS\Prefetch\GANH.EXE-085CCD92.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 19:52:43 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:22:31 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 14:54:24 ---A- C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:08:52 ---A- C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:09:20 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-32678C31.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:09:22 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-189D9F95.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:24:28 ---A- C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:25:05 ---A- C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:37:03 ---A- C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:41:04 ---A- C:\WINDOWS\Prefetch\CCSETUP221.EXE-26A665EA.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:54:52 ---A- C:\WINDOWS\Prefetch\BDC.EXE-29993C74.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 17:17:48 ---A- C:\WINDOWS\Prefetch\HH.EXE-2D1A70B3.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 19:03:43 ---A- C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA2.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 11:56:34 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 11:58:43 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 15:02:04 ---A- C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 15:02:16 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 15:02:19 ---A- C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 17:31:59 ---A- C:\WINDOWS\Prefetch\GETPOPUPINFO.EXE-22F2D0C9.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 20:06:36 ---A- C:\WINDOWS\Prefetch\PHOTOFILTRE.EXE-00101112.pf
O45 - LFCP:Last File Created Prefetch 28/07/2009 - 18:15:44 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FD0CA2D.pf
O45 - LFCP:Last File Created Prefetch 28/07/2009 - 18:15:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2C16DC1B.pf
O45 - LFCP:Last File Created Prefetch 28/07/2009 - 18:25:30 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-002E13AB.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 11:48:04 ---A- C:\WINDOWS\Prefetch\ATL80SP1-KB973923-X86.EXE-20B2FD1A.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 11:48:33 ---A- C:\WINDOWS\Prefetch\INSTALL.EXE-0886A577.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 11:48:58 ---A- C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 14:46:23 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 14:52:30 ---A- C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 15:00:31 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 15:01:06 ---A- C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:23:46 ---A- C:\WINDOWS\Prefetch\PCTPTT.EXE-045FC41D.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:05 ---A- C:\WINDOWS\Prefetch\REALSCHED.EXE-04BEC5CC.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:13 ---A- C:\WINDOWS\Prefetch\PRINTRAY.EXE-340BCE9D.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:22 ---A- C:\WINDOWS\Prefetch\LXBVBMGR.EXE-101286FA.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:22 ---A- C:\WINDOWS\Prefetch\LXSUPMON.EXE-043C97EB.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:32 ---A- C:\WINDOWS\Prefetch\MIXER.EXE-3A40481D.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:02 ---A- C:\WINDOWS\Prefetch\APPLESYNCNOTIFIER.EXE-38620255.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:09 ---A- C:\WINDOWS\Prefetch\LXBVBMON.EXE-258F2154.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:16 ---A- C:\WINDOWS\Prefetch\BDMCON.EXE-2C34D191.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:30 ---A- C:\WINDOWS\Prefetch\JUSCHED.EXE-25206883.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:35 ---A- C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:37 ---A- C:\WINDOWS\Prefetch\BDAGENT.EXE-12F3E49A.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:51 ---A- C:\WINDOWS\Prefetch\ITUNESHELPER.EXE-15823303.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:26:03 ---A- C:\WINDOWS\Prefetch\REALPLAY.EXE-1BF219BD.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:26:29 ---A- C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:27:10 ---A- C:\WINDOWS\Prefetch\OSA.EXE-2CD63980.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 19:01:07 ---A- C:\WINDOWS\Prefetch\VSSERV.EXE-33CBAEBF.pf
O45 - LFCP:Last File Created Prefetch 30/07/2009 - 19:30:14 ---A- C:\WINDOWS\Prefetch\WLLOGINPROXY.EXE-2D4B6027.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 14:52:59 ---A- C:\WINDOWS\Prefetch\IEDW.EXE-1880380E.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 16:45:15 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 16:45:36 ---A- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:15:56 ---A- C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:17:53 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:18:06 ---A- C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:36:51 ---A- C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf
Rapport de ZHPDiag v1.24.02 par Nicolas Coolman
Enregistré le 01/08/2009 13:19:18
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: agadoo browser enhancer - {0E3CE546-2D06-C1C1-7684-9867AD8658D2} - C:\WINDOWS\system32\mkcbunliudbl.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Plus - {C8CD2017-F1E5-4F1A-B58A-EE0B1AF0D0D8} - C:\PROGRA~1\GOOGLE~1\16GOOG~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark 2200 Series] C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] C:\Program Files\Softwin\BitDefender10\bdagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [rdshltzpakgpdsifk] C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll
O20 - AppInit_DLLs: sockspy.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LexBce Server (LexBceS) - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service
O23 - Service: W2K PCtel speaker phone (Pctspk) - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service
O23 - Service: BitDefender Communicator (XCOMM) - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\WINDOWS\system32\Adobe\Director\swdir.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Adobe Shockwave Director 11.0.3 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Énumérateur de ports jeu Aureal (admjoy) - C:\WINDOWS\system32\DRIVERS\admjoy.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: bdfdll (bdfdll) - C:\Program Files\Softwin\BitDefender10\bdfdll.sys
O41 - Driver: BitDefender Firewall NDIS Filter Service (Bdfndisf) - C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
O41 - Driver: BDFSDRV (BDFSDRV) - C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys
O41 - Driver: BitDefender Firewall TDI Filter (bdftdif) - C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys
O41 - Driver: bdpredir (bdpredir) - C:\Program Files\Softwin\BitDefender10\bdpredir.sys
O41 - Driver: BDRSDRV (BDRSDRV) - C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys
O41 - Driver: C-Media PCI Audio Driver (WDM) (cmpci) - C:\WINDOWS\system32\drivers\cmaudio.sys
O41 - Driver: CrystalSysInfo (CrystalSysInfo) - C:\Program Files\MediaCoder\SysInfo.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: Pilote de Gestionnaire de disque logique (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Carte réseau virtuelle FreeBox USB (fbxusb) - C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Énumérateur de port jeu (gameenum) - C:\WINDOWS\system32\DRIVERS\gameenum.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (HidUsb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Périphérique de filtrage de flux Unimodem (MODEMCSA) - C:\WINDOWS\system32\drivers\MODEMCSA.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Pilote UART MIDI MPU-401 Microsoft (ms_mpu401) - C:\WINDOWS\system32\drivers\msmpu401.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Pilote processeur Intel Pentium III (P3) - C:\WINDOWS\system32\DRIVERS\p3.sys
O41 - Driver: (no object) (pavboot) - C:\WINDOWS\system32\drivers\pavboot.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de redirecteur de périphérique Terminal Server (rdpdr) - C:\WINDOWS\system32\DRIVERS\rdpdr.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Apple Mobile USB Driver (USBAAPL) - C:\WINDOWS\System32\Drivers\usbaapl.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
O41 - Driver: Filtre de bus AGP VIA (viaagp) - C:\WINDOWS\system32\DRIVERS\viaagp.sys
O41 - Driver: W2K Vmodem (Vmodem) - C:\WINDOWS\system32\DRIVERS\vmodem.sys
O41 - Driver: W2K Vpctcom (Vpctcom) - C:\WINDOWS\system32\DRIVERS\vpctcom.sys
O41 - Driver: W2K Vvoice (Vvoice) - C:\WINDOWS\system32\DRIVERS\vvoice.sys
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Shockwave Player 11
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BitDefender Internet Security v10
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Change Extension
O42 - Logiciel: Choice Guard
O42 - Logiciel: EasyCleaner
O42 - Logiciel: FindyKill
O42 - Logiciel: Guitar Pro 4.0
O42 - Logiciel: HSP56 MicroModem Drivers
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Lexmark 2200 Series
O42 - Logiciel: MSVCRT
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Nero - Burning Rom
O42 - Logiciel: Ogg Vorbis CLI
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PCI Audio Driver
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: PhotoFiltre
O42 - Logiciel: Popims Animator
O42 - Logiciel: PowerDVD
O42 - Logiciel: Prism Video Converter
O42 - Logiciel: QuickTime
O42 - Logiciel: RON Too1 Agadoo
O42 - Logiciel: RealPlayer
O42 - Logiciel: Segoe UI
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: WinISO 5.3
O42 - Logiciel: WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: dBpowerAMP
O42 - Logiciel: dBpowerAMP Musepack Codec
O42 - Logiciel: dBpowerAMP Music Converter
O42 - Logiciel: dBpowerAMP Ogg Vorbis Codec
O42 - Logiciel: dBpowerAMP WMA V7 Codec
O42 - Logiciel: dBpowerAMP WMA V8 Codec
O42 - Logiciel: dBpowerAMP WMA V9 Codec
O42 - Logiciel: dMC Power Pack
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AskBarDis
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\BitTorrent Fastest Tool
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Change Extension
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Easy iPod MP4 PSP 3GP
O43 - CFD:Common File Directory ----D- C:\Program Files\EasySearch
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\GooglePlusVideos
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4
O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark 2200 Series
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre Studio X
O43 - CFD:Common File Directory ----D- C:\Program Files\Popims
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickMediaConverter
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Red Kawa
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart-Ads-Solutions
O43 - CFD:Common File Directory ----D- C:\Program Files\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinISO
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/08/2009 - 11:57:09 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:18 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:22 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 01/08/2009 - 12:05:32 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 01/08/2009 - 12:14:36 ---A- C:\WINDOWS\System32\bdss.log
O44 - LFC:Last File Created 05/07/2009 - 10:55:46 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 07/07/2009 - 16:10:56 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 15/07/2009 - 20:37:03 ---A- C:\WINDOWS\lexstat.ini
O44 - LFC:Last File Created 19/07/2009 - 14:29:19 ---A- C:\WINDOWS\System32\ieframe.dll
O44 - LFC:Last File Created 19/07/2009 - 14:29:21 ---A- C:\WINDOWS\System32\mshtml.dll
O44 - LFC:Last File Created 22/07/2009 - 13:19:48 ---A- C:\WINDOWS\System32\mkcbunliudbl.dll
O44 - LFC:Last File Created 23/07/2009 - 11:31:45 ---A- C:\WINDOWS\CDPlayer.ini
O44 - LFC:Last File Created 24/07/2009 - 19:10:40 ---A- C:\WINDOWS\System32\nzewbpdrsshx.exe
O44 - LFC:Last File Created 28/07/2009 - 18:15:46 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:54:21 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:11 ---A- C:\WINDOWS\msmqinst.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:19 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\MedCtrOC.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\netfxocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\KB972260-IE7.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tabletoc.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 29/07/2009 - 14:46:30 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 29/07/2009 - 18:44:22 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 29/07/2009 - 19:16:03 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 29/07/2009 - 19:26:52 ---A- C:\WINDOWS\System32\d3d9caps.dat
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 11:59:00 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 11:59:28 ---A- C:\WINDOWS\Prefetch\IPODSERVICE.EXE-3192DE38.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 11:59:34 ---A- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:00:53 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:02:07 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:02:39 ---A- C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:14:17 ---A- C:\WINDOWS\Prefetch\UPGREPL.EXE-3220E7B2.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:14:19 ---A- C:\WINDOWS\Prefetch\BDSS.EXE-00372D30.pf
O45 - LFCP:Last File Created Prefetch 01/08/2009 - 12:17:36 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
O45 - LFCP:Last File Created Prefetch 04/07/2009 - 11:55:07 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf
O45 - LFCP:Last File Created Prefetch 13/07/2009 - 10:08:14 ---A- C:\WINDOWS\Prefetch\POWERMGR.EXE-390087D9.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 19:50:29 ---A- C:\WINDOWS\Prefetch\ACRORD32.EXE-0781811F.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 20:06:50 ---A- C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 20:23:04 ---A- C:\WINDOWS\Prefetch\LXBVPSWX.EXE-1706E3C6.pf
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 20:23:05 ---A- C:\WINDOWS\Prefetch\LXBVJSWX.EXE-1BBE26A6.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:43:53 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-389C02EF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:48:12 ---A- C:\WINDOWS\Prefetch\WINDOWS-KB890830-V2.12-DELTA.-2B5E42FE.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:48:16 ---A- C:\WINDOWS\Prefetch\MRTSTUB.EXE-2AE608BF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 08:49:05 ---A- C:\WINDOWS\Prefetch\MRT.EXE-1B4A8D49.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 12:20:33 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-322ED2DF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 12:26:18 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-250E40AF.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 18:28:00 ---A- C:\WINDOWS\Prefetch\GANG.EXE-316EC0AE.pf
O45 - LFCP:Last File Created Prefetch 16/07/2009 - 19:01:30 ---A- C:\WINDOWS\Prefetch\SMARTASF27.EXE-1C52ABBA.pf
O45 - LFCP:Last File Created Prefetch 17/07/2009 - 16:11:01 ---A- C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
O45 - LFCP:Last File Created Prefetch 18/07/2009 - 13:39:48 ---A- C:\WINDOWS\Prefetch\SETHC.EXE-0D6CE1BC.pf
O45 - LFCP:Last File Created Prefetch 18/07/2009 - 13:40:10 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-39FC0E28.pf
O45 - LFCP:Last File Created Prefetch 18/07/2009 - 15:38:03 ---A- C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-22969AE5.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:09 ---A- C:\WINDOWS\Prefetch\TROPIC~1.EXE-0B1D48A5.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:11 ---A- C:\WINDOWS\Prefetch\UNWISE.EXE-2FDEC116.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:12 ---A- C:\WINDOWS\Prefetch\GLB1A2B.EXE-007A8CAF.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:53:29 ---A- C:\WINDOWS\Prefetch\FWQCKWNVPMBOFMRL.EXE-35CF14DB.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:54:02 ---A- C:\WINDOWS\Prefetch\UNINS000.EXE-399ECB54.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:54:33 ---A- C:\WINDOWS\Prefetch\UNINSTALL.EXE-18C4FBD0.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:25 ---A- C:\WINDOWS\Prefetch\UNINSTALL.EXE-020B1C5B.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:35 ---A- C:\WINDOWS\Prefetch\PICASAPHOTOVIEWER.EXE-1247CDA5.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:37 ---A- C:\WINDOWS\Prefetch\PXHPINST.EXE-19CAC65A.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:37 ---A- C:\WINDOWS\Prefetch\PXSETUP.EXE-263B508C.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:44 ---A- C:\WINDOWS\Prefetch\GPHOTOS.SCR-1CD5C24E.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:55 ---A- C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-3AB369BE.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 10:55:56 ---A- C:\WINDOWS\Prefetch\GUS1C.TMP-2D845007.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 11:38:42 ---A- C:\WINDOWS\Prefetch\EXPAND.EXE-2490DB85.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 11:38:50 ---A- C:\WINDOWS\Prefetch\CHROME_UPDATER.EXE-06743F6E.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 11:38:53 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-2B939CBA.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 12:13:41 ---A- C:\WINDOWS\Prefetch\DLLHOST.EXE-205D880D.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 12:13:43 ---A- C:\WINDOWS\Prefetch\SOFTWAREUPDATE.EXE-1415D1B8.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 17:12:51 ---A- C:\WINDOWS\Prefetch\UNINSTAL.EXE-025641BD.pf
O45 - LFCP:Last File Created Prefetch 21/07/2009 - 19:21:28 ---A- C:\WINDOWS\Prefetch\POPIMSANIMATOR.EXE-39F3ED6C.pf
O45 - LFCP:Last File Created Prefetch 22/07/2009 - 15:55:02 ---A- C:\WINDOWS\Prefetch\LXBVAIOX.EXE-2FAD52F3.pf
O45 - LFCP:Last File Created Prefetch 22/07/2009 - 18:39:53 ---A- C:\WINDOWS\Prefetch\CHARMAP.EXE-294D64C0.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:19:27 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-496AE69A.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:22:11 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-46525C8E.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:31:10 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-1BCF8320.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:31:31 ---A- C:\WINDOWS\Prefetch\CHROME.EXE-361C44F2.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:31:56 ---A- C:\WINDOWS\Prefetch\MUSICCONVERTER.EXE-0510E7B7.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:37:10 ---A- C:\WINDOWS\Prefetch\UNINS000.EXE-347318F5.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:37:27 ---A- C:\WINDOWS\Prefetch\_IU14D2N.TMP-03F32760.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:37:35 ---A- C:\WINDOWS\Prefetch\_REGDLL.TMP-06632796.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:38:33 ---A- C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-12C23155.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:38:35 ---A- C:\WINDOWS\Prefetch\UNINSTALL.EXE-3A07AF8D.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:38:51 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A9A5A38.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:41:12 ---A- C:\WINDOWS\Prefetch\UNINST.EXE-15884C75.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:41:33 ---A- C:\WINDOWS\Prefetch\AU_.EXE-09733B99.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:42:29 ---A- C:\WINDOWS\Prefetch\WDUNINST.EXE-03CFDBFC.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:48:08 ---A- C:\WINDOWS\Prefetch\DEL1D.TMP-16B484C6.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:53:58 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 11:57:08 ---A- C:\WINDOWS\Prefetch\SYSOCMGR.EXE-31169C54.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 13:05:00 ---A- C:\WINDOWS\Prefetch\EASYCLEA.EXE-1E6767AE.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 14:18:07 ---A- C:\WINDOWS\Prefetch\CDGRAB.EXE-0FC6FABD.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 14:18:23 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:Last File Created Prefetch 23/07/2009 - 20:22:54 ---A- C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD6.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 17:49:41 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D35EED0.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 18:27:43 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 18:45:00 ---A- C:\WINDOWS\Prefetch\BDLITE.EXE-29F93AC8.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 19:10:21 ---A- C:\WINDOWS\Prefetch\GANH.EXE-085CCD92.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 19:52:43 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:22:31 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 14:54:24 ---A- C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:08:52 ---A- C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:09:20 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-32678C31.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:09:22 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-189D9F95.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:24:28 ---A- C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:25:05 ---A- C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:37:03 ---A- C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:41:04 ---A- C:\WINDOWS\Prefetch\CCSETUP221.EXE-26A665EA.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 15:54:52 ---A- C:\WINDOWS\Prefetch\BDC.EXE-29993C74.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 17:17:48 ---A- C:\WINDOWS\Prefetch\HH.EXE-2D1A70B3.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 19:03:43 ---A- C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA2.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 11:56:34 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 11:58:43 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 15:02:04 ---A- C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 15:02:16 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 15:02:19 ---A- C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 17:31:59 ---A- C:\WINDOWS\Prefetch\GETPOPUPINFO.EXE-22F2D0C9.pf
O45 - LFCP:Last File Created Prefetch 26/07/2009 - 20:06:36 ---A- C:\WINDOWS\Prefetch\PHOTOFILTRE.EXE-00101112.pf
O45 - LFCP:Last File Created Prefetch 28/07/2009 - 18:15:44 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FD0CA2D.pf
O45 - LFCP:Last File Created Prefetch 28/07/2009 - 18:15:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-2C16DC1B.pf
O45 - LFCP:Last File Created Prefetch 28/07/2009 - 18:25:30 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-002E13AB.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 11:48:04 ---A- C:\WINDOWS\Prefetch\ATL80SP1-KB973923-X86.EXE-20B2FD1A.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 11:48:33 ---A- C:\WINDOWS\Prefetch\INSTALL.EXE-0886A577.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 11:48:58 ---A- C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 14:46:23 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 14:52:30 ---A- C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 15:00:31 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 15:01:06 ---A- C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:23:46 ---A- C:\WINDOWS\Prefetch\PCTPTT.EXE-045FC41D.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:05 ---A- C:\WINDOWS\Prefetch\REALSCHED.EXE-04BEC5CC.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:13 ---A- C:\WINDOWS\Prefetch\PRINTRAY.EXE-340BCE9D.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:22 ---A- C:\WINDOWS\Prefetch\LXBVBMGR.EXE-101286FA.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:22 ---A- C:\WINDOWS\Prefetch\LXSUPMON.EXE-043C97EB.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:24:32 ---A- C:\WINDOWS\Prefetch\MIXER.EXE-3A40481D.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:02 ---A- C:\WINDOWS\Prefetch\APPLESYNCNOTIFIER.EXE-38620255.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:09 ---A- C:\WINDOWS\Prefetch\LXBVBMON.EXE-258F2154.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:16 ---A- C:\WINDOWS\Prefetch\BDMCON.EXE-2C34D191.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:30 ---A- C:\WINDOWS\Prefetch\JUSCHED.EXE-25206883.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:35 ---A- C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:37 ---A- C:\WINDOWS\Prefetch\BDAGENT.EXE-12F3E49A.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:25:51 ---A- C:\WINDOWS\Prefetch\ITUNESHELPER.EXE-15823303.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:26:03 ---A- C:\WINDOWS\Prefetch\REALPLAY.EXE-1BF219BD.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:26:29 ---A- C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 18:27:10 ---A- C:\WINDOWS\Prefetch\OSA.EXE-2CD63980.pf
O45 - LFCP:Last File Created Prefetch 29/07/2009 - 19:01:07 ---A- C:\WINDOWS\Prefetch\VSSERV.EXE-33CBAEBF.pf
O45 - LFCP:Last File Created Prefetch 30/07/2009 - 19:30:14 ---A- C:\WINDOWS\Prefetch\WLLOGINPROXY.EXE-2D4B6027.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 14:52:59 ---A- C:\WINDOWS\Prefetch\IEDW.EXE-1880380E.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 16:45:15 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 16:45:36 ---A- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:15:56 ---A- C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:17:53 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:18:06 ---A- C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf
O45 - LFCP:Last File Created Prefetch 31/07/2009 - 17:36:51 ---A- C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 13:31
1 août 2009 à 13:31
Et voici la deuxième.
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="serwvdrv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.xvid"="xvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP42"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP43"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MPG4"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.ffds"="ff_vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"serwvdrv.dll"="Pilote de porteuse modem"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="CMI8738/C3DX PCI Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvid.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 5.0 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="midimap.dll"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="imaadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="msadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="msg711.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="msgsm32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="tssoft32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="iccvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"i420vfw.dll"="i420vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="ir32_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="msrle32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="msvidc32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="msacm32"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="mciavi32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="mcicda.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="mciseq.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="mciwave.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow Video Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\admjoy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bdfndisf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cmaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmusic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fbxusb32.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fltmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\gameenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MODEMCSA.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mskssrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msmpu401.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspclock.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspqm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nv4_mini.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwrdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pavboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptserial.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbaapl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\USBSTOR.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\viaagp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\viaide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vmodem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vpctcom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vvoice.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ws2ifsl.sys
End of the scan: 950 lines
Merci de votre réponse.
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="serwvdrv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.xvid"="xvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP42"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP43"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MPG4"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.ffds"="ff_vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"serwvdrv.dll"="Pilote de porteuse modem"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="CMI8738/C3DX PCI Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvid.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 5.0 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="midimap.dll"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="imaadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="msadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="msg711.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="msgsm32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="tssoft32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="iccvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"i420vfw.dll"="i420vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="ir32_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="msrle32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="msvidc32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="msacm32"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="mciavi32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="mcicda.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="mciseq.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="mciwave.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow Video Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\admjoy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bdfndisf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cmaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmusic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fbxusb32.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fltmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\gameenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MODEMCSA.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mskssrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msmpu401.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspclock.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspqm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nv4_mini.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwrdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pavboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptserial.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbaapl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\USBSTOR.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\viaagp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\viaide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vmodem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vpctcom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vvoice.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ws2ifsl.sys
End of the scan: 950 lines
Merci de votre réponse.
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 14:20
1 août 2009 à 14:20
Premier Scan :
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v4.51PG
USER : sev ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:2 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 01/08/2009|14:10 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(sev) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens
1 - "C:\ToolBar SD\TB_1.txt" - 01/08/2009|14:17 - Option : [2]
-----------\\ Fin du rapport a 14:17:35,35
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v4.51PG
USER : sev ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:2 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 01/08/2009|14:10 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(sev) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens
1 - "C:\ToolBar SD\TB_1.txt" - 01/08/2009|14:17 - Option : [2]
-----------\\ Fin du rapport a 14:17:35,35
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 14:34
1 août 2009 à 14:34
Voici le deuxième scan :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v4.51PG
USER : sev ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:2 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 01/08/2009|14:21 )
--------------------\\ Listing des dossiers dans APPLIC~1
[08/03/2009|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[16/06/2009|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/07/2009|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/03/2009|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/03/2009|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[13/04/2009|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[28/02/2009|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/06/2009|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ford does hold option
[03/03/2009|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/03/2009|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/04/2009|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[09/04/2009|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/03/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/02/2009|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/03/2009|22:32] C:\DOCUME~1\sev\APPLIC~1\Adobe
[18/03/2009|16:12] C:\DOCUME~1\sev\APPLIC~1\Apple Computer
[13/04/2009|14:19] C:\DOCUME~1\sev\APPLIC~1\Bitdefender
[16/07/2009|20:28] C:\DOCUME~1\sev\APPLIC~1\dvdcss
[21/05/2009|17:18] C:\DOCUME~1\sev\APPLIC~1\gtk-2.0
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Help
[28/02/2009|20:03] C:\DOCUME~1\sev\APPLIC~1\InterTrust
[28/02/2009|20:33] C:\DOCUME~1\sev\APPLIC~1\Macromedia
[01/06/2009|14:42] C:\DOCUME~1\sev\APPLIC~1\Messenger
[17/06/2009|18:07] C:\DOCUME~1\sev\APPLIC~1\Microsoft
[05/03/2009|21:29] C:\DOCUME~1\sev\APPLIC~1\Mozilla
[24/04/2009|12:18] C:\DOCUME~1\sev\APPLIC~1\NCH Swift Sound
[04/07/2009|10:21] C:\DOCUME~1\sev\APPLIC~1\PhotoFiltre Studio X
[01/03/2009|16:42] C:\DOCUME~1\sev\APPLIC~1\Real
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Smart PC Solutions
[30/04/2009|21:38] C:\DOCUME~1\sev\APPLIC~1\Sun
[08/03/2009|12:41] C:\DOCUME~1\sev\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/07/2009 13:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/08/2009 12:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/02/2009|20:03] C:\Program Files\Adobe
[28/02/2009|19:54] C:\Program Files\Ahead
[08/03/2009|11:23] C:\Program Files\Apple Software Update
[03/06/2009|13:42] C:\Program Files\AviSynth 2.5
[03/06/2009|13:45] C:\Program Files\AxBx
[12/04/2009|18:37] C:\Program Files\BitDefender
[01/06/2009|14:48] C:\Program Files\BitTorrent Fastest Tool
[10/03/2009|14:38] C:\Program Files\Bonjour
[25/07/2009|16:42] C:\Program Files\CCleaner
[28/02/2009|20:02] C:\Program Files\Change Extension
[28/02/2009|18:04] C:\Program Files\ComPlus Applications
[28/02/2009|19:56] C:\Program Files\CyberLink
[07/03/2009|16:00] C:\Program Files\DivX
[01/06/2009|22:08] C:\Program Files\DVDVideoSoft
[23/07/2009|12:38] C:\Program Files\Easy iPod MP4 PSP 3GP
[01/06/2009|15:08] C:\Program Files\EasySearch
[23/07/2009|12:40] C:\Program Files\eMule
[01/06/2009|22:08] C:\Program Files\Fichiers communs
[28/02/2009|20:33] C:\Program Files\Free
[21/07/2009|11:55] C:\Program Files\Google
[24/06/2009|11:56] C:\Program Files\GooglePlusVideos
[17/05/2009|14:42] C:\Program Files\Guitar Pro 4
[28/02/2009|20:04] C:\Program Files\Illustrate
[21/03/2009|11:21] C:\Program Files\InstallShield Installation Information
[29/07/2009|15:25] C:\Program Files\Internet Explorer
[16/06/2009|13:49] C:\Program Files\iPod
[16/06/2009|13:51] C:\Program Files\iTunes
[30/04/2009|21:44] C:\Program Files\Java
[07/03/2009|14:45] C:\Program Files\Lexmark 2200 Series
[01/03/2009|14:40] C:\Program Files\Messenger
[02/03/2009|22:01] C:\Program Files\Messenger Plus! Live
[02/03/2009|21:39] C:\Program Files\Microsoft
[28/02/2009|18:14] C:\Program Files\microsoft frontpage
[07/05/2009|16:56] C:\Program Files\Microsoft Office
[01/03/2009|14:27] C:\Program Files\Movie Maker
[07/05/2009|16:56] C:\Program Files\MSECache
[28/02/2009|18:02] C:\Program Files\MSN
[28/02/2009|18:03] C:\Program Files\MSN Gaming Zone
[01/06/2009|15:13] C:\Program Files\NCH Software
[01/03/2009|14:21] C:\Program Files\NetMeeting
[01/03/2009|14:21] C:\Program Files\Outlook Express
[25/07/2009|16:36] C:\Program Files\Panda Security
[27/04/2009|20:27] C:\Program Files\PhotoFiltre
[04/07/2009|10:20] C:\Program Files\PhotoFiltre Studio X
[05/07/2009|18:32] C:\Program Files\Popims
[23/07/2009|12:48] C:\Program Files\QuickMediaConverter
[16/06/2009|13:40] C:\Program Files\QuickTime
[01/03/2009|16:40] C:\Program Files\Real
[21/03/2009|19:40] C:\Program Files\Red Kawa
[28/02/2009|18:08] C:\Program Files\Services en ligne
[01/07/2009|16:52] C:\Program Files\Smart-Ads-Solutions
[13/04/2009|12:54] C:\Program Files\Softwin
[21/03/2009|11:21] C:\Program Files\ToniArts
[28/02/2009|18:25] C:\Program Files\Uninstall Information
[04/03/2009|09:03] C:\Program Files\VideoLAN
[02/03/2009|21:39] C:\Program Files\Windows Live
[02/03/2009|21:39] C:\Program Files\Windows Live SkyDrive
[01/03/2009|14:28] C:\Program Files\Windows Media Player
[01/03/2009|14:21] C:\Program Files\Windows NT
[28/02/2009|18:08] C:\Program Files\WindowsUpdate
[28/02/2009|20:01] C:\Program Files\WinISO
[28/02/2009|20:01] C:\Program Files\WinRAR
[28/02/2009|18:14] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/03/2009|21:45] C:\Program Files\Fichiers communs\Adobe
[08/03/2009|11:29] C:\Program Files\Fichiers communs\Apple
[04/03/2009|13:55] C:\Program Files\Fichiers communs\AVSMedia
[07/03/2009|10:32] C:\Program Files\Fichiers communs\Designer
[01/06/2009|22:09] C:\Program Files\Fichiers communs\DVDVideoSoft
[09/04/2009|10:33] C:\Program Files\Fichiers communs\InstallShield
[07/05/2009|16:57] C:\Program Files\Fichiers communs\Microsoft Shared
[28/02/2009|18:07] C:\Program Files\Fichiers communs\MSSoap
[28/02/2009|18:52] C:\Program Files\Fichiers communs\ODBC
[01/03/2009|16:41] C:\Program Files\Fichiers communs\Real
[28/02/2009|18:07] C:\Program Files\Fichiers communs\Services
[13/04/2009|12:55] C:\Program Files\Fichiers communs\Softwin
[28/02/2009|18:52] C:\Program Files\Fichiers communs\SpeechEngines
[01/03/2009|14:20] C:\Program Files\Fichiers communs\System
[02/03/2009|21:21] C:\Program Files\Fichiers communs\Windows Live
[01/03/2009|16:41] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 40 Processes )
iexplore.exe ~ [PID:2940]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\ford does hold option
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\Checklime.exe
C:\Program Files\BitTorrent Fastest Tool\dw.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
C:\DOCUME~1\sev\Cookies\sev@advertising[1].txt
C:\DOCUME~1\sev\Cookies\sev@pacificpoker[1].txt
C:\DOCUME~1\sev\Cookies\sev@vegas-millions[1].txt
C:\DOCUME~1\sev\Cookies\sev@888[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-01 14:26:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens
[F:64][D:14]-> C:\DOCUME~1\sev\LOCALS~1\Temp
[F:102][D:0]-> C:\DOCUME~1\sev\Cookies
[F:9436][D:28]-> C:\DOCUME~1\sev\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/08/2009|14:32 - Option : [1]
--------------------\\ Fin du rapport a 14:32:48
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v4.51PG
USER : sev ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:2 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 01/08/2009|14:21 )
--------------------\\ Listing des dossiers dans APPLIC~1
[08/03/2009|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[16/06/2009|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/07/2009|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/03/2009|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/03/2009|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[13/04/2009|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[28/02/2009|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/06/2009|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ford does hold option
[03/03/2009|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/03/2009|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/04/2009|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[09/04/2009|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/03/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/02/2009|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/03/2009|22:32] C:\DOCUME~1\sev\APPLIC~1\Adobe
[18/03/2009|16:12] C:\DOCUME~1\sev\APPLIC~1\Apple Computer
[13/04/2009|14:19] C:\DOCUME~1\sev\APPLIC~1\Bitdefender
[16/07/2009|20:28] C:\DOCUME~1\sev\APPLIC~1\dvdcss
[21/05/2009|17:18] C:\DOCUME~1\sev\APPLIC~1\gtk-2.0
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Help
[28/02/2009|20:03] C:\DOCUME~1\sev\APPLIC~1\InterTrust
[28/02/2009|20:33] C:\DOCUME~1\sev\APPLIC~1\Macromedia
[01/06/2009|14:42] C:\DOCUME~1\sev\APPLIC~1\Messenger
[17/06/2009|18:07] C:\DOCUME~1\sev\APPLIC~1\Microsoft
[05/03/2009|21:29] C:\DOCUME~1\sev\APPLIC~1\Mozilla
[24/04/2009|12:18] C:\DOCUME~1\sev\APPLIC~1\NCH Swift Sound
[04/07/2009|10:21] C:\DOCUME~1\sev\APPLIC~1\PhotoFiltre Studio X
[01/03/2009|16:42] C:\DOCUME~1\sev\APPLIC~1\Real
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Smart PC Solutions
[30/04/2009|21:38] C:\DOCUME~1\sev\APPLIC~1\Sun
[08/03/2009|12:41] C:\DOCUME~1\sev\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/07/2009 13:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/08/2009 12:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/02/2009|20:03] C:\Program Files\Adobe
[28/02/2009|19:54] C:\Program Files\Ahead
[08/03/2009|11:23] C:\Program Files\Apple Software Update
[03/06/2009|13:42] C:\Program Files\AviSynth 2.5
[03/06/2009|13:45] C:\Program Files\AxBx
[12/04/2009|18:37] C:\Program Files\BitDefender
[01/06/2009|14:48] C:\Program Files\BitTorrent Fastest Tool
[10/03/2009|14:38] C:\Program Files\Bonjour
[25/07/2009|16:42] C:\Program Files\CCleaner
[28/02/2009|20:02] C:\Program Files\Change Extension
[28/02/2009|18:04] C:\Program Files\ComPlus Applications
[28/02/2009|19:56] C:\Program Files\CyberLink
[07/03/2009|16:00] C:\Program Files\DivX
[01/06/2009|22:08] C:\Program Files\DVDVideoSoft
[23/07/2009|12:38] C:\Program Files\Easy iPod MP4 PSP 3GP
[01/06/2009|15:08] C:\Program Files\EasySearch
[23/07/2009|12:40] C:\Program Files\eMule
[01/06/2009|22:08] C:\Program Files\Fichiers communs
[28/02/2009|20:33] C:\Program Files\Free
[21/07/2009|11:55] C:\Program Files\Google
[24/06/2009|11:56] C:\Program Files\GooglePlusVideos
[17/05/2009|14:42] C:\Program Files\Guitar Pro 4
[28/02/2009|20:04] C:\Program Files\Illustrate
[21/03/2009|11:21] C:\Program Files\InstallShield Installation Information
[29/07/2009|15:25] C:\Program Files\Internet Explorer
[16/06/2009|13:49] C:\Program Files\iPod
[16/06/2009|13:51] C:\Program Files\iTunes
[30/04/2009|21:44] C:\Program Files\Java
[07/03/2009|14:45] C:\Program Files\Lexmark 2200 Series
[01/03/2009|14:40] C:\Program Files\Messenger
[02/03/2009|22:01] C:\Program Files\Messenger Plus! Live
[02/03/2009|21:39] C:\Program Files\Microsoft
[28/02/2009|18:14] C:\Program Files\microsoft frontpage
[07/05/2009|16:56] C:\Program Files\Microsoft Office
[01/03/2009|14:27] C:\Program Files\Movie Maker
[07/05/2009|16:56] C:\Program Files\MSECache
[28/02/2009|18:02] C:\Program Files\MSN
[28/02/2009|18:03] C:\Program Files\MSN Gaming Zone
[01/06/2009|15:13] C:\Program Files\NCH Software
[01/03/2009|14:21] C:\Program Files\NetMeeting
[01/03/2009|14:21] C:\Program Files\Outlook Express
[25/07/2009|16:36] C:\Program Files\Panda Security
[27/04/2009|20:27] C:\Program Files\PhotoFiltre
[04/07/2009|10:20] C:\Program Files\PhotoFiltre Studio X
[05/07/2009|18:32] C:\Program Files\Popims
[23/07/2009|12:48] C:\Program Files\QuickMediaConverter
[16/06/2009|13:40] C:\Program Files\QuickTime
[01/03/2009|16:40] C:\Program Files\Real
[21/03/2009|19:40] C:\Program Files\Red Kawa
[28/02/2009|18:08] C:\Program Files\Services en ligne
[01/07/2009|16:52] C:\Program Files\Smart-Ads-Solutions
[13/04/2009|12:54] C:\Program Files\Softwin
[21/03/2009|11:21] C:\Program Files\ToniArts
[28/02/2009|18:25] C:\Program Files\Uninstall Information
[04/03/2009|09:03] C:\Program Files\VideoLAN
[02/03/2009|21:39] C:\Program Files\Windows Live
[02/03/2009|21:39] C:\Program Files\Windows Live SkyDrive
[01/03/2009|14:28] C:\Program Files\Windows Media Player
[01/03/2009|14:21] C:\Program Files\Windows NT
[28/02/2009|18:08] C:\Program Files\WindowsUpdate
[28/02/2009|20:01] C:\Program Files\WinISO
[28/02/2009|20:01] C:\Program Files\WinRAR
[28/02/2009|18:14] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/03/2009|21:45] C:\Program Files\Fichiers communs\Adobe
[08/03/2009|11:29] C:\Program Files\Fichiers communs\Apple
[04/03/2009|13:55] C:\Program Files\Fichiers communs\AVSMedia
[07/03/2009|10:32] C:\Program Files\Fichiers communs\Designer
[01/06/2009|22:09] C:\Program Files\Fichiers communs\DVDVideoSoft
[09/04/2009|10:33] C:\Program Files\Fichiers communs\InstallShield
[07/05/2009|16:57] C:\Program Files\Fichiers communs\Microsoft Shared
[28/02/2009|18:07] C:\Program Files\Fichiers communs\MSSoap
[28/02/2009|18:52] C:\Program Files\Fichiers communs\ODBC
[01/03/2009|16:41] C:\Program Files\Fichiers communs\Real
[28/02/2009|18:07] C:\Program Files\Fichiers communs\Services
[13/04/2009|12:55] C:\Program Files\Fichiers communs\Softwin
[28/02/2009|18:52] C:\Program Files\Fichiers communs\SpeechEngines
[01/03/2009|14:20] C:\Program Files\Fichiers communs\System
[02/03/2009|21:21] C:\Program Files\Fichiers communs\Windows Live
[01/03/2009|16:41] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 40 Processes )
iexplore.exe ~ [PID:2940]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\ford does hold option
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\Checklime.exe
C:\Program Files\BitTorrent Fastest Tool\dw.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
C:\DOCUME~1\sev\Cookies\sev@advertising[1].txt
C:\DOCUME~1\sev\Cookies\sev@pacificpoker[1].txt
C:\DOCUME~1\sev\Cookies\sev@vegas-millions[1].txt
C:\DOCUME~1\sev\Cookies\sev@888[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-01 14:26:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens
[F:64][D:14]-> C:\DOCUME~1\sev\LOCALS~1\Temp
[F:102][D:0]-> C:\DOCUME~1\sev\Cookies
[F:9436][D:28]-> C:\DOCUME~1\sev\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/08/2009|14:32 - Option : [1]
--------------------\\ Fin du rapport a 14:32:48
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 14:50
1 août 2009 à 14:50
Le résultat de VirusTotal :
Pour celui-ci : 'C:\WINDOWS\system32\mkcbunliudbl.dll'
- Fichier mkcbunliudbl.dll reçu le 2009.08.01 12:45:04 (UTC)
Résultat: 11/41 (26.83%)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 Gen.AdWare!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.07.31 W32/AdAgent.U.gen!Eldorado
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 Gen:Adware.Heur.Eu8@YaR7umci
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1835 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.07.31 W32/AdAgent.U.gen!Eldorado
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 Gen:Adware.Heur.Eu8@YaR7umci
Ikarus T3.1.1.64.0 2009.08.01 Gen.AdWare
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 potentially unwanted program Artemis!4D233A60911F
McAfee-GW-Edition 6.8.5 2009.08.01 Heuristic.BehavesLike.Win32.Downloader.I
Microsoft 1.4903 2009.08.01 -
NOD32 4295 2009.07.31 probably a variant of Win32/Adware.GooochiBiz.AB
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
PCTools 4.4.2.0 2009.07.31 -
Prevx 3.0 2009.08.01 High Risk Cloaked Malware
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 Trojan.Adclicker
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 505856 bytes
MD5...: 4d233a60911f96935f52451a1da8c1f6
SHA1..: 46d4476dc83ba0f30a661046c4c598ea62ed4956
SHA256: 1c9be5ab0fe2987f5c00f9f57011ad27c7608f836ada175c19e1314a5ba18715
ssdeep: 12288:B3cYL7BlWWQaRj8VW1qxZQ4Zpy8D4pAFYCx6NLlsWmbd7:B3xLC/VWQZQ4
ZpyU4p6YCcNxsWS
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4cea8
timedatestamp.....: 0x4a6703e4 (Wed Jul 22 12:19:48 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x624f1 0x62600 6.57 5fe241696d1bc72b1dad5ed87f395791
.rdata 0x64000 0xa479 0xa600 4.77 11b0396ca669d7063e554e5d66566745
.data 0x6f000 0x4b20 0x1a00 3.84 3c185d739a1e225faf48e87db17bc2a4
.rsrc 0x74000 0x34c 0x400 4.70 f632e3e6c5eb4d384b6ea5d01204c1f1
.reloc 0x75000 0xc992 0xca00 4.51 0a8213fd85e860b3b18b8f44cc80a35d
( 4 imports )
> WS2_32.dll: getaddrinfo
> KERNEL32.dll: TlsSetValue, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetProcAddress, LoadLibraryA, ExitThread, GetSystemTime, CreateEventW, CloseHandle, lstrcmpiA, FreeLibrary, VirtualQuery, VirtualProtect, VirtualAlloc, InterlockedCompareExchange, GetCurrentThreadId, ResumeThread, FlushInstructionCache, GetCurrentProcess, GetThreadContext, SetThreadContext, GetLastError, SuspendThread, GetCurrentThread, SetLastError, FlushFileBuffers, CreateFileA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetLocaleInfoA, RaiseException, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, RtlUnwind, GetCommandLineA, HeapFree, HeapAlloc, GetModuleHandleW, TlsGetValue, TlsAlloc, TlsFree, InterlockedIncrement, InterlockedDecrement, Sleep, HeapSize, ExitProcess, GetModuleHandleA, WriteFile, GetStdHandle, GetModuleFileNameA, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapCreate, HeapDestroy, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, HeapReAlloc, SetFilePointer, GetConsoleCP, GetConsoleMode, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, MultiByteToWideChar, InitializeCriticalSectionAndSpinCount
> USER32.dll: CallWindowProcW, SetWindowLongW, SendMessageW, SetActiveWindow, OffsetRect, IntersectRect, InflateRect, ClientToScreen, SetWindowTextW
> OLEAUT32.dll: -, -, -, -, -, -, -, -
( 5 exports )
DllCanUnloadNow, DllExec, DllGetClassObject, DllRegisterServer, DllUnregisterServer
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=AE7529D600BBB874B8D8078884E30F000CAA7949' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=AE7529D600BBB874B8D8078884E30F000CAA7949</a>
Pour celui-ci : 'C:\WINDOWS\System32\nzewbpdrsshx.exe'
- Fichier nzewbpdrsshx.exe reçu le 2009.08.01 12:49:56 (UTC)
Résultat: 2/39 (5.13%)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.07.31 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1835 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 Heuristic.LooksLike.Win32.Suspicious.H
Microsoft 1.4903 2009.08.01 -
NOD32 4295 2009.07.31 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
Prevx 3.0 2009.08.01 High Risk Cloaked Malware
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 48253 bytes
MD5...: bb8e3a1c9d3eb5960557e4e55d9829d2
SHA1..: 61567f5bfe93e98d2d15eb9616fab2c6f14daa14
SHA256: bc5bd6931903d9ea815946b659a8922ebc17d5f575ab29c2b57eaa1dc9427e87
ssdeep: 768:CCloVlpQE2MQGc6rDh84nSwN15G4DRF/O71mJ3JRnAoILIhme9SAnDWBuoaK
COFd:TYpQtMDc6fnpumJAoIsht9SAZooOFd
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x323c
timedatestamp.....: 0x49a05a1a (Sat Feb 21 19:46:34 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x5a56 0x5c00 6.42 7e9e633fd2aedade49bf819fab33d557
.rdata 0x7000 0x1190 0x1200 5.18 db16645055619c0cc73276ff5c3adb75
.data 0x9000 0x1af98 0x400 4.71 a59d6ff4f72ca84cc2dea3b332090bfb
.ndata 0x24000 0xd000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x31000 0x908 0xa00 3.85 a6381affa5d795345d320cd0bf75e6d2
( 8 imports )
> KERNEL32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetTickCount, CreateFileA, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, GetVersion, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA
> USER32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, DestroyWindow, CreateDialogParamA, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow
> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject
> SHELL32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation
> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA
> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create
> ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA
( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=9F2E2D347DF86921BC2E005809A7C50032EE4E26' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=9F2E2D347DF86921BC2E005809A7C50032EE4E26</a>
J ne sais pas ce que signifie le 2/39 ?
Est-ce bien terminé ?
Pour celui-ci : 'C:\WINDOWS\system32\mkcbunliudbl.dll'
- Fichier mkcbunliudbl.dll reçu le 2009.08.01 12:45:04 (UTC)
Résultat: 11/41 (26.83%)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 Gen.AdWare!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.07.31 W32/AdAgent.U.gen!Eldorado
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 Gen:Adware.Heur.Eu8@YaR7umci
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1835 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.07.31 W32/AdAgent.U.gen!Eldorado
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 Gen:Adware.Heur.Eu8@YaR7umci
Ikarus T3.1.1.64.0 2009.08.01 Gen.AdWare
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 potentially unwanted program Artemis!4D233A60911F
McAfee-GW-Edition 6.8.5 2009.08.01 Heuristic.BehavesLike.Win32.Downloader.I
Microsoft 1.4903 2009.08.01 -
NOD32 4295 2009.07.31 probably a variant of Win32/Adware.GooochiBiz.AB
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
PCTools 4.4.2.0 2009.07.31 -
Prevx 3.0 2009.08.01 High Risk Cloaked Malware
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 Trojan.Adclicker
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 505856 bytes
MD5...: 4d233a60911f96935f52451a1da8c1f6
SHA1..: 46d4476dc83ba0f30a661046c4c598ea62ed4956
SHA256: 1c9be5ab0fe2987f5c00f9f57011ad27c7608f836ada175c19e1314a5ba18715
ssdeep: 12288:B3cYL7BlWWQaRj8VW1qxZQ4Zpy8D4pAFYCx6NLlsWmbd7:B3xLC/VWQZQ4
ZpyU4p6YCcNxsWS
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4cea8
timedatestamp.....: 0x4a6703e4 (Wed Jul 22 12:19:48 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x624f1 0x62600 6.57 5fe241696d1bc72b1dad5ed87f395791
.rdata 0x64000 0xa479 0xa600 4.77 11b0396ca669d7063e554e5d66566745
.data 0x6f000 0x4b20 0x1a00 3.84 3c185d739a1e225faf48e87db17bc2a4
.rsrc 0x74000 0x34c 0x400 4.70 f632e3e6c5eb4d384b6ea5d01204c1f1
.reloc 0x75000 0xc992 0xca00 4.51 0a8213fd85e860b3b18b8f44cc80a35d
( 4 imports )
> WS2_32.dll: getaddrinfo
> KERNEL32.dll: TlsSetValue, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetProcAddress, LoadLibraryA, ExitThread, GetSystemTime, CreateEventW, CloseHandle, lstrcmpiA, FreeLibrary, VirtualQuery, VirtualProtect, VirtualAlloc, InterlockedCompareExchange, GetCurrentThreadId, ResumeThread, FlushInstructionCache, GetCurrentProcess, GetThreadContext, SetThreadContext, GetLastError, SuspendThread, GetCurrentThread, SetLastError, FlushFileBuffers, CreateFileA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetLocaleInfoA, RaiseException, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, RtlUnwind, GetCommandLineA, HeapFree, HeapAlloc, GetModuleHandleW, TlsGetValue, TlsAlloc, TlsFree, InterlockedIncrement, InterlockedDecrement, Sleep, HeapSize, ExitProcess, GetModuleHandleA, WriteFile, GetStdHandle, GetModuleFileNameA, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapCreate, HeapDestroy, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, HeapReAlloc, SetFilePointer, GetConsoleCP, GetConsoleMode, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, MultiByteToWideChar, InitializeCriticalSectionAndSpinCount
> USER32.dll: CallWindowProcW, SetWindowLongW, SendMessageW, SetActiveWindow, OffsetRect, IntersectRect, InflateRect, ClientToScreen, SetWindowTextW
> OLEAUT32.dll: -, -, -, -, -, -, -, -
( 5 exports )
DllCanUnloadNow, DllExec, DllGetClassObject, DllRegisterServer, DllUnregisterServer
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=AE7529D600BBB874B8D8078884E30F000CAA7949' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=AE7529D600BBB874B8D8078884E30F000CAA7949</a>
Pour celui-ci : 'C:\WINDOWS\System32\nzewbpdrsshx.exe'
- Fichier nzewbpdrsshx.exe reçu le 2009.08.01 12:49:56 (UTC)
Résultat: 2/39 (5.13%)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.07.31 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1835 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 Heuristic.LooksLike.Win32.Suspicious.H
Microsoft 1.4903 2009.08.01 -
NOD32 4295 2009.07.31 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
Prevx 3.0 2009.08.01 High Risk Cloaked Malware
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 48253 bytes
MD5...: bb8e3a1c9d3eb5960557e4e55d9829d2
SHA1..: 61567f5bfe93e98d2d15eb9616fab2c6f14daa14
SHA256: bc5bd6931903d9ea815946b659a8922ebc17d5f575ab29c2b57eaa1dc9427e87
ssdeep: 768:CCloVlpQE2MQGc6rDh84nSwN15G4DRF/O71mJ3JRnAoILIhme9SAnDWBuoaK
COFd:TYpQtMDc6fnpumJAoIsht9SAZooOFd
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x323c
timedatestamp.....: 0x49a05a1a (Sat Feb 21 19:46:34 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x5a56 0x5c00 6.42 7e9e633fd2aedade49bf819fab33d557
.rdata 0x7000 0x1190 0x1200 5.18 db16645055619c0cc73276ff5c3adb75
.data 0x9000 0x1af98 0x400 4.71 a59d6ff4f72ca84cc2dea3b332090bfb
.ndata 0x24000 0xd000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x31000 0x908 0xa00 3.85 a6381affa5d795345d320cd0bf75e6d2
( 8 imports )
> KERNEL32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetTickCount, CreateFileA, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, GetVersion, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA
> USER32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, DestroyWindow, CreateDialogParamA, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow
> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject
> SHELL32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation
> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA
> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create
> ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA
( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=9F2E2D347DF86921BC2E005809A7C50032EE4E26' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=9F2E2D347DF86921BC2E005809A7C50032EE4E26</a>
J ne sais pas ce que signifie le 2/39 ?
Est-ce bien terminé ?
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
1 août 2009 à 14:53
1 août 2009 à 14:53
Re,
oui, les 2 scans sont terminés et tu as copié la totalité de ce qu'il fallait.
2/39 signifie que 2 des 39 scanners ont décelé le fichier comme malware.
oui, les 2 scans sont terminés et tu as copié la totalité de ce qu'il fallait.
2/39 signifie que 2 des 39 scanners ont décelé le fichier comme malware.
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 15:12
1 août 2009 à 15:12
et de un !
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v4.51PG
USER : sev ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:2 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 01/08/2009|14:52 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\Checklime.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\dw.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\DOCUME~1\sev\Cookies\sev@advertising[1].txt
Supprime! - C:\DOCUME~1\sev\Cookies\sev@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\sev\Cookies\sev@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\sev\Cookies\sev@888[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\ford does hold option
Supprime! - C:\Program Files\BitTorrent Fastest Tool
Echec ! - C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE
Echec ! - C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[08/03/2009|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[16/06/2009|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/07/2009|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/03/2009|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/03/2009|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[13/04/2009|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[28/02/2009|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/03/2009|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/03/2009|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/04/2009|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[09/04/2009|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/03/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/02/2009|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/03/2009|22:32] C:\DOCUME~1\sev\APPLIC~1\Adobe
[18/03/2009|16:12] C:\DOCUME~1\sev\APPLIC~1\Apple Computer
[13/04/2009|14:19] C:\DOCUME~1\sev\APPLIC~1\Bitdefender
[16/07/2009|20:28] C:\DOCUME~1\sev\APPLIC~1\dvdcss
[21/05/2009|17:18] C:\DOCUME~1\sev\APPLIC~1\gtk-2.0
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Help
[28/02/2009|20:03] C:\DOCUME~1\sev\APPLIC~1\InterTrust
[28/02/2009|20:33] C:\DOCUME~1\sev\APPLIC~1\Macromedia
[01/06/2009|14:42] C:\DOCUME~1\sev\APPLIC~1\Messenger
[17/06/2009|18:07] C:\DOCUME~1\sev\APPLIC~1\Microsoft
[05/03/2009|21:29] C:\DOCUME~1\sev\APPLIC~1\Mozilla
[24/04/2009|12:18] C:\DOCUME~1\sev\APPLIC~1\NCH Swift Sound
[04/07/2009|10:21] C:\DOCUME~1\sev\APPLIC~1\PhotoFiltre Studio X
[01/03/2009|16:42] C:\DOCUME~1\sev\APPLIC~1\Real
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Smart PC Solutions
[30/04/2009|21:38] C:\DOCUME~1\sev\APPLIC~1\Sun
[08/03/2009|12:41] C:\DOCUME~1\sev\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/07/2009 13:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/08/2009 12:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/02/2009|20:03] C:\Program Files\Adobe
[28/02/2009|19:54] C:\Program Files\Ahead
[08/03/2009|11:23] C:\Program Files\Apple Software Update
[03/06/2009|13:42] C:\Program Files\AviSynth 2.5
[03/06/2009|13:45] C:\Program Files\AxBx
[12/04/2009|18:37] C:\Program Files\BitDefender
[10/03/2009|14:38] C:\Program Files\Bonjour
[25/07/2009|16:42] C:\Program Files\CCleaner
[28/02/2009|20:02] C:\Program Files\Change Extension
[28/02/2009|18:04] C:\Program Files\ComPlus Applications
[28/02/2009|19:56] C:\Program Files\CyberLink
[07/03/2009|16:00] C:\Program Files\DivX
[01/06/2009|22:08] C:\Program Files\DVDVideoSoft
[23/07/2009|12:38] C:\Program Files\Easy iPod MP4 PSP 3GP
[01/06/2009|15:08] C:\Program Files\EasySearch
[23/07/2009|12:40] C:\Program Files\eMule
[01/06/2009|22:08] C:\Program Files\Fichiers communs
[28/02/2009|20:33] C:\Program Files\Free
[21/07/2009|11:55] C:\Program Files\Google
[24/06/2009|11:56] C:\Program Files\GooglePlusVideos
[17/05/2009|14:42] C:\Program Files\Guitar Pro 4
[28/02/2009|20:04] C:\Program Files\Illustrate
[21/03/2009|11:21] C:\Program Files\InstallShield Installation Information
[29/07/2009|15:25] C:\Program Files\Internet Explorer
[16/06/2009|13:49] C:\Program Files\iPod
[16/06/2009|13:51] C:\Program Files\iTunes
[30/04/2009|21:44] C:\Program Files\Java
[07/03/2009|14:45] C:\Program Files\Lexmark 2200 Series
[01/03/2009|14:40] C:\Program Files\Messenger
[02/03/2009|22:01] C:\Program Files\Messenger Plus! Live
[02/03/2009|21:39] C:\Program Files\Microsoft
[28/02/2009|18:14] C:\Program Files\microsoft frontpage
[07/05/2009|16:56] C:\Program Files\Microsoft Office
[01/03/2009|14:27] C:\Program Files\Movie Maker
[07/05/2009|16:56] C:\Program Files\MSECache
[28/02/2009|18:02] C:\Program Files\MSN
[28/02/2009|18:03] C:\Program Files\MSN Gaming Zone
[01/06/2009|15:13] C:\Program Files\NCH Software
[01/03/2009|14:21] C:\Program Files\NetMeeting
[01/03/2009|14:21] C:\Program Files\Outlook Express
[25/07/2009|16:36] C:\Program Files\Panda Security
[27/04/2009|20:27] C:\Program Files\PhotoFiltre
[04/07/2009|10:20] C:\Program Files\PhotoFiltre Studio X
[05/07/2009|18:32] C:\Program Files\Popims
[23/07/2009|12:48] C:\Program Files\QuickMediaConverter
[16/06/2009|13:40] C:\Program Files\QuickTime
[01/03/2009|16:40] C:\Program Files\Real
[21/03/2009|19:40] C:\Program Files\Red Kawa
[28/02/2009|18:08] C:\Program Files\Services en ligne
[01/07/2009|16:52] C:\Program Files\Smart-Ads-Solutions
[13/04/2009|12:54] C:\Program Files\Softwin
[21/03/2009|11:21] C:\Program Files\ToniArts
[28/02/2009|18:25] C:\Program Files\Uninstall Information
[04/03/2009|09:03] C:\Program Files\VideoLAN
[02/03/2009|21:39] C:\Program Files\Windows Live
[02/03/2009|21:39] C:\Program Files\Windows Live SkyDrive
[01/03/2009|14:28] C:\Program Files\Windows Media Player
[01/03/2009|14:21] C:\Program Files\Windows NT
[28/02/2009|18:08] C:\Program Files\WindowsUpdate
[28/02/2009|20:01] C:\Program Files\WinISO
[28/02/2009|20:01] C:\Program Files\WinRAR
[28/02/2009|18:14] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/03/2009|21:45] C:\Program Files\Fichiers communs\Adobe
[08/03/2009|11:29] C:\Program Files\Fichiers communs\Apple
[04/03/2009|13:55] C:\Program Files\Fichiers communs\AVSMedia
[07/03/2009|10:32] C:\Program Files\Fichiers communs\Designer
[01/06/2009|22:09] C:\Program Files\Fichiers communs\DVDVideoSoft
[09/04/2009|10:33] C:\Program Files\Fichiers communs\InstallShield
[07/05/2009|16:57] C:\Program Files\Fichiers communs\Microsoft Shared
[28/02/2009|18:07] C:\Program Files\Fichiers communs\MSSoap
[28/02/2009|18:52] C:\Program Files\Fichiers communs\ODBC
[01/03/2009|16:41] C:\Program Files\Fichiers communs\Real
[28/02/2009|18:07] C:\Program Files\Fichiers communs\Services
[13/04/2009|12:55] C:\Program Files\Fichiers communs\Softwin
[28/02/2009|18:52] C:\Program Files\Fichiers communs\SpeechEngines
[01/03/2009|14:20] C:\Program Files\Fichiers communs\System
[02/03/2009|21:21] C:\Program Files\Fichiers communs\Windows Live
[01/03/2009|16:41] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 38 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-08-01 14:56:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens
[F:64][D:14]-> C:\DOCUME~1\sev\LOCALS~1\Temp
[F:99][D:0]-> C:\DOCUME~1\sev\Cookies
[F:9588][D:28]-> C:\DOCUME~1\sev\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/08/2009|14:32 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 01/08/2009|15:02 - Option : [2]
--------------------\\ Fin du rapport a 15:02:23
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v4.51PG
USER : sev ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:2 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 01/08/2009|14:52 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\Checklime.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\dw.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\DOCUME~1\sev\Cookies\sev@advertising[1].txt
Supprime! - C:\DOCUME~1\sev\Cookies\sev@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\sev\Cookies\sev@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\sev\Cookies\sev@888[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\ford does hold option
Supprime! - C:\Program Files\BitTorrent Fastest Tool
Echec ! - C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE
Echec ! - C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[08/03/2009|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[16/06/2009|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[12/07/2009|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/03/2009|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/03/2009|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[13/04/2009|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[28/02/2009|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/03/2009|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/03/2009|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/04/2009|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[09/04/2009|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/03/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/02/2009|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/02/2009|18:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/03/2009|22:32] C:\DOCUME~1\sev\APPLIC~1\Adobe
[18/03/2009|16:12] C:\DOCUME~1\sev\APPLIC~1\Apple Computer
[13/04/2009|14:19] C:\DOCUME~1\sev\APPLIC~1\Bitdefender
[16/07/2009|20:28] C:\DOCUME~1\sev\APPLIC~1\dvdcss
[21/05/2009|17:18] C:\DOCUME~1\sev\APPLIC~1\gtk-2.0
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Help
[28/02/2009|20:03] C:\DOCUME~1\sev\APPLIC~1\InterTrust
[28/02/2009|20:33] C:\DOCUME~1\sev\APPLIC~1\Macromedia
[01/06/2009|14:42] C:\DOCUME~1\sev\APPLIC~1\Messenger
[17/06/2009|18:07] C:\DOCUME~1\sev\APPLIC~1\Microsoft
[05/03/2009|21:29] C:\DOCUME~1\sev\APPLIC~1\Mozilla
[24/04/2009|12:18] C:\DOCUME~1\sev\APPLIC~1\NCH Swift Sound
[04/07/2009|10:21] C:\DOCUME~1\sev\APPLIC~1\PhotoFiltre Studio X
[01/03/2009|16:42] C:\DOCUME~1\sev\APPLIC~1\Real
[09/04/2009|10:33] C:\DOCUME~1\sev\APPLIC~1\Smart PC Solutions
[30/04/2009|21:38] C:\DOCUME~1\sev\APPLIC~1\Sun
[08/03/2009|12:41] C:\DOCUME~1\sev\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[21/07/2009 13:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/08/2009 12:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/02/2009|20:03] C:\Program Files\Adobe
[28/02/2009|19:54] C:\Program Files\Ahead
[08/03/2009|11:23] C:\Program Files\Apple Software Update
[03/06/2009|13:42] C:\Program Files\AviSynth 2.5
[03/06/2009|13:45] C:\Program Files\AxBx
[12/04/2009|18:37] C:\Program Files\BitDefender
[10/03/2009|14:38] C:\Program Files\Bonjour
[25/07/2009|16:42] C:\Program Files\CCleaner
[28/02/2009|20:02] C:\Program Files\Change Extension
[28/02/2009|18:04] C:\Program Files\ComPlus Applications
[28/02/2009|19:56] C:\Program Files\CyberLink
[07/03/2009|16:00] C:\Program Files\DivX
[01/06/2009|22:08] C:\Program Files\DVDVideoSoft
[23/07/2009|12:38] C:\Program Files\Easy iPod MP4 PSP 3GP
[01/06/2009|15:08] C:\Program Files\EasySearch
[23/07/2009|12:40] C:\Program Files\eMule
[01/06/2009|22:08] C:\Program Files\Fichiers communs
[28/02/2009|20:33] C:\Program Files\Free
[21/07/2009|11:55] C:\Program Files\Google
[24/06/2009|11:56] C:\Program Files\GooglePlusVideos
[17/05/2009|14:42] C:\Program Files\Guitar Pro 4
[28/02/2009|20:04] C:\Program Files\Illustrate
[21/03/2009|11:21] C:\Program Files\InstallShield Installation Information
[29/07/2009|15:25] C:\Program Files\Internet Explorer
[16/06/2009|13:49] C:\Program Files\iPod
[16/06/2009|13:51] C:\Program Files\iTunes
[30/04/2009|21:44] C:\Program Files\Java
[07/03/2009|14:45] C:\Program Files\Lexmark 2200 Series
[01/03/2009|14:40] C:\Program Files\Messenger
[02/03/2009|22:01] C:\Program Files\Messenger Plus! Live
[02/03/2009|21:39] C:\Program Files\Microsoft
[28/02/2009|18:14] C:\Program Files\microsoft frontpage
[07/05/2009|16:56] C:\Program Files\Microsoft Office
[01/03/2009|14:27] C:\Program Files\Movie Maker
[07/05/2009|16:56] C:\Program Files\MSECache
[28/02/2009|18:02] C:\Program Files\MSN
[28/02/2009|18:03] C:\Program Files\MSN Gaming Zone
[01/06/2009|15:13] C:\Program Files\NCH Software
[01/03/2009|14:21] C:\Program Files\NetMeeting
[01/03/2009|14:21] C:\Program Files\Outlook Express
[25/07/2009|16:36] C:\Program Files\Panda Security
[27/04/2009|20:27] C:\Program Files\PhotoFiltre
[04/07/2009|10:20] C:\Program Files\PhotoFiltre Studio X
[05/07/2009|18:32] C:\Program Files\Popims
[23/07/2009|12:48] C:\Program Files\QuickMediaConverter
[16/06/2009|13:40] C:\Program Files\QuickTime
[01/03/2009|16:40] C:\Program Files\Real
[21/03/2009|19:40] C:\Program Files\Red Kawa
[28/02/2009|18:08] C:\Program Files\Services en ligne
[01/07/2009|16:52] C:\Program Files\Smart-Ads-Solutions
[13/04/2009|12:54] C:\Program Files\Softwin
[21/03/2009|11:21] C:\Program Files\ToniArts
[28/02/2009|18:25] C:\Program Files\Uninstall Information
[04/03/2009|09:03] C:\Program Files\VideoLAN
[02/03/2009|21:39] C:\Program Files\Windows Live
[02/03/2009|21:39] C:\Program Files\Windows Live SkyDrive
[01/03/2009|14:28] C:\Program Files\Windows Media Player
[01/03/2009|14:21] C:\Program Files\Windows NT
[28/02/2009|18:08] C:\Program Files\WindowsUpdate
[28/02/2009|20:01] C:\Program Files\WinISO
[28/02/2009|20:01] C:\Program Files\WinRAR
[28/02/2009|18:14] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/03/2009|21:45] C:\Program Files\Fichiers communs\Adobe
[08/03/2009|11:29] C:\Program Files\Fichiers communs\Apple
[04/03/2009|13:55] C:\Program Files\Fichiers communs\AVSMedia
[07/03/2009|10:32] C:\Program Files\Fichiers communs\Designer
[01/06/2009|22:09] C:\Program Files\Fichiers communs\DVDVideoSoft
[09/04/2009|10:33] C:\Program Files\Fichiers communs\InstallShield
[07/05/2009|16:57] C:\Program Files\Fichiers communs\Microsoft Shared
[28/02/2009|18:07] C:\Program Files\Fichiers communs\MSSoap
[28/02/2009|18:52] C:\Program Files\Fichiers communs\ODBC
[01/03/2009|16:41] C:\Program Files\Fichiers communs\Real
[28/02/2009|18:07] C:\Program Files\Fichiers communs\Services
[13/04/2009|12:55] C:\Program Files\Fichiers communs\Softwin
[28/02/2009|18:52] C:\Program Files\Fichiers communs\SpeechEngines
[01/03/2009|14:20] C:\Program Files\Fichiers communs\System
[02/03/2009|21:21] C:\Program Files\Fichiers communs\Windows Live
[01/03/2009|16:41] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 38 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\BitTorrent Fastest Toolvlnet3.com_Installer.exe
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-08-01 14:56:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens
[F:64][D:14]-> C:\DOCUME~1\sev\LOCALS~1\Temp
[F:99][D:0]-> C:\DOCUME~1\sev\Cookies
[F:9588][D:28]-> C:\DOCUME~1\sev\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/08/2009|14:32 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 01/08/2009|15:02 - Option : [2]
--------------------\\ Fin du rapport a 15:02:23
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 15:13
1 août 2009 à 15:13
Et de deux.
Rapport de ZHPDiag v1.24.02 par Nicolas Coolman
Enregistré le 01/08/2009 15:06:13
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: agadoo browser enhancer - {0E3CE546-2D06-C1C1-7684-9867AD8658D2} - C:\WINDOWS\system32\mkcbunliudbl.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Plus - {C8CD2017-F1E5-4F1A-B58A-EE0B1AF0D0D8} - C:\PROGRA~1\GOOGLE~1\16GOOG~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark 2200 Series] C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] C:\Program Files\Softwin\BitDefender10\bdagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [rdshltzpakgpdsifk] C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll
O20 - AppInit_DLLs: sockspy.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LexBce Server (LexBceS) - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service
O23 - Service: W2K PCtel speaker phone (Pctspk) - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service
O23 - Service: BitDefender Communicator (XCOMM) - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Shockwave Player 11
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BitDefender Internet Security v10
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Change Extension
O42 - Logiciel: Choice Guard
O42 - Logiciel: EasyCleaner
O42 - Logiciel: FindyKill
O42 - Logiciel: Guitar Pro 4.0
O42 - Logiciel: HSP56 MicroModem Drivers
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Lexmark 2200 Series
O42 - Logiciel: MSVCRT
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Nero - Burning Rom
O42 - Logiciel: Ogg Vorbis CLI
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PCI Audio Driver
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: PhotoFiltre
O42 - Logiciel: Popims Animator
O42 - Logiciel: PowerDVD
O42 - Logiciel: Prism Video Converter
O42 - Logiciel: QuickTime
O42 - Logiciel: RON Too1 Agadoo
O42 - Logiciel: RealPlayer
O42 - Logiciel: Segoe UI
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: WinISO 5.3
O42 - Logiciel: WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: dBpowerAMP
O42 - Logiciel: dBpowerAMP Musepack Codec
O42 - Logiciel: dBpowerAMP Music Converter
O42 - Logiciel: dBpowerAMP Ogg Vorbis Codec
O42 - Logiciel: dBpowerAMP WMA V7 Codec
O42 - Logiciel: dBpowerAMP WMA V8 Codec
O42 - Logiciel: dBpowerAMP WMA V9 Codec
O42 - Logiciel: dMC Power Pack
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Change Extension
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Easy iPod MP4 PSP 3GP
O43 - CFD:Common File Directory ----D- C:\Program Files\EasySearch
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\GooglePlusVideos
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4
O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark 2200 Series
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre Studio X
O43 - CFD:Common File Directory ----D- C:\Program Files\Popims
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickMediaConverter
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Red Kawa
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart-Ads-Solutions
O43 - CFD:Common File Directory ----D- C:\Program Files\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinISO
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/08/2009 - 11:57:09 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:18 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:22 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 01/08/2009 - 12:19:54 ---A- C:\WINDOWS\ZHPADSReport.txt
O44 - LFC:Last File Created 01/08/2009 - 13:15:37 ---A- C:\WINDOWS\System32\bdss.log
O44 - LFC:Last File Created 01/08/2009 - 13:49:08 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 05/07/2009 - 10:55:46 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 07/07/2009 - 16:10:56 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 15/07/2009 - 20:37:03 ---A- C:\WINDOWS\lexstat.ini
O44 - LFC:Last File Created 19/07/2009 - 14:29:19 ---A- C:\WINDOWS\System32\ieframe.dll
O44 - LFC:Last File Created 19/07/2009 - 14:29:21 ---A- C:\WINDOWS\System32\mshtml.dll
O44 - LFC:Last File Created 22/07/2009 - 13:19:48 ---A- C:\WINDOWS\System32\mkcbunliudbl.dll
O44 - LFC:Last File Created 23/07/2009 - 11:31:45 ---A- C:\WINDOWS\CDPlayer.ini
O44 - LFC:Last File Created 24/07/2009 - 19:10:40 ---A- C:\WINDOWS\System32\nzewbpdrsshx.exe
O44 - LFC:Last File Created 28/07/2009 - 18:15:46 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:54:21 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:11 ---A- C:\WINDOWS\msmqinst.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:19 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\MedCtrOC.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\netfxocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\KB972260-IE7.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tabletoc.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 29/07/2009 - 14:46:30 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 29/07/2009 - 18:44:22 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 29/07/2009 - 19:16:03 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 29/07/2009 - 19:26:52 ---A- C:\WINDOWS\System32\d3d9caps.dat
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="serwvdrv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.xvid"="xvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP42"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP43"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MPG4"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.ffds"="ff_vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"serwvdrv.dll"="Pilote de porteuse modem"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="CMI8738/C3DX PCI Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvid.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 5.0 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="midimap.dll"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="imaadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="msadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="msg711.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="msgsm32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="tssoft32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="iccvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"i420vfw.dll"="i420vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="ir32_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="msrle32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="msvidc32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="msacm32"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="mciavi32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="mcicda.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="mciseq.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="mciwave.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow Video Codec"
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
End of the scan: 410 lines
Rapport de ZHPDiag v1.24.02 par Nicolas Coolman
Enregistré le 01/08/2009 15:06:13
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: agadoo browser enhancer - {0E3CE546-2D06-C1C1-7684-9867AD8658D2} - C:\WINDOWS\system32\mkcbunliudbl.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Plus - {C8CD2017-F1E5-4F1A-B58A-EE0B1AF0D0D8} - C:\PROGRA~1\GOOGLE~1\16GOOG~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark 2200 Series] C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] C:\Program Files\Softwin\BitDefender10\bdagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [rdshltzpakgpdsifk] C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll
O20 - AppInit_DLLs: sockspy.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LexBce Server (LexBceS) - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service
O23 - Service: W2K PCtel speaker phone (Pctspk) - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service
O23 - Service: BitDefender Communicator (XCOMM) - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Shockwave Player 11
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BitDefender Internet Security v10
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Change Extension
O42 - Logiciel: Choice Guard
O42 - Logiciel: EasyCleaner
O42 - Logiciel: FindyKill
O42 - Logiciel: Guitar Pro 4.0
O42 - Logiciel: HSP56 MicroModem Drivers
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Lexmark 2200 Series
O42 - Logiciel: MSVCRT
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Nero - Burning Rom
O42 - Logiciel: Ogg Vorbis CLI
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PCI Audio Driver
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: PhotoFiltre
O42 - Logiciel: Popims Animator
O42 - Logiciel: PowerDVD
O42 - Logiciel: Prism Video Converter
O42 - Logiciel: QuickTime
O42 - Logiciel: RON Too1 Agadoo
O42 - Logiciel: RealPlayer
O42 - Logiciel: Segoe UI
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: WinISO 5.3
O42 - Logiciel: WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: dBpowerAMP
O42 - Logiciel: dBpowerAMP Musepack Codec
O42 - Logiciel: dBpowerAMP Music Converter
O42 - Logiciel: dBpowerAMP Ogg Vorbis Codec
O42 - Logiciel: dBpowerAMP WMA V7 Codec
O42 - Logiciel: dBpowerAMP WMA V8 Codec
O42 - Logiciel: dBpowerAMP WMA V9 Codec
O42 - Logiciel: dMC Power Pack
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Change Extension
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Easy iPod MP4 PSP 3GP
O43 - CFD:Common File Directory ----D- C:\Program Files\EasySearch
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\GooglePlusVideos
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4
O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark 2200 Series
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre Studio X
O43 - CFD:Common File Directory ----D- C:\Program Files\Popims
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickMediaConverter
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Red Kawa
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart-Ads-Solutions
O43 - CFD:Common File Directory ----D- C:\Program Files\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinISO
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/08/2009 - 11:57:09 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 01/08/2009 - 11:57:39 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:18 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 01/08/2009 - 11:59:22 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 01/08/2009 - 12:19:54 ---A- C:\WINDOWS\ZHPADSReport.txt
O44 - LFC:Last File Created 01/08/2009 - 13:15:37 ---A- C:\WINDOWS\System32\bdss.log
O44 - LFC:Last File Created 01/08/2009 - 13:49:08 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 05/07/2009 - 10:55:46 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 07/07/2009 - 16:10:56 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 15/07/2009 - 20:37:03 ---A- C:\WINDOWS\lexstat.ini
O44 - LFC:Last File Created 19/07/2009 - 14:29:19 ---A- C:\WINDOWS\System32\ieframe.dll
O44 - LFC:Last File Created 19/07/2009 - 14:29:21 ---A- C:\WINDOWS\System32\mshtml.dll
O44 - LFC:Last File Created 22/07/2009 - 13:19:48 ---A- C:\WINDOWS\System32\mkcbunliudbl.dll
O44 - LFC:Last File Created 23/07/2009 - 11:31:45 ---A- C:\WINDOWS\CDPlayer.ini
O44 - LFC:Last File Created 24/07/2009 - 19:10:40 ---A- C:\WINDOWS\System32\nzewbpdrsshx.exe
O44 - LFC:Last File Created 28/07/2009 - 18:15:46 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:54:21 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:11 ---A- C:\WINDOWS\msmqinst.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:19 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\MedCtrOC.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\netfxocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\KB972260-IE7.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tabletoc.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 29/07/2009 - 14:46:30 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 29/07/2009 - 18:44:22 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 29/07/2009 - 19:16:03 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 29/07/2009 - 19:26:52 ---A- C:\WINDOWS\System32\d3d9caps.dat
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="serwvdrv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.xvid"="xvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP42"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP43"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MPG4"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.ffds"="ff_vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"serwvdrv.dll"="Pilote de porteuse modem"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="CMI8738/C3DX PCI Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvid.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 5.0 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="midimap.dll"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="imaadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="msadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="msg711.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="msgsm32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="tssoft32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="iccvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"i420vfw.dll"="i420vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="ir32_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="msrle32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="msvidc32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="msacm32"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="mciavi32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="mcicda.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="mciseq.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="mciwave.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow Video Codec"
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
End of the scan: 410 lines
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
1 août 2009 à 15:22
1 août 2009 à 15:22
Petite précision:
Le post sur virusTotal est avant celui que tu as posté.
Le post sur virusTotal est avant celui que tu as posté.
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
1 août 2009 à 17:36
1 août 2009 à 17:36
Re,
un souci ou juste que tu as une vie à côté ?
un souci ou juste que tu as une vie à côté ?
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
2 août 2009 à 17:43
2 août 2009 à 17:43
Voici le rapport.
ZHPFix v1.12.01 by Nicolas Coolman - Rapport de suppression du 02/08/2009 17:17:55
Fichier d'export Registre : \:\ZHPExportRegistry-02-08-2009-17-17-56.txt
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Processus mémoire : 0
Module mémoire : 0
Clé du Registre : 2
Valeur du Registre : 2
Elément de données du Registre : 0
Dossier : 0
Fichier : 4
Logiciel : 1
Autre : 0
Processus mémoire :
(Néant)
Module mémoire :
(Néant)
Clé du Registre :
O2 - BHO: Google Plus - {C8CD2017-F1E5-4F1A-B58A-EE0B1AF0D0D8} - C:\PROGRA~1\GOOGLE~1\16GOOG~1.DLL => Registry key not found
O2 - BHO: agadoo browser enhancer - {0E3CE546-2D06-C1C1-7684-9867AD8658D2} - C:\WINDOWS\system32\mkcbunliudbl.dll => Registry key not found
Valeur du Registre :
O4 - HKLM\..\Run: [rdshltzpakgpdsifk] C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll => Registry key value not found
O47 - AAKE:Key Export SP - "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application" => Registry key value not found
Elément de données du Registre :
(Néant)
Dossier :
(Néant)
Fichier :
C:\ => File not found
C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll => File not found
C:\WINDOWS\system32\mkcbunliudbl.dll => File not found
Logiciel :
O42 - Logiciel: RON Too1 Agadoo => Software not found
Autre :
(Néant)
End of the scan
Désolé. Mon ordi a bugué. Et j'ai préféré le laisser "reposer"
Les PUB sont toujours là. Et Bitdefender ne va toujours pas.
Merci de l'aide.
ZHPFix v1.12.01 by Nicolas Coolman - Rapport de suppression du 02/08/2009 17:17:55
Fichier d'export Registre : \:\ZHPExportRegistry-02-08-2009-17-17-56.txt
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Processus mémoire : 0
Module mémoire : 0
Clé du Registre : 2
Valeur du Registre : 2
Elément de données du Registre : 0
Dossier : 0
Fichier : 4
Logiciel : 1
Autre : 0
Processus mémoire :
(Néant)
Module mémoire :
(Néant)
Clé du Registre :
O2 - BHO: Google Plus - {C8CD2017-F1E5-4F1A-B58A-EE0B1AF0D0D8} - C:\PROGRA~1\GOOGLE~1\16GOOG~1.DLL => Registry key not found
O2 - BHO: agadoo browser enhancer - {0E3CE546-2D06-C1C1-7684-9867AD8658D2} - C:\WINDOWS\system32\mkcbunliudbl.dll => Registry key not found
Valeur du Registre :
O4 - HKLM\..\Run: [rdshltzpakgpdsifk] C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll => Registry key value not found
O47 - AAKE:Key Export SP - "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application" => Registry key value not found
Elément de données du Registre :
(Néant)
Dossier :
(Néant)
Fichier :
C:\ => File not found
C:\WINDOWS\System32\regsvr32.exe /s C:\WINDOWS\system32\mkcbunliudbl.dll => File not found
C:\WINDOWS\system32\mkcbunliudbl.dll => File not found
Logiciel :
O42 - Logiciel: RON Too1 Agadoo => Software not found
Autre :
(Néant)
End of the scan
Désolé. Mon ordi a bugué. Et j'ai préféré le laisser "reposer"
Les PUB sont toujours là. Et Bitdefender ne va toujours pas.
Merci de l'aide.
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
2 août 2009 à 18:48
2 août 2009 à 18:48
Bonjour,
bizarre.
Relance ZHPDiag et réitère la fin de la procédure du post 9
bizarre.
Relance ZHPDiag et réitère la fin de la procédure du post 9
Some-I
Messages postés
49
Date d'inscription
jeudi 6 décembre 2007
Statut
Membre
Dernière intervention
7 août 2009
7
3 août 2009 à 17:42
3 août 2009 à 17:42
VOilà.
Rapport de ZHPDiag v1.24.02 par Nicolas Coolman
Enregistré le 03/08/2009 17:39:32
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark 2200 Series] C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] C:\Program Files\Softwin\BitDefender10\bdagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll
O20 - AppInit_DLLs: sockspy.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LexBce Server (LexBceS) - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service
O23 - Service: W2K PCtel speaker phone (Pctspk) - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service
O23 - Service: BitDefender Communicator (XCOMM) - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Shockwave Player 11
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BitDefender Internet Security v10
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Change Extension
O42 - Logiciel: Choice Guard
O42 - Logiciel: EasyCleaner
O42 - Logiciel: FindyKill
O42 - Logiciel: Guitar Pro 4.0
O42 - Logiciel: HSP56 MicroModem Drivers
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Lexmark 2200 Series
O42 - Logiciel: MSVCRT
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Nero - Burning Rom
O42 - Logiciel: Ogg Vorbis CLI
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PCI Audio Driver
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: PhotoFiltre
O42 - Logiciel: Popims Animator
O42 - Logiciel: PowerDVD
O42 - Logiciel: Prism Video Converter
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: Segoe UI
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: WinISO 5.3
O42 - Logiciel: WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: dBpowerAMP
O42 - Logiciel: dBpowerAMP Musepack Codec
O42 - Logiciel: dBpowerAMP Music Converter
O42 - Logiciel: dBpowerAMP Ogg Vorbis Codec
O42 - Logiciel: dBpowerAMP WMA V7 Codec
O42 - Logiciel: dBpowerAMP WMA V8 Codec
O42 - Logiciel: dBpowerAMP WMA V9 Codec
O42 - Logiciel: dMC Power Pack
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Change Extension
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Easy iPod MP4 PSP 3GP
O43 - CFD:Common File Directory ----D- C:\Program Files\EasySearch
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\GooglePlusVideos
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4
O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark 2200 Series
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre Studio X
O43 - CFD:Common File Directory ----D- C:\Program Files\Popims
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickMediaConverter
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Red Kawa
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart-Ads-Solutions
O43 - CFD:Common File Directory ----D- C:\Program Files\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinISO
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/08/2009 - 12:19:54 ---A- C:\WINDOWS\ZHPADSReport.txt
O44 - LFC:Last File Created 01/08/2009 - 19:03:18 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 01/08/2009 - 19:48:19 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 03/08/2009 - 16:15:33 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 03/08/2009 - 16:16:05 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 03/08/2009 - 16:16:06 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 03/08/2009 - 16:16:07 ---A- C:\WINDOWS\System32\bdss.log
O44 - LFC:Last File Created 03/08/2009 - 16:17:41 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 03/08/2009 - 16:17:45 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 03/08/2009 - 16:21:35 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 05/07/2009 - 10:55:46 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 07/07/2009 - 16:10:56 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 15/07/2009 - 20:37:03 ---A- C:\WINDOWS\lexstat.ini
O44 - LFC:Last File Created 19/07/2009 - 14:29:19 ---A- C:\WINDOWS\System32\ieframe.dll
O44 - LFC:Last File Created 19/07/2009 - 14:29:21 ---A- C:\WINDOWS\System32\mshtml.dll
O44 - LFC:Last File Created 23/07/2009 - 11:31:45 ---A- C:\WINDOWS\CDPlayer.ini
O44 - LFC:Last File Created 28/07/2009 - 18:15:46 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:54:21 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:11 ---A- C:\WINDOWS\msmqinst.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:19 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\MedCtrOC.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\netfxocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\KB972260-IE7.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tabletoc.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 29/07/2009 - 14:46:30 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 29/07/2009 - 19:26:52 ---A- C:\WINDOWS\System32\d3d9caps.dat
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="serwvdrv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.xvid"="xvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP42"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP43"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MPG4"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.ffds"="ff_vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"serwvdrv.dll"="Pilote de porteuse modem"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="CMI8738/C3DX PCI Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvid.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 5.0 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="midimap.dll"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="imaadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="msadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="msg711.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="msgsm32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="tssoft32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="iccvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"i420vfw.dll"="i420vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="ir32_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="msrle32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="msvidc32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="msacm32"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="mciavi32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="mcicda.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="mciseq.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="mciwave.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow Video Codec"
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
End of the scan: 402 lines
MErci beaucoup de l'aide. [les PUB sont toujours présentes.]
Rapport de ZHPDiag v1.24.02 par Nicolas Coolman
Enregistré le 03/08/2009 17:39:32
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
---\\ Processus lancés
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Documents and Settings\sev\Application Data\Messenger\Drivers\MsgUpdate83.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Lexmark 2200 Series] C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] C:\Program Files\Softwin\BitDefender10\bdagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll
O20 - AppInit_DLLs: sockspy.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LexBce Server (LexBceS) - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service
O23 - Service: W2K PCtel speaker phone (Pctspk) - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service
O23 - Service: BitDefender Communicator (XCOMM) - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Shockwave Player 11
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BitDefender Internet Security v10
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Change Extension
O42 - Logiciel: Choice Guard
O42 - Logiciel: EasyCleaner
O42 - Logiciel: FindyKill
O42 - Logiciel: Guitar Pro 4.0
O42 - Logiciel: HSP56 MicroModem Drivers
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Lexmark 2200 Series
O42 - Logiciel: MSVCRT
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Nero - Burning Rom
O42 - Logiciel: Ogg Vorbis CLI
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PCI Audio Driver
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: PhotoFiltre
O42 - Logiciel: Popims Animator
O42 - Logiciel: PowerDVD
O42 - Logiciel: Prism Video Converter
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: Segoe UI
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: WinISO 5.3
O42 - Logiciel: WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: dBpowerAMP
O42 - Logiciel: dBpowerAMP Musepack Codec
O42 - Logiciel: dBpowerAMP Music Converter
O42 - Logiciel: dBpowerAMP Ogg Vorbis Codec
O42 - Logiciel: dBpowerAMP WMA V7 Codec
O42 - Logiciel: dBpowerAMP WMA V8 Codec
O42 - Logiciel: dBpowerAMP WMA V9 Codec
O42 - Logiciel: dMC Power Pack
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\AxBx
O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Change Extension
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Easy iPod MP4 PSP 3GP
O43 - CFD:Common File Directory ----D- C:\Program Files\EasySearch
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\GooglePlusVideos
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4
O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark 2200 Series
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre Studio X
O43 - CFD:Common File Directory ----D- C:\Program Files\Popims
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickMediaConverter
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Red Kawa
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart-Ads-Solutions
O43 - CFD:Common File Directory ----D- C:\Program Files\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinISO
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/08/2009 - 12:19:54 ---A- C:\WINDOWS\ZHPADSReport.txt
O44 - LFC:Last File Created 01/08/2009 - 19:03:18 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 01/08/2009 - 19:48:19 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 03/08/2009 - 16:15:33 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 03/08/2009 - 16:16:05 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 03/08/2009 - 16:16:06 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 03/08/2009 - 16:16:07 ---A- C:\WINDOWS\System32\bdss.log
O44 - LFC:Last File Created 03/08/2009 - 16:17:41 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 03/08/2009 - 16:17:45 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 03/08/2009 - 16:21:35 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 05/07/2009 - 10:55:46 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 07/07/2009 - 16:10:56 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 15/07/2009 - 20:37:03 ---A- C:\WINDOWS\lexstat.ini
O44 - LFC:Last File Created 19/07/2009 - 14:29:19 ---A- C:\WINDOWS\System32\ieframe.dll
O44 - LFC:Last File Created 19/07/2009 - 14:29:21 ---A- C:\WINDOWS\System32\mshtml.dll
O44 - LFC:Last File Created 23/07/2009 - 11:31:45 ---A- C:\WINDOWS\CDPlayer.ini
O44 - LFC:Last File Created 28/07/2009 - 18:15:46 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:54:21 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:10 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:11 ---A- C:\WINDOWS\msmqinst.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:19 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\MedCtrOC.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\netfxocm.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:20 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\KB972260-IE7.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tabletoc.log
O44 - LFC:Last File Created 29/07/2009 - 11:55:23 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 29/07/2009 - 14:46:30 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 29/07/2009 - 19:26:52 ---A- C:\WINDOWS\System32\d3d9caps.dat
---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="serwvdrv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.xvid"="xvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP42"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MP43"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.MPG4"="MPG4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.ffds"="ff_vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"serwvdrv.dll"="Pilote de porteuse modem"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="CMI8738/C3DX PCI Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvid.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 5.0 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="midimap.dll"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="imaadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="msadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="msg711.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="msgsm32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="tssoft32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="iccvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"i420vfw.dll"="i420vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="ir32_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="msrle32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="msvidc32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="msacm32"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="mciavi32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="mcicda.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="mciseq.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="mciwave.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow Video Codec"
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
End of the scan: 402 lines
MErci beaucoup de l'aide. [les PUB sont toujours présentes.]