Programmes qui ne s'ouvrent pas
Résolu/Fermé
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
-
10 janv. 2010 à 23:50
gen-hackman - 13 janv. 2010 à 00:19
gen-hackman - 13 janv. 2010 à 00:19
A voir également:
- Programmes qui ne s'ouvrent pas
- Cette action ne peut pas être réalisée car le fichier est ouvert dans un autre programme - Guide
- Programmes au démarrage windows 10 - Guide
- Comment fermer un programme qui ne répond pas - Guide
- Le programme à télécharger ci-dessous contient des erreurs et n'est pas complet. corrigez-le et exécutez-le. quel mot de dix lettres est obtenu ? ✓ - Forum Python
- Certains sites ne s'ouvrent pas avec chrome ✓ - Forum Réseaux sociaux
22 réponses
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
12 janv. 2010 à 18:30
12 janv. 2010 à 18:30
bonjour
pourtant ceci ne va pas
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Default user')
il serait bien d'avoir le rapport MBAM
en attendant fais ceci
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancer seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
pourtant ceci ne va pas
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Default user')
il serait bien d'avoir le rapport MBAM
en attendant fais ceci
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancer seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
12 janv. 2010 à 21:37
12 janv. 2010 à 21:37
▶ Relance List&Kill'em avec le raccourci sur ton bureau ,
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta reponse
........
ensuite
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta reponse
........
ensuite
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
nikko77
Messages postés
1049
Date d'inscription
vendredi 25 avril 2008
Statut
Membre
Dernière intervention
14 août 2017
127
11 janv. 2010 à 01:52
11 janv. 2010 à 01:52
ca sent mauvais ton histoire la ....
As tu fais un scan COMPLET de ton pc avec Kaspersky?
As tu fais un scan COMPLET de ton pc avec Kaspersky?
bonjour
clic droit en bas a droite sur la barre d'icones
puis gestionnaire de taches puis processus trouve explorer.exe clic droit dessus puis supprimer puis en bas a droite dans le gestionnaire cliquer nouvelle tache et taper explorer.exe puis fichier quitter le gestionnaire de taches
et redemarrer
clic droit en bas a droite sur la barre d'icones
puis gestionnaire de taches puis processus trouve explorer.exe clic droit dessus puis supprimer puis en bas a droite dans le gestionnaire cliquer nouvelle tache et taper explorer.exe puis fichier quitter le gestionnaire de taches
et redemarrer
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
11 janv. 2010 à 17:48
11 janv. 2010 à 17:48
Alors oui Nikko77 j'ai fait un scan complet et il n'a rien trouvé, et j'ai testé rainure et ça n'a marché que 30sec, c'est à dire que j'ai cliqué sur un des logiciels concernés et il s'est lancé, mais dès que je l'ai fermé pour en ouvrir d'autres non seulement je n'ai pas pu le refaire, mais en plus je ne pouvait même plus réouvrir le premier. :s
nikko77
Messages postés
1049
Date d'inscription
vendredi 25 avril 2008
Statut
Membre
Dernière intervention
14 août 2017
127
11 janv. 2010 à 21:22
11 janv. 2010 à 21:22
télécharge malwarebyte, fais les maj et lance le scan.
Sinon tente une restauration du système avant que le problème ne surgisse
Sinon tente une restauration du système avant que le problème ne surgisse
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
11 janv. 2010 à 23:09
11 janv. 2010 à 23:09
J'ai fait comme tu m'as conseillé, Malwarebyte m'a trouvé 11 problèmes qu'il a réparé, et pourtant toujours rien.
elmoctarr9
Messages postés
170
Date d'inscription
dimanche 30 mars 2008
Statut
Membre
Dernière intervention
26 mai 2013
21
11 janv. 2010 à 23:36
11 janv. 2010 à 23:36
Tu dois etre infecté par un mechant virus on dirait essaye hijackthis. tu fais un scan apres tu auras un rapport que tu va apres poster sur le site de hijackthis.
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 17:05
12 janv. 2010 à 17:05
Voila mon rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:08, on 12/01/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Marmot Project\TheTurtle v5.0.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Xfire\Xfire.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [The Turtle] C:\Program Files\Marmot Project\TheTurtle v5.0.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:08, on 12/01/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Marmot Project\TheTurtle v5.0.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Xfire\Xfire.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [The Turtle] C:\Program Files\Marmot Project\TheTurtle v5.0.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 21:29
12 janv. 2010 à 21:29
Bonsoir, merci de m'aider d'abord, et voila le rapport.
List'em by g3n-h@ckm@n 1.1.8.1
Thx to El Desaparecido.....& CCM team
User : Yassine (Administrateurs) # YASSINE-PC
Update on 11/12/2009 by g3n-h@ckm@n ::::: 19:25
Start at: 20:52:36 | 12/01/2010
Contact : g3n-h@ckm@n sur CCM
Intel(R) Pentium(R) D CPU 3.40GHz
Microsoft Windows 7 Édition Familiale Basique (6.1.7600 32-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 148,91 Go (7,88 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Marmot Project\TheTurtle v5.0.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Yassine\AppData\Local\Temp\F634.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Google Update REG_SZ "C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
The Turtle REG_SZ C:\Program Files\Marmot Project\TheTurtle v5.0.exe
FileHippo.com REG_SZ "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
IgfxTray REG_SZ C:\Windows\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\Windows\system32\hkcmd.exe
Persistence REG_SZ C:\Windows\system32\igfxpers.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
TkBellExe REG_SZ "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
AVP REG_SZ "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
ConsentPromptBehaviorAdmin REG_DWORD 0 (0x0)
ConsentPromptBehaviorUser REG_DWORD 3 (0x3)
EnableInstallerDetection REG_DWORD 1 (0x1)
EnableLUA REG_DWORD 0 (0x0)
EnableSecureUIAPaths REG_DWORD 1 (0x1)
EnableUIADesktopToggle REG_DWORD 0 (0x0)
EnableVirtualization REG_DWORD 1 (0x1)
PromptOnSecureDesktop REG_DWORD 0 (0x0)
ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0 (0x0)
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
FilterAdministratorToken REG_DWORD 0 (0x0)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\klogon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{7530BFB8-7293-4D34-9923-61A11451AFC5}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1DF6A8F6-5048-323F-8758-DA533CE0F07E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{547DCEAA-FBC9-1B84-BE69-D102B3146631}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x3
SharedAccess : 0x4
windefend : 0x2
wuauserv : 0x2
wscsvc : 0x2
=========
=======
Drive :
=======
D‚fragmenteur de disque Microsoft
Copyright (c) 2007 Microsoft Corp.
Invocation de analyse sur (C:)...
L'op‚ration a r‚ussi.
Post Defragmentation Report:
Informations sur le volumeÿ:
Taille du volume = 148,91 Go
Espace libre = 7,89 Go
Quantit‚ totale d'espace fragment‚ = 3%
Taille maximale d'espace libre = 740,43 Mo
Remarqueÿ: les fragments de fichier de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.
Il n'est pas n‚cessaire de d‚fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
C:\Program Files\Burn4Free
C:\Windows\System32\b4fm.dll
C:\Windows\System32\rezumatenoi.dat
C:\Windows\System32\SIntf16.dll
C:\Windows\System32\x64
C:\Users\Yassine\Application Data\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk
¤¤¤¤¤¤¤¤¤¤ Keys :
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\Arrakis3.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdagent.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdreinit.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdsubwiz.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdwizreg.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\livesrv.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\seccenter.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\uiscan.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\upgrepl.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\vsserv.exe"
================
Other infections
================
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-12 21:18:42
Windows 6.1.7600 NTFS
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
malicious code @ sector 0x12525d3e size 0x1e8 !
==========
Programs
==========
Adobe
Apple Software Update
AviSynth 2.5
Bonjour
Burn4Free
Cheat Engine
Common Files
Counter-Strike Source
Curse
DAEMON Tools Lite
desktop.ini
DivX
DVD Maker
eRightSoft
Fichiers communs
FileHippo.com
InstallShield Installation Information
Intel
Internet Explorer
IObit
iPod
iTunes
Java
JDownloader
JRE
Kaspersky Lab
List_Kill'em
ma-config.com
Malwarebytes' Anti-Malware
Marmot Project
Messenger Plus! Live
Microsoft
Microsoft Games
Microsoft Silverlight
Mozilla Firefox
MSBuild
OpenOffice.org 3
Opera
QuickTime
Real
RealVNC
Reference Assemblies
Skype
Sony
Trend Micro
Uninstall Information
VideoLAN
Virtual Dimension
Warcraft III
WBFS
Windows Defender
Windows Live
Windows Live SkyDrive
Windows Mail
Windows Media Player
Windows NT
Windows Photo Viewer
Windows Portable Devices
Windows Sidebar
WinRAR
WorldOfGoo
WowCartographe
Xfire
Xvid
============
Lecteur C:
============
$Recycle.Bin
a07150629c0179c498
autoexec.bat
bdlog.txt
Boot
Boot.BAK
Boot.ini.saved
Bootfont.bin
bootmgr
BOOTSECT.BAK
bootsqm.dat
Config.Msi
config.sys
Dell
divx
Doc
Documents and Settings
hiberfil.sys
Intel
IO.SYS
Kill'em
List'em.txt
Logs
MDL 2.0 Debug.txt
MSDOS.SYS
NTDETECT.COM
ntldr
pagefile.sys
PerfLogs
Program Files
ProgramData
Recovery
RECYCLER
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmdata04.sqm
sqmdata05.sqm
sqmdata06.sqm
sqmdata07.sqm
sqmdata08.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
sqmnoopt03.sqm
sqmnoopt04.sqm
sqmnoopt05.sqm
sqmnoopt06.sqm
sqmnoopt07.sqm
sqmnoopt08.sqm
System Volume Information
tempwave.tmp
Users
Windows
wmdm.log
¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials
C:\Program Files\Warcraft III\Patch.txt
C:\Users\Public\Games\World of Warcraft\Patch.html
C:\Users\Public\Games\World of Warcraft\Patch.txt
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
List'em by g3n-h@ckm@n 1.1.8.1
Thx to El Desaparecido.....& CCM team
User : Yassine (Administrateurs) # YASSINE-PC
Update on 11/12/2009 by g3n-h@ckm@n ::::: 19:25
Start at: 20:52:36 | 12/01/2010
Contact : g3n-h@ckm@n sur CCM
Intel(R) Pentium(R) D CPU 3.40GHz
Microsoft Windows 7 Édition Familiale Basique (6.1.7600 32-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 148,91 Go (7,88 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Marmot Project\TheTurtle v5.0.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Yassine\AppData\Local\Temp\F634.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Google Update REG_SZ "C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
The Turtle REG_SZ C:\Program Files\Marmot Project\TheTurtle v5.0.exe
FileHippo.com REG_SZ "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
IgfxTray REG_SZ C:\Windows\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\Windows\system32\hkcmd.exe
Persistence REG_SZ C:\Windows\system32\igfxpers.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
TkBellExe REG_SZ "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
AVP REG_SZ "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
ConsentPromptBehaviorAdmin REG_DWORD 0 (0x0)
ConsentPromptBehaviorUser REG_DWORD 3 (0x3)
EnableInstallerDetection REG_DWORD 1 (0x1)
EnableLUA REG_DWORD 0 (0x0)
EnableSecureUIAPaths REG_DWORD 1 (0x1)
EnableUIADesktopToggle REG_DWORD 0 (0x0)
EnableVirtualization REG_DWORD 1 (0x1)
PromptOnSecureDesktop REG_DWORD 0 (0x0)
ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0 (0x0)
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
FilterAdministratorToken REG_DWORD 0 (0x0)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\klogon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{7530BFB8-7293-4D34-9923-61A11451AFC5}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1DF6A8F6-5048-323F-8758-DA533CE0F07E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{547DCEAA-FBC9-1B84-BE69-D102B3146631}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x3
SharedAccess : 0x4
windefend : 0x2
wuauserv : 0x2
wscsvc : 0x2
=========
=======
Drive :
=======
D‚fragmenteur de disque Microsoft
Copyright (c) 2007 Microsoft Corp.
Invocation de analyse sur (C:)...
L'op‚ration a r‚ussi.
Post Defragmentation Report:
Informations sur le volumeÿ:
Taille du volume = 148,91 Go
Espace libre = 7,89 Go
Quantit‚ totale d'espace fragment‚ = 3%
Taille maximale d'espace libre = 740,43 Mo
Remarqueÿ: les fragments de fichier de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.
Il n'est pas n‚cessaire de d‚fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
C:\Program Files\Burn4Free
C:\Windows\System32\b4fm.dll
C:\Windows\System32\rezumatenoi.dat
C:\Windows\System32\SIntf16.dll
C:\Windows\System32\x64
C:\Users\Yassine\Application Data\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk
¤¤¤¤¤¤¤¤¤¤ Keys :
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\Arrakis3.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdagent.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdreinit.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdsubwiz.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdwizreg.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\livesrv.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\seccenter.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\uiscan.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\upgrepl.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\vsserv.exe"
================
Other infections
================
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-12 21:18:42
Windows 6.1.7600 NTFS
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
malicious code @ sector 0x12525d3e size 0x1e8 !
==========
Programs
==========
Adobe
Apple Software Update
AviSynth 2.5
Bonjour
Burn4Free
Cheat Engine
Common Files
Counter-Strike Source
Curse
DAEMON Tools Lite
desktop.ini
DivX
DVD Maker
eRightSoft
Fichiers communs
FileHippo.com
InstallShield Installation Information
Intel
Internet Explorer
IObit
iPod
iTunes
Java
JDownloader
JRE
Kaspersky Lab
List_Kill'em
ma-config.com
Malwarebytes' Anti-Malware
Marmot Project
Messenger Plus! Live
Microsoft
Microsoft Games
Microsoft Silverlight
Mozilla Firefox
MSBuild
OpenOffice.org 3
Opera
QuickTime
Real
RealVNC
Reference Assemblies
Skype
Sony
Trend Micro
Uninstall Information
VideoLAN
Virtual Dimension
Warcraft III
WBFS
Windows Defender
Windows Live
Windows Live SkyDrive
Windows Mail
Windows Media Player
Windows NT
Windows Photo Viewer
Windows Portable Devices
Windows Sidebar
WinRAR
WorldOfGoo
WowCartographe
Xfire
Xvid
============
Lecteur C:
============
$Recycle.Bin
a07150629c0179c498
autoexec.bat
bdlog.txt
Boot
Boot.BAK
Boot.ini.saved
Bootfont.bin
bootmgr
BOOTSECT.BAK
bootsqm.dat
Config.Msi
config.sys
Dell
divx
Doc
Documents and Settings
hiberfil.sys
Intel
IO.SYS
Kill'em
List'em.txt
Logs
MDL 2.0 Debug.txt
MSDOS.SYS
NTDETECT.COM
ntldr
pagefile.sys
PerfLogs
Program Files
ProgramData
Recovery
RECYCLER
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmdata04.sqm
sqmdata05.sqm
sqmdata06.sqm
sqmdata07.sqm
sqmdata08.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
sqmnoopt03.sqm
sqmnoopt04.sqm
sqmnoopt05.sqm
sqmnoopt06.sqm
sqmnoopt07.sqm
sqmnoopt08.sqm
System Volume Information
tempwave.tmp
Users
Windows
wmdm.log
¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials
C:\Program Files\Warcraft III\Patch.txt
C:\Users\Public\Games\World of Warcraft\Patch.html
C:\Users\Public\Games\World of Warcraft\Patch.txt
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 22:29
12 janv. 2010 à 22:29
J'ai executé L&K avec succès, par contre RSIT lorsque je le lance après avoir cliqué sur "Continuer", il m'affiche un message d'erreur
"AutoIt Error
Line-1:
Error: Variable used without being declared."
"AutoIt Error
Line-1:
Error: Variable used without being declared."
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
12 janv. 2010 à 22:35
12 janv. 2010 à 22:35
ok
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
postes le rapport en trois fois car il est long et je ne peux le consulter que du forum
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
postes le rapport en trois fois car il est long et je ne peux le consulter que du forum
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 22:41
12 janv. 2010 à 22:41
Rapport de ZHPDiag v1.24.43 par Nicolas Coolman
Run by Yassine at 12/01/2010 22:37:40
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows 7 Home Basic
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox (3.5.6)
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (43% free)
System drive C: has 8 GB (5%) free of 149 GB
---\\ Processus lancés
[MD5.68239842340DDFF8993DFD9127553EDA] - C:\Windows\system32\igfxtray.exe
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - C:\Windows\system32\hkcmd.exe
[MD5.CD1102E5D340216138C7F56FA8D26998] - C:\Windows\system32\igfxpers.exe
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.29BE51557A3E686B297BE273EB17CA67] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[MD5.70843CC2A64D44D457472FB5E78209FF] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.A3EFD74C9996DF1FA7FFBCA301B1E43B] - C:\Program Files\Marmot Project\TheTurtle v5.0.exe
[MD5.6A77E3032131B41191C01282BDF3FAF8] - C:\Program Files\FileHippo.com\UpdateChecker.exe
[MD5.EA6EADF6314E43783BA8EEE79F93F73C] - C:\Program Files\Windows Sidebar\sidebar.exe
[MD5.BBA1A5B86134F496B926DDAF247DB871] - C:\Windows\System32\mctadmin.exe
[MD5.557F35D1CA42AEA14A6690E21887A31F] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[MD5.54A47F6B5E09A77E61649109C6A08866] - C:\Windows\System32\svchost.exe
[MD5.3F56903E124E820AEECE6D471583C6C1] - C:\Program Files\Bonjour\mDNSResponder.exe
[MD5.F42309C4191C506B71DB5D1126D26318] - C:\Windows\system32\lsass.exe
[MD5.49B6DD6AB3715B7A67965F17194E98A9] - C:\Windows\System32\spoolsv.exe
[MD5.F3EDC9909A02E6BCA863EB702D37B505] - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
[MD5.622D95520182F6D3D05310D5810CA8B3] - C:\Windows\system32\SearchIndexer.exe
---\\ Pages de recherche de Mozilla Firefox (M1)
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\linkfilter@kaspersky.ru
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [The Turtle] C:\Program Files\Marmot Project\TheTurtle v5.0.exe
O4 - HKCU\..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - Global Startup: Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\kbrd.ico
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\logo.ico
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} () - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui - C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\Windows\system32\klogon.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file)
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" -r
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2399494538-949732695-2384740237-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2399494538-949732695-2384740237-1000UA.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: .NET Framework - {1DF6A8F6-5048-323F-8758-DA533CE0F07E} - (not file)
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10c.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
Run by Yassine at 12/01/2010 22:37:40
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows 7 Home Basic
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox (3.5.6)
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (43% free)
System drive C: has 8 GB (5%) free of 149 GB
---\\ Processus lancés
[MD5.68239842340DDFF8993DFD9127553EDA] - C:\Windows\system32\igfxtray.exe
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - C:\Windows\system32\hkcmd.exe
[MD5.CD1102E5D340216138C7F56FA8D26998] - C:\Windows\system32\igfxpers.exe
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.29BE51557A3E686B297BE273EB17CA67] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[MD5.70843CC2A64D44D457472FB5E78209FF] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.A3EFD74C9996DF1FA7FFBCA301B1E43B] - C:\Program Files\Marmot Project\TheTurtle v5.0.exe
[MD5.6A77E3032131B41191C01282BDF3FAF8] - C:\Program Files\FileHippo.com\UpdateChecker.exe
[MD5.EA6EADF6314E43783BA8EEE79F93F73C] - C:\Program Files\Windows Sidebar\sidebar.exe
[MD5.BBA1A5B86134F496B926DDAF247DB871] - C:\Windows\System32\mctadmin.exe
[MD5.557F35D1CA42AEA14A6690E21887A31F] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[MD5.54A47F6B5E09A77E61649109C6A08866] - C:\Windows\System32\svchost.exe
[MD5.3F56903E124E820AEECE6D471583C6C1] - C:\Program Files\Bonjour\mDNSResponder.exe
[MD5.F42309C4191C506B71DB5D1126D26318] - C:\Windows\system32\lsass.exe
[MD5.49B6DD6AB3715B7A67965F17194E98A9] - C:\Windows\System32\spoolsv.exe
[MD5.F3EDC9909A02E6BCA863EB702D37B505] - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
[MD5.622D95520182F6D3D05310D5810CA8B3] - C:\Windows\system32\SearchIndexer.exe
---\\ Pages de recherche de Mozilla Firefox (M1)
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\linkfilter@kaspersky.ru
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [The Turtle] C:\Program Files\Marmot Project\TheTurtle v5.0.exe
O4 - HKCU\..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - Global Startup: Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\kbrd.ico
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\logo.ico
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} () - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui - C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\Windows\system32\klogon.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file)
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" -r
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2399494538-949732695-2384740237-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2399494538-949732695-2384740237-1000UA.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: .NET Framework - {1DF6A8F6-5048-323F-8758-DA533CE0F07E} - (not file)
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10c.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 22:43
12 janv. 2010 à 22:43
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{0e5ae178-dc51-11de-b7ac-001372d1a711}\Shell\AutoRun\command - E:\autorun.exe
O51 - MPSK:{38b89d3b-e09c-11de-aaf8-001372d1a711}\Shell\AutoRun\command - F:\SETUP.EXE
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.XFR1"="xfcodec.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 6.9.1 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xfcodec.dll"="Xfire video codec [XFR1]"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{0e5ae178-dc51-11de-b7ac-001372d1a711}\Shell\AutoRun\command - E:\autorun.exe
O51 - MPSK:{38b89d3b-e09c-11de-aaf8-001372d1a711}\Shell\AutoRun\command - F:\SETUP.EXE
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.XFR1"="xfcodec.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 6.9.1 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xfcodec.dll"="Xfire video codec [XFR1]"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 22:46
12 janv. 2010 à 22:46
Envoyé par MP.
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 22:47
12 janv. 2010 à 22:47
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 22:48
12 janv. 2010 à 22:48
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 22:54
12 janv. 2010 à 22:54
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
Kleemer
Messages postés
13
Date d'inscription
mardi 6 octobre 2009
Statut
Membre
Dernière intervention
12 janvier 2010
12 janv. 2010 à 23:02
12 janv. 2010 à 23:02
Ah mais apparemment List&Kill'em a réussi a supprimé le problème, je peux réutiliser mes programmes touchés, encore merci =D
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
12 janv. 2010 à 23:04
12 janv. 2010 à 23:04
recu je regarde
desinstalles killem
et retelecharges le là http://sd-1.archive-host.com/membres/up/829108531491024/sup_Key.zip
il a été modifié par rapport à ton infection
fais directement l'option 2 et postes le rapport
desinstalles killem
et retelecharges le là http://sd-1.archive-host.com/membres/up/829108531491024/sup_Key.zip
il a été modifié par rapport à ton infection
fais directement l'option 2 et postes le rapport
