MDG pour Le Criss
moment de grace
Messages postés
30049
Statut
Contributeur sécurité
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
suite à bug probable on reprend ici
il me faut le rapport usbfix
Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
ensuite relancer RSIT et poster le rapport log
suite à bug probable on reprend ici
il me faut le rapport usbfix
Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
ensuite relancer RSIT et poster le rapport log
27 réponses
Merci beaucoup de maider !
############################## | UsbFix V6.073 |
User : Jesus (Administrateurs) # JESUS-PC
Update on 09/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:55:38 | 2010-01-10
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 451,07 Go (400,62 Go free) [OS] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Program Files\Dell\DellDock\DockLogin.exe 808
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe 1420
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe 1448
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe 1512
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe 1616
C:\Windows\SysWOW64\rundll32.exe 1624
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe 1728
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1796
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe 2212
C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe 2240
C:\Windows\SysWOW64\runonce.exe 2972
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe 1944
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe 4212
c:\PROGRA~2\mcafee.com\agent\mcagent.exe 4532
################## | Elements infectieux |
Supprimé ! C:\Windows\Temp\vlc_setup.zip
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3510242374-737585471-1789840245-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3510242374-737585471-1789840245-1002
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3510242374-737585471-1789840245-500
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{1fe1f7a7-fa4a-11de-8313-002564d897d4}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[2009-12-23 00:34|-rah-----|24000] C:\dell.sdr
[?|?|?] C:\hiberfil.sys
[2010-01-10 14:47|--a------|2510] C:\Kill'em.txt
[2010-01-09 04:33|--a------|13118] C:\List'em.txt
[?|?|?] C:\pagefile.sys
[2010-01-10 14:56|--a------|2338] C:\UsbFix.txt
[2010-01-05 22:53|--a------|112] C:\voila.txt
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
################## | Crack > Keygen > Serial |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\Jesus\Desktop\UsbFix_Upload_Me_Jesus-PC.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.073 ! |
############################## | UsbFix V6.073 |
User : Jesus (Administrateurs) # JESUS-PC
Update on 09/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:55:38 | 2010-01-10
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 451,07 Go (400,62 Go free) [OS] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Program Files\Dell\DellDock\DockLogin.exe 808
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe 1420
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe 1448
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe 1512
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe 1616
C:\Windows\SysWOW64\rundll32.exe 1624
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe 1728
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1796
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe 2212
C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe 2240
C:\Windows\SysWOW64\runonce.exe 2972
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe 1944
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe 4212
c:\PROGRA~2\mcafee.com\agent\mcagent.exe 4532
################## | Elements infectieux |
Supprimé ! C:\Windows\Temp\vlc_setup.zip
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3510242374-737585471-1789840245-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3510242374-737585471-1789840245-1002
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3510242374-737585471-1789840245-500
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{1fe1f7a7-fa4a-11de-8313-002564d897d4}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[2009-12-23 00:34|-rah-----|24000] C:\dell.sdr
[?|?|?] C:\hiberfil.sys
[2010-01-10 14:47|--a------|2510] C:\Kill'em.txt
[2010-01-09 04:33|--a------|13118] C:\List'em.txt
[?|?|?] C:\pagefile.sys
[2010-01-10 14:56|--a------|2338] C:\UsbFix.txt
[2010-01-05 22:53|--a------|112] C:\voila.txt
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
################## | Crack > Keygen > Serial |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\Jesus\Desktop\UsbFix_Upload_Me_Jesus-PC.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.073 ! |
Non sa navais pas marcher du tout :p, javais juste installer hijacthis par moi meme.
Voila se que sa fais quand je le lance
http://img97.imageshack.us/img97/5633/39233467.png
Voila se que sa fais quand je le lance
http://img97.imageshack.us/img97/5633/39233467.png
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok
fais ceci pour un diagnostic complet du PC :
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
le rapport étant long et n'ayant que le forum (pour l'heure) pour le consulter, postes le en plusieurs fois ici
fais ceci pour un diagnostic complet du PC :
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
le rapport étant long et n'ayant que le forum (pour l'heure) pour le consulter, postes le en plusieurs fois ici
Rapport de ZHPDiag v1.24.43 par Nicolas Coolman
Run by Jesus at 10/01/2010 18:08:16
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows 7 Home Premium
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox (3.5.7)
Boot mode: Normal (Normal boot)
Total RAM: 4087 MB (39% free)
System drive C: has 403 GB (89%) free of 451 GB
---\\ Processus lancés
[MD5.F04D174B06579027134724D1C2D49108] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[MD5.C098BF3845C738DD4F6F76B55B442D29] - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
[MD5.452FA961163EF4AEE4815796A13AB2CF] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
[MD5.1F5A26DF97C33CD24A8ED4D4A1FF1348] - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
[MD5.796AD8EBEA1CBC334D07FCBE152E6167] - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files (x86)\Java\jre6\bin\jusched.exe
[MD5.8CA340A0929B4595BF7A75E45CF90F84] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
[MD5.2F45DA195C876AA9D0A3725D52F362F9] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
[MD5.FDBC3235AE265FE258E5931AE607BCD3] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
[MD5.18B4B12358EFCF68D76812058A26181F] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
[MD5.A740B005ADD7DEBEAF922C4AE86F7C2D] - c:\program files (x86)\steam\steam.exe
[MD5.435F79D364B796A4EA0B5CAF24CA78BD] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
[MD5.EA6EADF6314E43783BA8EEE79F93F73C] - C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
[MD5.3AC22A3DFA8A050E35F0E3CD99D0CDF2] - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
[MD5.375640F39F2D613B6FDCF8C2F956205A] - C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
[MD5.54A47F6B5E09A77E61649109C6A08866] - C:\Windows\System32\svchost.exe
[MD5.0840ABBBDF438691EE65A20040635CBE] - C:\Program Files\Dell\DellDock\DockLogin.exe
[MD5.0BB913F9F02677BD4AE96D4967CACFEE] - C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
[MD5.5D0A71316D6BFEA3C88C30AD81FDB606] - C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
[MD5.583431A6989FD8B901D1883C0299C471] - c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
[MD5.F8040A47A0E447F96144A8D3E1170119] - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
[MD5.0FC36E77D779F8D021D338BDC7368181] - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
[MD5.2988E515570E4F8B9D9B256137F8E8F4] - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
[MD5.C85968D24449E37653B891B03188140C] - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
[MD5.C833BCEE15F6F489D57748514C4DE8B8] - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
[MD5.DB4D0DFE069E995B3F45CE4623ABFDD9] - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
[MD5.CF3C267356F458BE85C5034BFC382022] - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
[MD5.D358E077A0A05D9B12DA22D137EE8464] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[MD5.622D95520182F6D3D05310D5810CA8B3] - C:\Windows\system32\SearchIndexer.exe
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1
O4 - HKLM\..\policies\Explorer: [ForceActiveDesktopOn] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=128
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=128
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=0
O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=128
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=128
O4 - HKCU\..\policies\Explorer: [HonorAutoRunSetting] Data=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - Global Startup: Dell Remote Access.lnk - c:\Windows\Installer\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll,201
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11)
O11 - Options group: [accessibility] Accessibility - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [browse] Browsing - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [crypto] Security - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [http] HTTP 1.1 settings - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [international] International - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [multimedia] Multimedia - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [print] Printing - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [searching] Search from the Address bar - C:\Windows\SysWOW64\inetcpl.cpl
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
Run by Jesus at 10/01/2010 18:08:16
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows 7 Home Premium
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox (3.5.7)
Boot mode: Normal (Normal boot)
Total RAM: 4087 MB (39% free)
System drive C: has 403 GB (89%) free of 451 GB
---\\ Processus lancés
[MD5.F04D174B06579027134724D1C2D49108] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[MD5.C098BF3845C738DD4F6F76B55B442D29] - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
[MD5.452FA961163EF4AEE4815796A13AB2CF] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
[MD5.1F5A26DF97C33CD24A8ED4D4A1FF1348] - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
[MD5.796AD8EBEA1CBC334D07FCBE152E6167] - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files (x86)\Java\jre6\bin\jusched.exe
[MD5.8CA340A0929B4595BF7A75E45CF90F84] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
[MD5.2F45DA195C876AA9D0A3725D52F362F9] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
[MD5.FDBC3235AE265FE258E5931AE607BCD3] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
[MD5.18B4B12358EFCF68D76812058A26181F] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
[MD5.A740B005ADD7DEBEAF922C4AE86F7C2D] - c:\program files (x86)\steam\steam.exe
[MD5.435F79D364B796A4EA0B5CAF24CA78BD] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
[MD5.EA6EADF6314E43783BA8EEE79F93F73C] - C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
[MD5.3AC22A3DFA8A050E35F0E3CD99D0CDF2] - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
[MD5.375640F39F2D613B6FDCF8C2F956205A] - C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
[MD5.54A47F6B5E09A77E61649109C6A08866] - C:\Windows\System32\svchost.exe
[MD5.0840ABBBDF438691EE65A20040635CBE] - C:\Program Files\Dell\DellDock\DockLogin.exe
[MD5.0BB913F9F02677BD4AE96D4967CACFEE] - C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
[MD5.5D0A71316D6BFEA3C88C30AD81FDB606] - C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
[MD5.583431A6989FD8B901D1883C0299C471] - c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
[MD5.F8040A47A0E447F96144A8D3E1170119] - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
[MD5.0FC36E77D779F8D021D338BDC7368181] - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
[MD5.2988E515570E4F8B9D9B256137F8E8F4] - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
[MD5.C85968D24449E37653B891B03188140C] - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
[MD5.C833BCEE15F6F489D57748514C4DE8B8] - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
[MD5.DB4D0DFE069E995B3F45CE4623ABFDD9] - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
[MD5.CF3C267356F458BE85C5034BFC382022] - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
[MD5.D358E077A0A05D9B12DA22D137EE8464] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[MD5.622D95520182F6D3D05310D5810CA8B3] - C:\Windows\system32\SearchIndexer.exe
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1
O4 - HKLM\..\policies\Explorer: [ForceActiveDesktopOn] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=128
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=128
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=0
O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=128
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=128
O4 - HKCU\..\policies\Explorer: [HonorAutoRunSetting] Data=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - Global Startup: Dell Remote Access.lnk - c:\Windows\Installer\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll,201
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11)
O11 - Options group: [accessibility] Accessibility - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [browse] Browsing - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [crypto] Security - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [http] HTTP 1.1 settings - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [international] International - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [multimedia] Multimedia - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [print] Printing - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [searching] Search from the Address bar - C:\Windows\SysWOW64\inetcpl.cpl
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file)
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea RT Filters Service (AERTFilters) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: (AMD External Events Utility) - C:\Windows\system32\atiesrxx.exe
O23 - Service: Remote Access Media Server (Apache2.2) - C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe" -k runservice
O23 - Service: Dock Login Service (DockLoginService) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Remote Access DB (dsl-db) - C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe" "--defaults-file=C:\Program Files (x86)\Common Files\Dell\MySQL\my.ini" dsl-db
O23 - Service: Remote Access File Sync Service (dsl-fs-sync) - C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
O23 - Service: Advanced Networking Service (hnmsvc) - c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Proxy Service (McProxy) - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: SessionLauncher (SessionLauncher) - c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - C:\Windows\system32\sppsvc.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McDefragTask.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McQcTask.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: McAfee Inc. mfehidk (mfehidk) - C:\WINDOWS\system32\drivers\mfehidk.sys
O41 - Driver: MPFP (MPFP) - C:\WINDOWS\System32\Drivers\Mpfp.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBT (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: RxFilter (RxFilter) - C:\WINDOWS\system32\DRIVERS\RxFilter.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - C:\WINDOWS\System32\drivers\tcpip.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Virtual PC Network Filter Driver (vpcnfltr) - C:\WINDOWS\system32\DRIVERS\vpcnfltr.sys
O41 - Driver: @%SystemRoot%\system32\drivers\vpcvmm.sys,-100 (vpcvmm) - C:\WINDOWS\system32\drivers\vpcvmm.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.1.2 - Français
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BattleForge™
O42 - Logiciel: Catalyst Control Center - Branding
O42 - Logiciel: Dell Getting Started Guide
O42 - Logiciel: Dell Remote Access
O42 - Logiciel: DirectXInstallService
O42 - Logiciel: EMC 10 Content
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Half-Life 2
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: List_Kill'em 1.1.7.1
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: MapleStory
O42 - Logiciel: McAfee SecurityCenter
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French)
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Mozilla Firefox (3.5.7)
O42 - Logiciel: Multimedia Card Reader
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Pando Media Booster
O42 - Logiciel: Portal
O42 - Logiciel: PowerDVD DX
O42 - Logiciel: Project64 1.6
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Roxio Activation Module
O42 - Logiciel: Roxio BackOnTrack
O42 - Logiciel: Roxio Central Audio
O42 - Logiciel: Roxio Central Copy
O42 - Logiciel: Roxio Central Core
O42 - Logiciel: Roxio Central Data
O42 - Logiciel: Roxio Central Tools
O42 - Logiciel: Roxio Easy CD and DVD Burning
O42 - Logiciel: Roxio Express Labeler 3
O42 - Logiciel: Roxio Update Manager
O42 - Logiciel: Sonic CinePlayer Decoder Pack
O42 - Logiciel: Steam
O42 - Logiciel: System Requirements Lab
O42 - Logiciel: Team Fortress 2 Dedicated Server
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Zombie Panic! Source
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell Remote Access
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Electronic Arts
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee.com
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Multimedia Card Reader(9106)
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Pando Networks
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Project64 1.6
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Roxio
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Steam
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\trend micro
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Virtual PC
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Dell
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Roxio Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Steam
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SureThing Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Windows Live
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/01/2010 - 16:22:30 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.C92C272056C56D7516CF43B1E508AD95] - 10/01/2010 - 15:06:07 ---A- C:\UsbFix.txt
O44 - LFC:[MD5.E0BA701038AEBAF5DA6BB473FC6FFD36] - 10/01/2010 - 14:55:11 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.81FDF5FF722F0B6EFDD61655ABA6DD62] - 10/01/2010 - 14:55:10 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.F331DC45554A48B6CD97CA77FA7C5E3F] - 10/01/2010 - 14:55:02 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.FBB6C107D950D246C2DE7AD3836D55C5] - 10/01/2010 - 14:47:12 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.C7F67F0DEABC2C05526FF97B2DDD92C0] - 09/01/2010 - 04:33:46 ---A- C:\List'em.txt
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.6753A9078412FDF6F92F9C9911292112] - 06/01/2010 - 14:31:09 ---A- C:\Windows\System32\jupdate-1.6.0_17-b04.log
O44 - LFC:[MD5.2700052EBBE79D97F0432BF42831146A] - 05/01/2010 - 22:53:23 ---A- C:\voila.txt
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/01/2010 - 17:56:48 ---A- C:\Windows\System32\config.nt
O44 - LFC:[MD5.9B7DE9CC97E445360A9FA27F1DD5D58D] - 05/01/2010 - 17:51:11 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.EF69F0590E91C1D1BC0FA86FB3A06980] - 05/01/2010 - 17:29:52 ---A- C:\Windows\msxml4-KB973688-enu.LOG
O44 - LFC:[MD5.DA8242ED87E59B698E4C802D76BA49EB] - 05/01/2010 - 17:29:39 ---A- C:\Windows\msxml4-KB954430-enu.LOG
O44 - LFC:[MD5.41AA41BC2F30F7D1468FD2589E46C4D2] - 04/01/2010 - 15:19:49 ---A- C:\Windows\System32\license.rtf
O44 - LFC:[MD5.96D01BC23E9010969C9A9FF4F04F49A3] - 23/12/2009 - 00:34:16 ---A- C:\Windows\csup.txt
O44 - LFC:[MD5.C96E64B45A0ED0D098739468135D9431] - 23/12/2009 - 00:34:16 R-HA- C:\dell.sdr
O44 - LFC:[MD5.C96E64B45A0ED0D098739468135D9431] - 23/12/2009 - 00:31:23 ---A- C:\Windows\System32\drivers\1028_Dell_STU_8000.mrk
O44 - LFC:[MD5.995F14FDFFD289DABD71475D592BC3F5] - 22/12/2009 - 23:03:35 ---A- C:\Windows\DtcInstall.log
O44 - LFC:[MD5.5823CD6046B150E249FFDE2E34D96444] - 22/12/2009 - 22:53:10 ---A- C:\Windows\xpsp1hfm.log
O44 - LFC:[MD5.E3A5C535544B17907B55CE7DEB78FC71] - 22/12/2009 - 15:38:16 ---A- C:\Windows\TSSysprep.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/12/2009 - 15:37:43 ---A- C:\Windows\ativpsrm.bin
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file)
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea RT Filters Service (AERTFilters) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: (AMD External Events Utility) - C:\Windows\system32\atiesrxx.exe
O23 - Service: Remote Access Media Server (Apache2.2) - C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe" -k runservice
O23 - Service: Dock Login Service (DockLoginService) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Remote Access DB (dsl-db) - C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe" "--defaults-file=C:\Program Files (x86)\Common Files\Dell\MySQL\my.ini" dsl-db
O23 - Service: Remote Access File Sync Service (dsl-fs-sync) - C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
O23 - Service: Advanced Networking Service (hnmsvc) - c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Proxy Service (McProxy) - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: SessionLauncher (SessionLauncher) - c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - C:\Windows\system32\sppsvc.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McDefragTask.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McQcTask.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: McAfee Inc. mfehidk (mfehidk) - C:\WINDOWS\system32\drivers\mfehidk.sys
O41 - Driver: MPFP (MPFP) - C:\WINDOWS\System32\Drivers\Mpfp.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBT (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: RxFilter (RxFilter) - C:\WINDOWS\system32\DRIVERS\RxFilter.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - C:\WINDOWS\System32\drivers\tcpip.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Virtual PC Network Filter Driver (vpcnfltr) - C:\WINDOWS\system32\DRIVERS\vpcnfltr.sys
O41 - Driver: @%SystemRoot%\system32\drivers\vpcvmm.sys,-100 (vpcvmm) - C:\WINDOWS\system32\drivers\vpcvmm.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.1.2 - Français
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BattleForge™
O42 - Logiciel: Catalyst Control Center - Branding
O42 - Logiciel: Dell Getting Started Guide
O42 - Logiciel: Dell Remote Access
O42 - Logiciel: DirectXInstallService
O42 - Logiciel: EMC 10 Content
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Half-Life 2
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: List_Kill'em 1.1.7.1
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: MapleStory
O42 - Logiciel: McAfee SecurityCenter
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French)
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Mozilla Firefox (3.5.7)
O42 - Logiciel: Multimedia Card Reader
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Pando Media Booster
O42 - Logiciel: Portal
O42 - Logiciel: PowerDVD DX
O42 - Logiciel: Project64 1.6
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Roxio Activation Module
O42 - Logiciel: Roxio BackOnTrack
O42 - Logiciel: Roxio Central Audio
O42 - Logiciel: Roxio Central Copy
O42 - Logiciel: Roxio Central Core
O42 - Logiciel: Roxio Central Data
O42 - Logiciel: Roxio Central Tools
O42 - Logiciel: Roxio Easy CD and DVD Burning
O42 - Logiciel: Roxio Express Labeler 3
O42 - Logiciel: Roxio Update Manager
O42 - Logiciel: Sonic CinePlayer Decoder Pack
O42 - Logiciel: Steam
O42 - Logiciel: System Requirements Lab
O42 - Logiciel: Team Fortress 2 Dedicated Server
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Zombie Panic! Source
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell Remote Access
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Electronic Arts
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee.com
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Multimedia Card Reader(9106)
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Pando Networks
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Project64 1.6
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Roxio
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Steam
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\trend micro
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Virtual PC
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Dell
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Roxio Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Steam
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SureThing Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Windows Live
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/01/2010 - 16:22:30 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.C92C272056C56D7516CF43B1E508AD95] - 10/01/2010 - 15:06:07 ---A- C:\UsbFix.txt
O44 - LFC:[MD5.E0BA701038AEBAF5DA6BB473FC6FFD36] - 10/01/2010 - 14:55:11 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.81FDF5FF722F0B6EFDD61655ABA6DD62] - 10/01/2010 - 14:55:10 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.F331DC45554A48B6CD97CA77FA7C5E3F] - 10/01/2010 - 14:55:02 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.FBB6C107D950D246C2DE7AD3836D55C5] - 10/01/2010 - 14:47:12 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.C7F67F0DEABC2C05526FF97B2DDD92C0] - 09/01/2010 - 04:33:46 ---A- C:\List'em.txt
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.6753A9078412FDF6F92F9C9911292112] - 06/01/2010 - 14:31:09 ---A- C:\Windows\System32\jupdate-1.6.0_17-b04.log
O44 - LFC:[MD5.2700052EBBE79D97F0432BF42831146A] - 05/01/2010 - 22:53:23 ---A- C:\voila.txt
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/01/2010 - 17:56:48 ---A- C:\Windows\System32\config.nt
O44 - LFC:[MD5.9B7DE9CC97E445360A9FA27F1DD5D58D] - 05/01/2010 - 17:51:11 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.EF69F0590E91C1D1BC0FA86FB3A06980] - 05/01/2010 - 17:29:52 ---A- C:\Windows\msxml4-KB973688-enu.LOG
O44 - LFC:[MD5.DA8242ED87E59B698E4C802D76BA49EB] - 05/01/2010 - 17:29:39 ---A- C:\Windows\msxml4-KB954430-enu.LOG
O44 - LFC:[MD5.41AA41BC2F30F7D1468FD2589E46C4D2] - 04/01/2010 - 15:19:49 ---A- C:\Windows\System32\license.rtf
O44 - LFC:[MD5.96D01BC23E9010969C9A9FF4F04F49A3] - 23/12/2009 - 00:34:16 ---A- C:\Windows\csup.txt
O44 - LFC:[MD5.C96E64B45A0ED0D098739468135D9431] - 23/12/2009 - 00:34:16 R-HA- C:\dell.sdr
O44 - LFC:[MD5.C96E64B45A0ED0D098739468135D9431] - 23/12/2009 - 00:31:23 ---A- C:\Windows\System32\drivers\1028_Dell_STU_8000.mrk
O44 - LFC:[MD5.995F14FDFFD289DABD71475D592BC3F5] - 22/12/2009 - 23:03:35 ---A- C:\Windows\DtcInstall.log
O44 - LFC:[MD5.5823CD6046B150E249FFDE2E34D96444] - 22/12/2009 - 22:53:10 ---A- C:\Windows\xpsp1hfm.log
O44 - LFC:[MD5.E3A5C535544B17907B55CE7DEB78FC71] - 22/12/2009 - 15:38:16 ---A- C:\Windows\TSSysprep.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/12/2009 - 15:37:43 ---A- C:\Windows\ativpsrm.bin
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=128
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=128
O56 - MWPE:[HKCU\...\Policies\Explorer] - "HonorAutoRunSetting"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=128
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=128
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.115DA220149517A247A9C7AFF7E73B9C] - 10/06/2009 - 17:21:26 ---A- C:\Windows\system32\drivers\packet.sys
O58 - SDL:[MD5.AA097220EFC843A0581DFC06D082D4AF] - 26/06/2009 - 11:27:28 ---A- C:\Windows\system32\drivers\RxFilter.sys
O58 - SDL:[MD5.5CF95B35E59E2A38023836FFF31BE64C] - 13/07/2009 - 20:19:10 ---A- C:\Windows\system32\drivers\wimmount.sys
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: ZHPDiag 1.24
O63 - Logiciel: RSIT
O63 - Logiciel: UsbFix
End of the scan: 482 lines
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=128
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=128
O56 - MWPE:[HKCU\...\Policies\Explorer] - "HonorAutoRunSetting"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=128
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=128
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.115DA220149517A247A9C7AFF7E73B9C] - 10/06/2009 - 17:21:26 ---A- C:\Windows\system32\drivers\packet.sys
O58 - SDL:[MD5.AA097220EFC843A0581DFC06D082D4AF] - 26/06/2009 - 11:27:28 ---A- C:\Windows\system32\drivers\RxFilter.sys
O58 - SDL:[MD5.5CF95B35E59E2A38023836FFF31BE64C] - 13/07/2009 - 20:19:10 ---A- C:\Windows\system32\drivers\wimmount.sys
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: ZHPDiag 1.24
O63 - Logiciel: RSIT
O63 - Logiciel: UsbFix
End of the scan: 482 lines
recu
je vais devoir vérifier ca de chez moi demain, mais de mémoire encore je crois que l'essentiel était fait (n'ayant plus le sujet précédent)
comment va le pc ?
je vais devoir vérifier ca de chez moi demain, mais de mémoire encore je crois que l'essentiel était fait (n'ayant plus le sujet précédent)
comment va le pc ?
Le pc va bien, cest juste que je ne voulais pas qu'il i ai de trojan pour que des gens se co a mon pc, ou de keylogger +_+ ...
hum... je jouais a un jeux, et quand je suis retourner sur le deskop... i avais une autre page internet ouverte et cetait sa http://maplestory.fileave.com/vengeance.html +_+
(sourire)
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1
ca je reconnais qu'il va falloir trouver ton code
en revanche L_K ^^ ...celui là je le connais
Jesus Le Criss
désinstalles et supprimes killem qui a été remis à jour
retélécharges le ici http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe
puis
▶ Relance List&Kill'em avec le raccourci sur ton bureau ,
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta reponse
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1
ca je reconnais qu'il va falloir trouver ton code
en revanche L_K ^^ ...celui là je le connais
Jesus Le Criss
désinstalles et supprimes killem qui a été remis à jour
retélécharges le ici http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe
puis
▶ Relance List&Kill'em avec le raccourci sur ton bureau ,
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta reponse
Voila le rapport, mais juste une question, on dirais que vous le connaissez :p, est ce un virus dangeureux ?
Kill'em by g3n-h@ckm@n 1.1.8.0
User : Jesus (Administrateurs) # JESUS-PC
Update on 09/12/2009 by g3n-h@ckm@n ::::: 12:20
Start at: 19:27:00 | 2010-01-10
Contact : g3n-h@ckm@n sur CCM
Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 451,07 Go (403,07 Go free) [OS] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Steam\Steam.exe
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
c:\PROGRA~2\mcafee\VIRUSS~1\mcvsshld.exe
C:\Nexon\MapleStory\MapleStory.exe
C:\Program Files (x86)\List_Kill'em\List_Kill'em.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Jesus\AppData\Local\Temp\CA93.tmp\pv.exe
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
"C:\Windows\Sysnative\taskhost.exe"
C:\Windows\Tasks\McDefragTask.job
C:\Windows\Tasks\McQcTask.job
¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :
Quarantine :
McDefragTask.job.Kill'em
McQcTask.job.Kill'em
==============
host file OK !
==============
========
Registry
========
============
Disk Cleaned
============
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Kill'em by g3n-h@ckm@n 1.1.8.0
User : Jesus (Administrateurs) # JESUS-PC
Update on 09/12/2009 by g3n-h@ckm@n ::::: 12:20
Start at: 19:27:00 | 2010-01-10
Contact : g3n-h@ckm@n sur CCM
Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 451,07 Go (403,07 Go free) [OS] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Steam\Steam.exe
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
c:\PROGRA~2\mcafee\VIRUSS~1\mcvsshld.exe
C:\Nexon\MapleStory\MapleStory.exe
C:\Program Files (x86)\List_Kill'em\List_Kill'em.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Jesus\AppData\Local\Temp\CA93.tmp\pv.exe
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
"C:\Windows\Sysnative\taskhost.exe"
C:\Windows\Tasks\McDefragTask.job
C:\Windows\Tasks\McQcTask.job
¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :
Quarantine :
McDefragTask.job.Kill'em
McQcTask.job.Kill'em
==============
host file OK !
==============
========
Registry
========
============
Disk Cleaned
============
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
non jai oublier :p mais je suis adinistrateur... mais bon juste au cas ou je reposte un rapport avec le clique droit
Kill'em by g3n-h@ckm@n 1.1.8.0
User : Jesus (Administrateurs) # JESUS-PC
Update on 09/12/2009 by g3n-h@ckm@n ::::: 12:20
Start at: 20:27:46 | 2010-01-10
Contact : g3n-h@ckm@n sur CCM
Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 451,07 Go (403,11 Go free) [OS] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Steam\Steam.exe
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
c:\PROGRA~2\mcafee\VIRUSS~1\mcvsshld.exe
C:\Nexon\MapleStory\MapleStory.exe
C:\Program Files (x86)\List_Kill'em\List_Kill'em.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Jesus\AppData\Local\Temp\AAF4.tmp\pv.exe
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
"C:\Windows\Sysnative\taskhost.exe"
¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :
Quarantine :
==============
host file OK !
==============
========
Registry
========
============
Disk Cleaned
============
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Kill'em by g3n-h@ckm@n 1.1.8.0
User : Jesus (Administrateurs) # JESUS-PC
Update on 09/12/2009 by g3n-h@ckm@n ::::: 12:20
Start at: 20:27:46 | 2010-01-10
Contact : g3n-h@ckm@n sur CCM
Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 451,07 Go (403,11 Go free) [OS] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Steam\Steam.exe
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
c:\PROGRA~2\mcafee\VIRUSS~1\mcvsshld.exe
C:\Nexon\MapleStory\MapleStory.exe
C:\Program Files (x86)\List_Kill'em\List_Kill'em.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Jesus\AppData\Local\Temp\AAF4.tmp\pv.exe
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
"C:\Windows\Sysnative\taskhost.exe"
¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :
Quarantine :
==============
host file OK !
==============
========
Registry
========
============
Disk Cleaned
============
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
▶ Relance ZHPDiag ( Clic droit " Executer en tant qu'administrateur " sous vista )
▶ fais un scan puis cette fois-ci cliques sur l'icone en forme d'écusson vert "ZHPFix".
▶ ZHPFix se lancera, clique maintenant sur le "H" bleu ( coller les lignes helper )
▶ copie/colle ce qui se trouve en gras ci-dessous :
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1
▶ Clique sur "Ok" , puis "Tous" et enfin "Nettoyer".
▶ Copie/Colle le rapport à l'écran dans ton prochain message
ensuite :
fais un scan complet avec Malwarebytes apres mise a jour
▶ fais un scan puis cette fois-ci cliques sur l'icone en forme d'écusson vert "ZHPFix".
▶ ZHPFix se lancera, clique maintenant sur le "H" bleu ( coller les lignes helper )
▶ copie/colle ce qui se trouve en gras ci-dessous :
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1
▶ Clique sur "Ok" , puis "Tous" et enfin "Nettoyer".
▶ Copie/Colle le rapport à l'écran dans ton prochain message
ensuite :
fais un scan complet avec Malwarebytes apres mise a jour
Fichier d'export Registre : C:\ZHPExportRegistry-10-01-2010-21-00-48.txt
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Processus mémoire :
(Néant)
Module mémoire :
(Néant)
Clé du Registre :
(Néant)
Valeur du Registre :
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1 => Valeur supprimée avec succès
Elément de données du Registre :
(Néant)
Dossier :
(Néant)
Fichier :
(Néant)
Logiciel :
(Néant)
Script Registre :
(Néant)
Autre :
(Néant)
Récapitulatif :
Processus mémoire : 0
Module mémoire : 0
Clé du Registre : 0
Valeur du Registre : 1
Elément de données du Registre : 0
Dossier : 0
Fichier : 0
Logiciel : 0
Autre : 0
End of the scan
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Processus mémoire :
(Néant)
Module mémoire :
(Néant)
Clé du Registre :
(Néant)
Valeur du Registre :
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1 => Valeur supprimée avec succès
Elément de données du Registre :
(Néant)
Dossier :
(Néant)
Fichier :
(Néant)
Logiciel :
(Néant)
Script Registre :
(Néant)
Autre :
(Néant)
Récapitulatif :
Processus mémoire : 0
Module mémoire : 0
Clé du Registre : 0
Valeur du Registre : 1
Elément de données du Registre : 0
Dossier : 0
Fichier : 0
Logiciel : 0
Autre : 0
End of the scan
