Sujet Précédent Sujet Suivant

Redirection gomeo/topprixnet

Résolu/Fermé
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011 - 16 mars 2011 à 15:49
 Utilisateur anonyme - 26 mars 2011 à 14:05
Bonjour, depuis quelque jours dans le moteur de recherche google je suis parfois
rediriger vers gomeo ou topprixnet.
mon antivirus (microsoft security essentials) ne trouvent rien,pas plus que malwares bytes (avec mises a jour).
si quelqu'un peut m'aider ca serait vraiment sympa.
merci par avance!!!!!!!!!!




82 réponses

Réponse 1 / 82
Utilisateur anonyme
16 mars 2011 à 15:51
Salut



* Télécharge ZHPDiag (de Nicolas coolman)


ICI >> ZHPDiag (de Nicolas coolman)

* Une fois le téléchargement achevé,
* double clique sur ZHPDiag.exe et suis les instructions.
* /!\Utilisateurs de Windows Vista et Windows 7
>> Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
* Laisse toi guider lors de l'installation,
* coche >> créer une icône sur le bureau
* il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport




Membre Contributeur sécurité CCM
0
Réponse 2 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 16:01
merci pour ta reponse!!
pour infos je n'arrive pas a faire la mise a jour microsoft security ni rentrer dans windows update.
par contre j'espere que tu es patient car je ne suis pas expert
allez je me lance......
0
Réponse 3 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 16:12
quand je clique sur deposer le dossier une page s'ouvre et me dit que internet explorer ne peut pas afficher cette page?????????
0
Réponse 4 / 82
Utilisateur anonyme
16 mars 2011 à 17:49
Re



* * Sinon tu postes le rapport en plusieurs parties >> mais en Entier >( Copié/Collé )



Membre Contributeur sécurité CCM
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 17:56
c'est a dire,comment je procede??
0
Réponse 6 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 18:06
Rapport de ZHPDiag v1.27.1704 par Nicolas Coolman, Update du 15/03/2011
Run by fierro at 16/03/2011 16:08:22
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

---\\ System Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 50 GB (69%) free of 72 GB

---\\ Logged in mode
Computer Name: ACER-9DEB84EBB9
User Name: fierro
All Users Names: SUPPORT_388945a0, HelpAssistant, fierro, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Documents and Settings\fierro\Application Data
%LocalAppData%=C:\Documents and Settings\fierro\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\fierro\Menu Démarrer

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 72 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 73 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:04.) -- C:\Windows\Explorer.exe [1037824]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:54.) -- C:\Windows\System32\drivers\ntfs.sys [574976]



---\\ Processus lancés
[MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736]
[MD5.82D8578CB09F4ED668DDD76525D6C1B7] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [90112]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\RUNDLL32.EXE [33792]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
[MD5.1E61596140EC9CCA62E3A7A6AB51159A] - (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe [286720]
[MD5.F3D1C0E1A84B1295BC6401D686964E95] - (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe [114688]
[MD5.65CB183CB14A048ECEA5330994307AE0] - (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe [425984]
[MD5.7622F75E151910EF7355122A8438C899] - (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe [393216]
[MD5.407811B64B588FE80FA2E27E783B41EA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.3588AFA5623BB8844F71F271A7A96669] - (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [634368]
[MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552]
[MD5.9AD31D8018B72E1013CFD012619E0232] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [182272]
[MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112]
[MD5.20BC7169B76BFD41CA21B3B82D501922] - (.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [438272]
[MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.B0C9FFF54F16DF2012F53A34736A0975] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.ABC9091B6D438381DBACFD1A82E0C0EA] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe [282624]
[MD5.682DB04704A74F228A080B31003B6FC6] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe [974848]
[MD5.0B24AB7CC5B7ED2AA7F438A4072459F4] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) -- C:\WINDOWS\system32\nvsvc32.exe [131139]
[MD5.CAF2CCB6E9F5FDBE99EE8904EB9DC506] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe [495616]
[MD5.32CDEDD15E2D1A557CD54552AE78FF86] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008]
[MD5.8E884B0A19679340BFFF5C157075D6B5] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe [53248]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
[MD5.6DFF20574CE7A0FEAEBC40DB4423848A] - (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe [2385456]
[MD5.008020C8CF84F34FAD3B71EF61EA50F8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [639488]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} . (.Trend Media Group - FlashGet Browser Helper Object.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} . (.Orange - IE Toolbar Container.) -- C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [LaunchApp] Clé orpheline
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe
O4 - HKLM\..\Run: [ntiMUI] . (...) -- c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [SNPSTD2] . (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [AspireService] . (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] . (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [EPSON Stylus DX7400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2008.lnk . (.TuneUp Software GmbH.) -- C:\Program Files\TuneUp Utilities 2008\Integrator.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Download all by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: ????3?? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: ????3?????? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Acer Media Server) . (.Acer Inc. - Acer UPnP Media Server Service.) - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: (Orange update Core Service) . (...) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: (TuneUp.Defrag) . (.TuneUp Software GmbH - TuneUp Drive Defrag-Dienst.) - C:\WINDOWS\System32\TuneUpDefragService.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.)



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\System32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl774fbc2c) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3FF76A8D-F76E-4ABE-90CA-AAF8E84672AF}\MpKsl774fbc2c.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: Acer eConsole - (.Pas de propriétaire.) [HKLM] -- {EC028E6B-F3F1-4192-B63E-A7C97302ED5A}
O42 - Logiciel: Acer eMode Management - (.Pas de propriétaire.) [HKLM] -- {65CDEC30-4BF4-48FB-8059-9FC480E4E94F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Athlon 64 Processor Driver - (.Pas de propriétaire.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Pas de propriétaire.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}
O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Easy Photo Print - (.Pas de propriétaire.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}
O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation
O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
O42 - Logiciel: FlashGet 3.5 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet 3.5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150050}
O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: NTI Backup NOW! 4 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: NTI HomeVideo-Maker - (.ArcSoft.) [HKLM] -- {B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier
O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PowerDVD - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: TuneUp Utilities 2008 - (.TuneUp Software.) [HKLM] -- {5888428E-699C-4E71-BF71-94EE06B497DA}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM] -- OrangeToolbarFR
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\Adobe]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Cyberlink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\FlashGet Network]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Orange]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Symantec]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\kde.org]
[HKLM\Software\ABBYY]
[HKLM\Software\AMD]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\FlashGet Network]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Orange]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SymNRT]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\acer]
[HKLM\Software\muvee Technologies]
0
Réponse 7 / 82
Utilisateur anonyme
16 mars 2011 à 18:15
Re

tu sais faire un copié//Collé

*ICI >> copier-coller

Si "oui " tu copies et colles environ la moitié du rapport de ZHPDiag dans ta prochaine réponse


Ensuite tu copies/colles l'autre moitié dans un autre message !!

@+



Membre Contributeur sécurité CCM
0
Réponse 8 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 18:29
je n'arrive plus a coller la suite meme en la reduisant
je ne comprends pas !!!!!!!!!
0
Réponse 9 / 82
Utilisateur anonyme
16 mars 2011 à 18:40
Re


Lis bien !!!!!!!!!!!


1) * Télécharge Defogger (de jpshortstuff) sur ton Bureau
ICI >> Defogger (de jpshortstuff)
* Lance le
* Pour Windows Vista et Windows 7,
* faire un clic droit et >> Exécuter en tant qu'administrateur.
* Une fenêtre apparait : clique sur "Disable"
* Fais redémarrer l'ordinateur si l'outil te le demande


ensuite


ensuite

2) Télécharge Winsockxpfix
ICI Winsockxpfix
sur ton bureau sans l executer au cas tu en aurai besoin aprés tu le télécharges mais ne l éxécute pas sauf si besoin aprés Combofix)


aprés


/!\ Il faut IMPERATIVEMENT désactiver tous tes logiciels de protection(antivirus , antispyware )pour utiliser ce programme/!\


2) * Télécharge ComboFix (de sUBs) .
* sur ton bureau et pas ailleurs


* ICI >> ComboFix (de sUBs)
* Ferme toutes les fenêtres ouvertes

/!\ Déconnecte-toi du net/!\

* Double clique >> sur ComboFix.exe afin de le lancer

* Tapes sur la touche1 pour démarrer le scan et suis les instructions indiquées par combofix.

** tu es sous Windows XP, il va te demander d'installer la console de récupération : tu dois absolument accepter.

** si il te propose de l'installer remets provisoirement internet

* /!\ Déconnecte-toi du net aprés l installation /!\

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. /!\
/!\ (ne touche a rien pendant que l'outil travaille pour ne pas figer ton pc)/!\

* Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\



si ta connexion internet n'est plus active après le redémarrage

Windows XP ==>Fais un double clic sur le fichier de WinsockXPFix
clique sur "Fix"

au cas faudra faire une réparation manuelle image ci dessous
réparation manuelle >> Image





* PS >> Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"




Membre Contributeur sécurité CCM
0
Réponse 10 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 19:36
ComboFix 11-03-16.01 - fierro 16/03/2011 19:27:01.1.1 - FAT32x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1982.1533 [GMT 1:00]
Lancé depuis: c:\downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\ATHPRXY(2).DLL
.
.
\\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-16 au 2011-03-16 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-16 18:20 . 2011-02-23 08:35 5943120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C6CF80E5-9E1B-49EE-8798-A00DE92CB3F3}\mpengine.dll
2011-03-16 15:09 . 2011-03-16 15:09 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-03-16 15:07 . 2011-03-16 15:07 -------- d-----w- c:\program files\ZHPDiag
2011-03-16 14:30 . 2011-03-16 14:30 -------- d-----w- c:\program files\Fichiers communs\Adobe
2011-03-15 18:10 . 2011-03-15 18:10 -------- d-----w- c:\windows\Sun
2011-03-15 17:32 . 2002-07-25 16:06 282624 ----a-w- c:\program files\Fichiers communs\InstallShield\UpdateService\agent.exe
2011-03-15 17:31 . 2011-03-15 17:31 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL
2011-03-15 17:29 . 2011-03-15 17:29 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2011-03-15 17:26 . 2006-10-30 23:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2011-03-15 17:26 . 2006-10-19 23:10 80024 ----a-w- c:\windows\system32\PICSDK.dll
2011-03-15 17:26 . 2006-10-19 23:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2011-03-15 17:26 . 2006-10-19 23:10 108704 ----a-w- c:\windows\system32\PICEntry.dll
2011-03-15 17:26 . 2006-10-30 23:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2011-03-15 17:26 . 2011-03-15 17:26 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2011-03-15 17:26 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-03-15 17:26 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCDE.DLL
2011-03-15 17:26 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCDE.DLL
2011-03-15 17:26 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-03-15 17:26 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2011-03-15 17:24 . 2011-03-15 17:24 -------- d-----w- c:\program files\epson
2011-03-15 17:24 . 2007-03-26 23:00 67072 ----a-w- c:\windows\system32\escwiad.dll
2011-03-15 12:46 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-03-15 12:46 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2011-03-14 17:53 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2011-03-14 17:53 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2011-03-14 17:51 . 2011-03-14 17:51 -------- d-----w- c:\windows\SHELLNEW
2011-03-14 17:48 . 2011-03-14 17:48 -------- d-----r- C:\MSOCache
2011-03-14 17:23 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-14 17:23 . 2011-03-14 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-14 17:23 . 2011-03-14 17:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-14 17:23 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-14 13:00 . 2011-03-14 13:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2011-03-14 12:35 . 2011-03-14 12:35 -------- d-----w- c:\windows\system32\wbem\Repository
2011-03-13 19:00 . 2011-03-13 19:00 -------- d-----w- c:\windows\$XNTUninstall643$
2011-03-13 18:48 . 2011-03-13 18:48 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-03-13 13:38 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2011-03-13 13:38 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2011-03-13 13:38 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2011-03-13 13:37 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2011-03-13 13:33 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe
2011-03-13 13:30 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-03-13 10:55 . 2011-03-13 10:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2011-03-13 08:28 . 2011-03-13 08:28 -------- d-----w- c:\program files\CCleaner
2011-03-13 08:26 . 2011-03-13 08:26 -------- d-----w- C:\Downloads
2011-03-13 06:37 . 2011-03-13 06:37 -------- d-----r- c:\documents and settings\NetworkService\Favoris
2011-03-12 19:12 . 2011-03-12 19:12 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-03-12 19:12 . 2011-03-12 19:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-12 19:07 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-12 19:02 . 2011-03-12 19:02 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-12 18:46 . 2011-03-12 18:46 -------- d-----w- c:\windows\system32\fr
2011-03-12 18:46 . 2011-03-12 18:46 -------- d-----w- c:\windows\system32\bits
2011-03-12 18:46 . 2011-03-12 18:46 -------- d-----w- c:\windows\l2schemas
2011-03-12 18:42 . 2011-03-12 18:42 -------- d-----w- c:\windows\EHome
2011-03-12 18:39 . 2004-08-03 21:41 13776 ------w- c:\windows\system32\drivers\recagent.sys
2011-03-12 18:28 . 2011-03-12 18:28 -------- d-----w- c:\windows\system32\LogFiles
2011-03-12 18:20 . 2011-03-12 18:20 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-03-12 18:19 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2011-03-12 18:19 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-03-12 18:18 . 2010-02-24 13:11 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-03-12 18:18 . 2010-08-26 13:39 357248 ------w- c:\windows\system32\dllcache\srv.sys
2011-03-12 18:17 . 2010-08-27 08:02 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2011-03-12 18:17 . 2009-10-15 16:32 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2011-03-12 18:17 . 2009-11-21 15:58 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2011-03-12 18:14 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\drivers\bthport.sys
2011-03-12 18:14 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\dllcache\bthport.sys
2011-03-12 18:14 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2011-03-12 17:52 . 2011-03-12 17:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Orange
2011-03-12 17:32 . 2009-08-24 11:22 65536 ----a-w- c:\windows\system32\Autodial2000.dll
2011-03-12 17:32 . 2009-08-24 11:22 94208 ----a-w- c:\windows\system32\w32n50.dll
2011-03-12 17:32 . 2009-08-24 11:22 34688 ----a-w- c:\windows\system32\pcampr5.sys
2011-03-12 17:32 . 2009-08-24 11:22 32128 ----a-w- c:\windows\system32\pcandis5.sys
2011-03-12 17:32 . 2011-03-12 17:32 -------- d-----w- c:\program files\Orange
2011-03-12 17:32 . 2011-03-12 17:32 -------- d-----w- c:\program files\Fichiers communs\France Telecom
2011-03-12 16:30 . 2011-03-12 16:30 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-03-12 16:25 . 2011-03-12 16:25 -------- d-----w- c:\program files\MSXML 6.0
2011-03-12 16:13 . 2011-03-12 16:13 -------- d--h--w- c:\windows\msdownld.tmp
2011-03-12 16:11 . 2011-03-12 16:11 307968 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2011-03-12 16:11 . 2008-02-27 12:15 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2011-03-12 16:11 . 2011-03-12 16:11 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2011-03-12 16:11 . 2011-03-12 16:11 -------- d-----w- c:\program files\TuneUp Utilities 2008
2011-03-12 16:11 . 2011-03-12 16:11 -------- d--h--w- c:\windows\ie8
2011-03-12 16:11 . 2011-03-12 16:11 -------- d-----w- c:\windows\system32\fr-FR
2011-03-12 16:10 . 2011-03-12 16:11 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2011-03-12 16:10 . 2011-03-12 16:10 -------- d-----w- c:\program files\Microsoft
2011-03-12 16:09 . 2011-03-12 16:09 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-03-12 16:08 . 2011-03-12 16:08 -------- d-----w- c:\program files\Windows Live
2011-03-12 16:06 . 2010-07-16 12:04 221696 ------w- c:\windows\system32\dllcache\wordpad.exe
2011-03-12 16:06 . 2010-12-20 23:53 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2011-03-12 16:06 . 2010-12-20 23:53 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-03-12 16:06 . 2010-12-20 23:53 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2011-03-12 16:06 . 2010-12-20 23:53 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2011-03-12 16:06 . 2010-12-20 23:53 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2011-03-12 16:06 . 2010-12-20 23:53 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
2011-03-12 16:06 . 2010-12-21 04:23 11080704 ------w- c:\windows\system32\dllcache\ieframe.dll
2011-03-12 16:05 . 2011-03-12 16:05 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2011-03-12 15:58 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-12 15:58 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\program files\iPod
2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\program files\iTunes
2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\program files\QuickTime
2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\program files\Apple Software Update
2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\windows\system32\DRVSTORE
2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\program files\Bonjour
2011-03-12 15:55 . 2011-03-12 15:55 -------- d-----w- c:\program files\Fichiers communs\Apple
2011-03-12 15:55 . 2011-03-12 15:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2011-03-12 15:50 . 2011-03-12 15:50 -------- d-----w- c:\program files\FlashGet Network
2011-03-12 15:50 . 2011-03-12 15:50 -------- d-----w- c:\program files\VideoLAN
2011-03-12 15:45 . 2009-05-07 15:33 348672 ------w- c:\windows\system32\dllcache\localspl.dll
2011-03-12 15:45 . 2009-12-17 07:41 347648 ------w- c:\windows\system32\dllcache\mspaint.exe
2011-03-12 15:43 . 2008-04-14 02:33 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-03-12 15:42 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys
2011-03-12 15:41 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2011-03-12 15:41 . 2008-04-14 02:34 16384 ----a-w- c:\windows\system32\ipsink.ax
2011-03-12 15:41 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2011-03-12 15:41 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\slip.sys
2011-03-12 15:41 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:54 . 2004-08-05 04:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:54 . 2004-08-05 04:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:59 . 2004-08-05 04:00 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2004-08-05 04:00 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-05 04:00 441344 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2004-08-05 04:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2005-03-02 18:07 1855104 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2005-06-15 17:50 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:53 . 2005-07-03 02:16 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:53 . 2004-08-05 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:53 . 2004-08-05 04:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2004-10-28 01:24 736768 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-05 04:00 385024 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\FlashGet3.exe" [2010-05-11 2385456]
"MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2010-11-04 634368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SoundMan"="SOUNDMAN.EXE" [2005-09-22 90112]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-10-10 7286784]
"nwiz"="nwiz.exe" [2005-10-10 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-10-10 86016]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-08-30 286720]
"AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 114688]
"MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 425984]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-10-31 393216]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-24 135920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Orange\\Connexion Internet Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Orange\\OrangeUpdate\\Service\\OUCore.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [14/06/2010 13:39 1053424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-03-16 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-27 17:00]
.
2011-03-16 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
2011-03-16 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/portail
IE: Download all by FlashGet3 - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: ????3?? - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-HijackThis - c:\documents and settings\fierro\Local Settings\Temporary Internet Files\Content.IE5\BW7F8659\HijackThis.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-16 19:31
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f 3* N} ]
@="c:\\Documents and Settings\\fierro\\Application Data\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f 3* N} hQè þ"¥c]
@="c:\\Documents and Settings\\fierro\\Application Data\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Heure de fin: 2011-03-16 19:32:16
ComboFix-quarantined-files.txt 2011-03-16 18:32
.
Avant-CF: 53 597 929 472 octets libres
Après-CF: 54 228 025 344 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
.
- - End Of File - - 0EA0624C0FFDCE8C68636DA27EE070C2
0
Réponse 11 / 82
Utilisateur anonyme
16 mars 2011 à 20:32
Salut

Trés bien c'est bien à quoi je pensais !!

>>> !!!PhysicalDrive0 - Bootkit TDL4 was found and disinfected


Pour vérification:


1) TDSSKiller

* Télécharge TDSSKiller ( de Kaspersky Labs ) sur ton bureau.

>> ICI >> TDSSKiller

* Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )

* Clique sur [Start Scan] pour démarrer l'analyse.

* Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]

* Un rapport s'ouvrira au redémarrage du PC.

* Copie/Colle son contenu dans ta prochaine réponse.

Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.


ensuite je pense que tu pourras faire ceci :


2)* Poste un nouveau ZHPDiag

* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport

>> Entier si tu ne me donnes pas le lien !!




Membre Contributeur sécurité CCM
0
Réponse 12 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 20:48
Rapport de ZHPDiag v1.27.1704 par Nicolas Coolman, Update du 15/03/2011
Run by fierro at 16/03/2011 20:45:47
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

---\\ System Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 51 GB (69%) free of 72 GB

---\\ Logged in mode
Computer Name: ACER-9DEB84EBB9
User Name: fierro
All Users Names: SUPPORT_388945a0, HelpAssistant, fierro, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Documents and Settings\fierro\Application Data
%LocalAppData%=C:\Documents and Settings\fierro\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\fierro\Menu Démarrer

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 51 Go of 72 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 73 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:04.) -- C:\Windows\Explorer.exe [1037824]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:54.) -- C:\Windows\System32\drivers\ntfs.sys [574976]



---\\ Processus lancés
[MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736]
[MD5.20BC7169B76BFD41CA21B3B82D501922] - (.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [438272]
[MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.B0C9FFF54F16DF2012F53A34736A0975] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.0B24AB7CC5B7ED2AA7F438A4072459F4] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) -- C:\WINDOWS\system32\nvsvc32.exe [131139]
[MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552]
[MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112]
[MD5.ABC9091B6D438381DBACFD1A82E0C0EA] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe [282624]
[MD5.682DB04704A74F228A080B31003B6FC6] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe [974848]
[MD5.CAF2CCB6E9F5FDBE99EE8904EB9DC506] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe [495616]
[MD5.8E884B0A19679340BFFF5C157075D6B5] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe [53248]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
[MD5.6DFF20574CE7A0FEAEBC40DB4423848A] - (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\flashget3.exe [2385456]
[MD5.008020C8CF84F34FAD3B71EF61EA50F8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [639488]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} . (.Trend Media Group - FlashGet Browser Helper Object.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} . (.Orange - IE Toolbar Container.) -- C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [LaunchApp] Clé orpheline
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe
O4 - HKLM\..\Run: [ntiMUI] . (...) -- c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [SNPSTD2] . (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [AspireService] . (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] . (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2008.lnk . (.TuneUp Software GmbH.) -- C:\Program Files\TuneUp Utilities 2008\Integrator.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Download all by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: ????3?? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: ????3?????? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Acer Media Server) . (.Acer Inc. - Acer UPnP Media Server Service.) - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: (Orange update Core Service) . (...) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: (TuneUp.Defrag) . (.TuneUp Software GmbH - TuneUp Drive Defrag-Dienst.) - C:\WINDOWS\System32\TuneUpDefragService.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.)



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\System32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl0e9ca3f3) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFC86AD2-F4E1-4572-937D-FCDCAC6BB556}\MpKsl0e9ca3f3.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: Acer eConsole - (.Pas de propriétaire.) [HKLM] -- {EC028E6B-F3F1-4192-B63E-A7C97302ED5A}
O42 - Logiciel: Acer eMode Management - (.Pas de propriétaire.) [HKLM] -- {65CDEC30-4BF4-48FB-8059-9FC480E4E94F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Athlon 64 Processor Driver - (.Pas de propriétaire.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Pas de propriétaire.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}
O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Easy Photo Print - (.Pas de propriétaire.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}
O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation
O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
O42 - Logiciel: FlashGet 3.5 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet 3.5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150050}
O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: NTI Backup NOW! 4 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: NTI HomeVideo-Maker - (.ArcSoft.) [HKLM] -- {B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier
O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PowerDVD - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: TuneUp Utilities 2008 - (.TuneUp Software.) [HKLM] -- {5888428E-699C-4E71-BF71-94EE06B497DA}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM] -- OrangeToolbarFR
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\Adobe]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Cyberlink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\FlashGet Network]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Orange]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Symantec]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\kde.org]
[HKLM\Software\ABBYY]
[HKLM\Software\AMD]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\FlashGet Network]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Orange]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Swearware]
[HKLM\Software\SymNRT]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\acer]
[HKLM\Software\muvee Technologies]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/01/2005 - 11:52:02 - [346967275] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 23/01/2005 - 11:55:44 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 23/01/2005 - 11:55:44 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 23/01/2005 - 11:55:50 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 23/01/2005 - 11:55:52 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 23/01/2005 - 11:55:58 - [3534189] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 23/01/2005 - 11:55:58 - [1712] ----D- C:\Program Files\Online Services
O43 - CFD: 23/01/2005 - 11:56:26 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 23/01/2005 - 11:56:44 - [5658831] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 23/01/2005 - 11:56:46 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 23/01/2005 - 11:56:46 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 23/01/2005 - 11:56:48 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 23/01/2005 - 11:57:02 - [933] ----D- C:\Program Files\Services en ligne
O43 - CFD: 23/01/2005 - 11:57:04 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 23/01/2005 - 11:58:12 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 23/01/2005 - 11:58:12 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 23/01/2005 - 12:07:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 23/01/2005 - 12:07:50 - [34590584] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/01/2005 - 12:07:52 - [39608612] ----D- C:\Program Files\Realtek AC97
O43 - CFD: 23/01/2005 - 12:07:52 - [5479936] ----D- C:\Program Files\AvRack
O43 - CFD: 23/01/2005 - 12:07:54 - [0] ----D- C:\Program Files\Realtek Sound Manager
O43 - CFD: 23/01/2005 - 12:10:34 - [162858302] ----D- C:\Program Files\Adobe
O43 - CFD: 23/01/2005 - 12:11:44 - [773954007] ----D- C:\Program Files\NewTech Infosystems
O43 - CFD: 23/01/2005 - 12:13:06 - [96343958] ----D- C:\Program Files\CyberLink
O43 - CFD: 23/01/2005 - 12:16:00 - [124948] ----D- C:\Program Files\AMD
O43 - CFD: 12/03/2011 - 16:38:08 - [158546494] ----D- C:\Program Files\Java
O43 - CFD: 12/03/2011 - 16:40:56 - [65597451] ----D- C:\Program Files\Acer
O43 - CFD: 12/03/2011 - 16:49:18 - [57802016] ----D- C:\Program Files\DivX
O43 - CFD: 12/03/2011 - 16:49:40 - [3718034] ----D- C:\Program Files\WinRAR
O43 - CFD: 12/03/2011 - 16:50:06 - [75156207] ----D- C:\Program Files\VideoLAN
O43 - CFD: 12/03/2011 - 16:50:40 - [16997157] ----D- C:\Program Files\FlashGet Network
O43 - CFD: 12/03/2011 - 16:56:16 - [616779] ----D- C:\Program Files\Bonjour
O43 - CFD: 12/03/2011 - 16:56:34 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 12/03/2011 - 16:56:46 - [76337719] ----D- C:\Program Files\QuickTime
O43 - CFD: 12/03/2011 - 16:57:16 - [124813595] ----D- C:\Program Files\iTunes
O43 - CFD: 12/03/2011 - 16:57:20 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 12/03/2011 - 17:08:26 - [45806173] ----D- C:\Program Files\Windows Live
O43 - CFD: 12/03/2011 - 17:09:06 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 12/03/2011 - 17:10:02 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 12/03/2011 - 17:11:30 - [33716731] ----D- C:\Program Files\TuneUp Utilities 2008
O43 - CFD: 12/03/2011 - 17:25:54 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 12/03/2011 - 18:32:40 - [399049656] ----D- C:\Program Files\Orange
O43 - CFD: 12/03/2011 - 19:20:52 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 12/03/2011 - 20:02:38 - [18110254] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 13/03/2011 - 09:28:28 - [3653664] ----D- C:\Program Files\CCleaner
O43 - CFD: 14/03/2011 - 18:23:26 - [4922239] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 14/03/2011 - 18:50:58 - [268918563] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/03/2011 - 18:50:58 - [315392] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 15/03/2011 - 18:24:02 - [153246691] ----D- C:\Program Files\epson
O43 - CFD: 15/03/2011 - 18:29:56 - [124428627] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 16/03/2011 - 16:07:56 - [3581811] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 23/01/2005 - 11:52:02 - [115601638] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 23/01/2005 - 11:52:02 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 23/01/2005 - 11:52:02 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 23/01/2005 - 11:56:44 - [19733999] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 23/01/2005 - 11:56:50 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 23/01/2005 - 11:56:50 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 23/01/2005 - 12:05:36 - [13772500] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 23/01/2005 - 12:11:48 - [11735040] ----D- C:\Program Files\Fichiers Communs\NewTech Infosystems
O43 - CFD: 23/01/2005 - 12:12:04 - [6003080] ----D- C:\Program Files\Fichiers Communs\muvee Technologies
O43 - CFD: 12/03/2011 - 16:38:06 - [28453991] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 12/03/2011 - 16:40:30 - [4324860] ----D- C:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD: 12/03/2011 - 16:55:56 - [80026250] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 12/03/2011 - 17:05:42 - [34145223] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 12/03/2011 - 17:11:00 - [14610432] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 12/03/2011 - 18:32:08 - [8113537] ----D- C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD: 14/03/2011 - 18:51:28 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 16/03/2011 - 15:30:22 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 23/01/2005 - 12:07:30 - [0] ----D- C:\Documents and Settings\fierro\Application Data\Identities
O43 - CFD: 23/01/2005 - 11:51:36 - [4289102] -S--D- C:\Documents and Settings\fierro\Application Data\Microsoft
O43 - CFD: 12/03/2011 - 16:50:44 - [478841] ----D- C:\Documents and Settings\fierro\Application Data\FlashGetBHO
O43 - CFD: 12/03/2011 - 16:50:48 - [9811] ----D- C:\Documents and Settings\fierro\Application Data\BITS
O43 - CFD: 12/03/2011 - 16:50:50 - [48] ----D- C:\Documents and Settings\fierro\Application Data\FlashGet
O43 - CFD: 12/03/2011 - 16:51:56 - [476284] ----D- C:\Documents and Settings\fierro\Application Data\vlc
O43 - CFD: 12/03/2011 - 16:58:38 - [180387] ----D- C:\Documents and Settings\fierro\Application Data\Apple Computer
O43 - CFD: 12/03/2011 - 17:11:56 - [27370] ----D- C:\Documents and Settings\fierro\Application Data\TuneUp Software
O43 - CFD: 12/03/2011 - 17:16:06 - [16440] ----D- C:\Documents and Settings\fierro\Application Data\DivX
O43 - CFD: 12/03/2011 - 18:42:38 - [2873191] ----D- C:\Documents and Settings\fierro\Application Data\Macromedia
O43 - CFD: 12/03/2011 - 20:12:10 - [8533073] ----D- C:\Documents and Settings\fierro\Application Data\Sun
O43 - CFD: 14/03/2011 - 10:11:24 - [1522713] ----D- C:\Documents and Settings\fierro\Application Data\Adobe
O43 - CFD: 14/03/2011 - 18:23:42 - [6307] ----D- C:\Documents and Settings\fierro\Application Data\Malwarebytes
O43 - CFD: 15/03/2011 - 18:26:46 - [0] ----D- C:\Documents and Settings\fierro\Application Data\InstallShield
O43 - CFD: 23/01/2005 - 11:57:54 - [156644014] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Microsoft
O43 - CFD: 12/03/2011 - 16:54:18 - [2204379] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Apple Computer
O43 - CFD: 12/03/2011 - 16:56:36 - [0] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Apple
O43 - CFD: 12/03/2011 - 18:36:00 - [49] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Orange
O43 - CFD: 12/03/2011 - 19:22:18 - [5091] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 14/03/2011 - 10:11:24 - [192804] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Adobe
0
Réponse 13 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 20:49
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E42F532E84C9D61B7E7BF546BDA2F5F2] - 16/03/2011 - 20:45:02 ---A- . (...) -- C:\TDSSKiller.2.4.21.0_16.03.2011_20.43.53_log.txt [37696]
O44 - LFC:[MD5.59B43928D7992DCE9BC5B7D6BAD6EA41] - 16/03/2011 - 20:43:00 ---A- . (...) -- C:\WINDOWS\System32\secushr.dat [1770]
O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:44:40 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1085196]
O44 - LFC:[MD5.7DCA9E5438D6B4AB47BFB84435A6B2B8] - 16/03/2011 - 19:32:18 ---A- . (...) -- C:\ComboFix.txt [21537]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 16/03/2011 - 19:31:20 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:26:14 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32170]
O44 - LFC:[MD5.8BA0D3956D250904292E1EA582137CB3] - 16/03/2011 - 19:26:12 ---A- . (...) -- C:\WINDOWS\setupapi.log [2646]
O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:26:02 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/03/2011 - 19:25:44 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/03/2011 - 19:25:40 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:24:58 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.2E1B512BBBD2DC2942CB00946B331C3C] - 16/03/2011 - 19:21:58 RSHA- . (...) -- C:\boot.ini [332]
O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 16/03/2011 - 19:19:27 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232]
O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 16/03/2011 - 19:19:27 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792]
O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 16/03/2011 - 19:19:27 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704]
O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 16/03/2011 - 19:19:27 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480]
O44 - LFC:[MD5.B7317840CAF0CF61AF8CE248FB082350] - 16/03/2011 - 19:15:04 ---A- . (...) -- C:\WINDOWS\System32\secustat.dat [424]
O44 - LFC:[MD5.B28C246AB8A58CDA69B6949267BA3E85] - 16/03/2011 - 18:33:08 ---A- . (...) -- C:\WINDOWS\System32\d3d9caps.dat [664]
O44 - LFC:[MD5.9571771CC61F5278DBB1047482EB8098] - 16/03/2011 - 18:22:06 ---A- . (...) -- C:\WINDOWS\System32\eRLog.ini [680]
O44 - LFC:[MD5.5A44B7C2D933E52A034128EA4E634153] - 16/03/2011 - 18:21:30 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [39291]
O44 - LFC:[MD5.9E53501FCD68C138B6F19E9D4D2880E1] - 16/03/2011 - 16:09:54 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.2E409416D32024870A2D841B157A8E19] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 1.10.) -- C:\WINDOWS\System32\EpPicPrt.dll [120992]
O44 - LFC:[MD5.68D2DE06776BEC0409AF80D26C2FD42E] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\WINDOWS\System32\PICEntry.dll [108704]
O44 - LFC:[MD5.93C3E9EE30280A8ED2D56DCEDA0FAF3F] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\WINDOWS\System32\PICSDK.dll [80024]
O44 - LFC:[MD5.17152A7F21C9802E7826DE63D2DF184C] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\WINDOWS\System32\PICSDK2.dll [501912]
O44 - LFC:[MD5.8C1013EAF95FF2CEC2391EB0E8B04B31] - 15/03/2011 - 18:26:46 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 1.10.) -- C:\WINDOWS\System32\EPPicMgr.dll [71840]
O44 - LFC:[MD5.1129871724A26B1DD6678DE88B7FE941] - 15/03/2011 - 18:26:12 ---A- . (.SEIKO EPSON CORP. - E_DCINST.) -- C:\WINDOWS\System32\E_DCINST.DLL [49152]
O44 - LFC:[MD5.8EB50EB111D161708B899A6AF6A8F860] - 15/03/2011 - 18:26:11 ---A- . (.SEIKO EPSON CORPORATION - ECBTEGB.) -- C:\WINDOWS\System32\E_FD4BCDE.DLL [62976]
O44 - LFC:[MD5.A4EC6B9766E2A7FAA77283697BC5C307] - 15/03/2011 - 18:26:11 ---A- . (.SEIKO EPSON CORPORATION - EPSON Bi-directional Monitor.) -- C:\WINDOWS\System32\E_FLBCDE.DLL [76800]
O44 - LFC:[MD5.B35DBB90FA79BE79956E481D1AF9E7E7] - 15/03/2011 - 18:24:01 ---A- . (.SEIKO EPSON CORP. - EPSON WIA Module.) -- C:\WINDOWS\System32\escwiad.dll [67072]
O44 - LFC:[MD5.40FDF3546B2DD93413C2223169683979] - 15/03/2011 - 18:23:48 ---A- . (...) -- C:\WINDOWS\CDE DX7400DEFGIPS.ini [25]
O44 - LFC:[MD5.574C94EED8119C6860546294753EC938] - 15/03/2011 - 11:14:10 ---A- . (...) -- C:\Boot.bak [216]
O44 - LFC:[MD5.F394BC4BB82AF9972EBE266370CCD3B9] - 15/03/2011 - 11:14:10 ---A- . (...) -- C:\WINDOWS\win.ini [573]
O44 - LFC:[MD5.7DA6C0436905BCAB93C276FEAE8569F8] - 14/03/2011 - 20:29:18 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [259840]
O44 - LFC:[MD5.045977768AC9730F79F17F8FDE55D5EE] - 14/03/2011 - 20:25:14 ---A- . (...) -- C:\WINDOWS\System32\TZLog.log [13218]
O44 - LFC:[MD5.660023DF771C9730463234B831785EE7] - 14/03/2011 - 20:17:18 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158]
O44 - LFC:[MD5.D4761D8CDB9DEF6C39253C4166C610A7] - 14/03/2011 - 18:53:04 ---A- . (...) -- C:\WINDOWS\ODBC.INI [385]
O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 14/03/2011 - 18:23:29 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 14/03/2011 - 18:23:24 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.3FD411DF4A9999EA848615DEF336E905] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Control Panel.) -- C:\WINDOWS\System32\javacpl.cpl [73728]
O44 - LFC:[MD5.F87BA06FE22C81CDE563761DDFBAB267] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [472808]
O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184]
O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184]
O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [157472]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 12/03/2011 - 20:04:08 ---A- . (...) -- C:\WINDOWS\epplauncher.mif [1912]
O44 - LFC:[MD5.C7E800CDF54D012C2723071BE05E54D2] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1004624]
O44 - LFC:[MD5.F2B087103F87D3E25CE3F9D598CB4B3F] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [59856]
O44 - LFC:[MD5.CCC1B8FE8ABE911C2981AF7AD26A5CCF] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [72714]
O44 - LFC:[MD5.B34A7A0BDEFCD2F5ED3F0184C322915B] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [397086]
O44 - LFC:[MD5.4EBDE64847A985601EBFFD5D914CF3A3] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [464508]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 12/03/2011 - 19:55:00 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] - 12/03/2011 - 19:54:22 ---A- . (...) -- C:\WINDOWS\System32\spupdwxp.log [90]
O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 12/03/2011 - 19:44:54 RSHA- . (...) -- C:\ntldr [252240]
O44 - LFC:[MD5.1C7EE42FE601457D874AC6478AE68A7A] - 12/03/2011 - 18:32:48 ---A- . (.France Telecom SA - Orange Connection Kit.) -- C:\WINDOWS\System32\Autodial2000.dll [65536]
O44 - LFC:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 12/03/2011 - 18:32:46 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\System32\pcampr5.sys [34688]
O44 - LFC:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 12/03/2011 - 18:32:46 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\System32\pcandis5.sys [32128]
O44 - LFC:[MD5.58729B4DF51BC160837B2E020EF74456] - 12/03/2011 - 18:32:46 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - WinDis 32 API & Platform Compatibility DLL.) -- C:\WINDOWS\System32\w32n50.dll [94208]
O44 - LFC:[MD5.F61187E55BFA395AA04E8B4550AA6DF3] - 12/03/2011 - 17:11:56 ---A- . (.TuneUp Software GmbH - TuneUp Drive Defrag-Dienst.) -- C:\WINDOWS\System32\TuneUpDefragService.exe [307968]
O44 - LFC:[MD5.411D534C568DE0B9D38DBC892D027897] - 12/03/2011 - 17:11:55 ---A- . (.TuneUp Software GmbH - TuneUp Theme Extension.) -- C:\WINDOWS\System32\uxtuneup.dll [28416]
O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 12/03/2011 - 16:58:26 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26600]
O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 12/03/2011 - 16:58:26 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\WINDOWS\System32\GEARAspi.dll [107368]
O44 - LFC:[MD5.6EC55E88C0FCE0339759CB37FC118B78] - 12/03/2011 - 16:51:28 ---A- . (...) -- C:\WINDOWS\libem.INI [25]
O44 - LFC:[MD5.D86B4A68565E444D76457F14172C875A] - 12/03/2011 - 16:49:29 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [43528]
O44 - LFC:[MD5.6469C3E72B888EC76FFF0DB610602CC5] - 12/03/2011 - 16:43:50 ---A- . (...) -- C:\WINDOWS\ALaunch.ini [83]
O44 - LFC:[MD5.A7B8A3A79D35215D798A300DF49ED23F] - 12/03/2011 - 16:40:29 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\System32\drivers\afc.sys [11776]
O44 - LFC:[MD5.7ED438C44B90AF7B01609A942C7E7196] - 12/03/2011 - 16:39:42 ---A- . (.Eastman Kodak - PCDLIB32.) -- C:\WINDOWS\PCDLIB32.DLL [212480]
O44 - LFC:[MD5.D85290AAFDED4E699F4A5C060AB1A2EC] - 12/03/2011 - 16:38:46 ---A- . (...) -- C:\WINDOWS\System32\jupdate-1.5.0_05-b05.log [5435]
O44 - LFC:[MD5.2D2B2457CBD25F0958E9105BACE32D39] - 12/03/2011 - 16:36:30 ---A- . (...) -- C:\WINDOWS\System32\$winnt$.inf [733]
O44 - LFC:[MD5.08C26E1D8C50302193A41FC8741F6128] - 12/03/2011 - 16:34:00 ---A- . (.NVIDIA Corporation - NVIDIA Uninstaller Utility.) -- C:\WINDOWS\System32\nvudisp.exe [180224]
O44 - LFC:[MD5.B5C14ACECB75F93E0AFEB026F249D52B] - 12/03/2011 - 16:33:48 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.B80CA456D577AAEA3979E112CF69C0FD] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsel.dll [335872]
O44 - LFC:[MD5.9FC0CA6618065AE7DC5203886DE02BE0] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrseng.dll [286720]
O44 - LFC:[MD5.4C96E3905C11FAC476EE9D81F53AAAD8] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrses.dll [335872]
O44 - LFC:[MD5.4AB1BE91C3C50ED4EACF6F848B3468DB] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsesm.dll [327680]
O44 - LFC:[MD5.C6502628309BD3493AAFD25C26E08DA6] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsfi.dll [303104]
O44 - LFC:[MD5.87C2B4642115BE5C625E3CF1FFE6AA0A] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsfr.dll [327680]
O44 - LFC:[MD5.FFE9A891D076B642B53EAB3A4129376F] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrshe.dll [278528]
O44 - LFC:[MD5.5972B86DB263228D32E2F19F920A6F7A] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrshu.dll [315392]
O44 - LFC:[MD5.6C89C827F5AA5BA377D4D85044AD2DD8] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsit.dll [323584]
O44 - LFC:[MD5.852B1A2E23365C1EEE1EBD5BD26BF3CD] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsja.dll [212992]
O44 - LFC:[MD5.20139550B7242D39D18079375BF08828] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsko.dll [196608]
O44 - LFC:[MD5.F2377D65749CD02F5B377CF222F6B09D] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsnl.dll [319488]
O44 - LFC:[MD5.AF1B8A6428BB0D15CD8CDDC4B6688AAE] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsno.dll [299008]
O44 - LFC:[MD5.EC93AD5C671102347339E0E4B86AA490] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrspl.dll [294912]
O44 - LFC:[MD5.0239C36604070BB94D9FAF706101ED44] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrspt.dll [323584]
O44 - LFC:[MD5.9452406B5CD6AB906AE16DB5B28A9ECE] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsptb.dll [319488]
O44 - LFC:[MD5.9780E718D5ED068130BD640EF662CFBA] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsru.dll [315392]
O44 - LFC:[MD5.C142FDA779362FBFFE4B692AFBEEA252] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrssk.dll [299008]
O44 - LFC:[MD5.7AF51847FE18229D46C8E73DD084F9BC] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrssl.dll [303104]
O44 - LFC:[MD5.682D5B906D20C1428A45883FEC2EA79C] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrssv.dll [294912]
O44 - LFC:[MD5.8613CA009AB01C35C7E10BB7098CC795] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrstr.dll [303104]
O44 - LFC:[MD5.1EBC1CBB2B72355E00E98EA4EB1694E6] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrszhc.dll [163840]
O44 - LFC:[MD5.8AA88F4861B53C82808CB4B868737A1A] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrszht.dll [167936]
O44 - LFC:[MD5.9DE9D4A1DC121FFD4A850498B224AD68] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsar.dll [282624]
O44 - LFC:[MD5.6EE1541BC2609127801CBBE43D29F6F1] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrscs.dll [286720]
O44 - LFC:[MD5.ECD888756E9F9E9A22DCD43BFB71A463] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsda.dll [294912]
O44 - LFC:[MD5.D7572F8C2A1D557CEC88C07969BB1104] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsde.dll [311296]
O44 - LFC:[MD5.5D4D2606B988DAFBD8493348AC830653] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Display Driver Interface Lib,.) -- C:\WINDOWS\System32\nvwddi.dll [81920]
O44 - LFC:[MD5.768D57FCAA1E706391D3DE6C40791084] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Chinese (Traditional) language resou.) -- C:\WINDOWS\System32\nvrszht.dll [118784]
O44 - LFC:[MD5.0B24AB7CC5B7ED2AA7F438A4072459F4] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) -- C:\WINDOWS\System32\nvsvc32.exe [131139]
O44 - LFC:[MD5.22A41BFF5511DEFCE6372F6379A24C61] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Dutch language resource library.) -- C:\WINDOWS\System32\nvrsnl.dll [266240]
O44 - LFC:[MD5.DB4CC6E87DADB2E285A4723D9E844417] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Hebrew language resource library.) -- C:\WINDOWS\System32\nvrshe.dll [319488]
O44 - LFC:[MD5.88F8BF63823C690ED1F34CE5D92635AF] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Hungarian language resource library.) -- C:\WINDOWS\System32\nvrshu.dll [253952]
O44 - LFC:[MD5.CBFF70A06ECA26CC10B955F477C92BC5] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Iberian Portuguese language resource.) -- C:\WINDOWS\System32\nvrspt.dll [266240]
O44 - LFC:[MD5.1F873E1BF40596EE887D80A98C0B61D6] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Italian language resource library.) -- C:\WINDOWS\System32\nvrsit.dll [274432]
O44 - LFC:[MD5.725AE1BBC84B2818F622120E13A6E639] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Japanese language resource library.) -- C:\WINDOWS\System32\nvrsja.dll [258048]
O44 - LFC:[MD5.0B1B2CFB399AB4E19FCADE6FAC80FB82] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Korean language resource library.) -- C:\WINDOWS\System32\nvrsko.dll [253952]
O44 - LFC:[MD5.92A5FFF6E6BF938669482B039B57BD84] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Norwegian language resource library.) -- C:\WINDOWS\System32\nvrsno.dll [249856]
O44 - LFC:[MD5.8C7FBBEBCB9D4E8B50658C88E585C97E] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Polish language resource library.) -- C:\WINDOWS\System32\nvrspl.dll [249856]
O44 - LFC:[MD5.8FB5009FCE893BCD7D9491264E86F7BE] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Portuguese (Brazilian) language reso.) -- C:\WINDOWS\System32\nvrsptb.dll [262144]
O44 - LFC:[MD5.C942C0F44574FBA773D4E565871CFA84] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Russian language resource library.) -- C:\WINDOWS\System32\nvrsru.dll [262144]
O44 - LFC:[MD5.CD40EBCB2DA61C4DA6935FA591B75DEA] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Simplified Chinese language resource.) -- C:\WINDOWS\System32\nvrszhc.dll [217088]
O44 - LFC:[MD5.9E600A61A8FE954C85DD7EC0D163EE0B] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Slovak language resource library.) -- C:\WINDOWS\System32\nvrssk.dll [249856]
O44 - LFC:[MD5.04874E5C01EC112BC1CCE6CFDDF8E6DB] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Slovenian language resource library.) -- C:\WINDOWS\System32\nvrssl.dll [249856]
O44 - LFC:[MD5.020EEF13449408A720EA27CDED527D1C] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Swedish language resource library.) -- C:\WINDOWS\System32\nvrssv.dll [245760]
O44 - LFC:[MD5.513094ED0C28E7A4AD1A9529C48FC27D] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Turkish language resource library.) -- C:\WINDOWS\System32\nvrstr.dll [249856]
O44 - LFC:[MD5.5F7A720FD8B69C5E49746019B0641B64] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Arabic language resource library.) -- C:\WINDOWS\System32\nvrsar.dll [319488]
O44 - LFC:[MD5.9C65EE38A2AE5C4F3B2E063DBC12981A] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Czech language resource library.) -- C:\WINDOWS\System32\nvrscs.dll [241664]
O44 - LFC:[MD5.24263F922A07AD964CB304212E636BC2] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Danish language resource library.) -- C:\WINDOWS\System32\nvrsda.dll [245760]
O44 - LFC:[MD5.4D5B1BE381CCD332EB7C15C584C56275] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Finnish language resource library.) -- C:\WINDOWS\System32\nvrsfi.dll [241664]
O44 - LFC:[MD5.023C14A9F04CB332C193C5B220EB75A4] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA French language resource library.) -- C:\WINDOWS\System32\nvrsfr.dll [278528]
O44 - LFC:[MD5.CAD2F44DCFDA2FF8A2C41464DA2889A7] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA German language resource library.) -- C:\WINDOWS\System32\nvrsde.dll [270336]
O44 - LFC:[MD5.34ABF17DB9788463DD75D8B1B627CC80] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Greek language resource library.) -- C:\WINDOWS\System32\nvrsel.dll [274432]
O44 - LFC:[MD5.349610D0FABA54D9EE3CF67E44C1645F] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Latin American Spanish language reso.) -- C:\WINDOWS\System32\nvrsesm.dll [266240]
O44 - LFC:[MD5.03CC73962FA687491CF283AF0330F059] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Spanish language resource library.) -- C:\WINDOWS\System32\nvrses.dll [274432]
O44 - LFC:[MD5.9E0D87EBB7F509D0375D8B61E1A6D93F] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA UK English language resource library.) -- C:\WINDOWS\System32\nvrseng.dll [241664]
O44 - LFC:[MD5.DA222964DF2C502662DFD6CB71F27682] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\WINDOWS\System32\nvoglnt.dll [5378048]
O44 - LFC:[MD5.FCC333F0625C04EA9315B0D571B5BE52] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA French language resource library.) -- C:\WINDOWS\System32\nvmccsrs.dll [45056]
O44 - LFC:[MD5.AD26D98C35CA98DE4B3388AFA158FA54] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\System32\nvmctray.dll [86016]
O44 - LFC:[MD5.2B2D85AC10D0E38384EEB281A11963D5] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA U.S. English language resource libra.) -- C:\WINDOWS\System32\nvmccs.dll [229376]
O44 - LFC:[MD5.C9D985299655B1A4C80BEC4D60828F98] - 12/03/2011 - 16:31:45 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\System32\nvcpl.dll [7286784]
O44 - LFC:[MD5.CAE4BA99CA86B593A048DFC4E7F93053] - 12/03/2011 - 16:31:44 ---A- . (.NVIDIA Corporation - NVIDIA Driver CoInstaller.) -- C:\WINDOWS\System32\nvcod.dll [34304]
O44 - LFC:[MD5.CAE4BA99CA86B593A048DFC4E7F93053] - 12/03/2011 - 16:31:44 ---A- . (.NVIDIA Corporation - NVIDIA Driver CoInstaller.) -- C:\WINDOWS\System32\nvcodins.dll [34304]
O44 - LFC:[MD5.BFC1C4E5FBA0A4C8D8495965EF44AE4D] - 12/03/2011 - 16:31:44 ---A- . (.NVIDIA Corporation - NVIDIA NVIDIA Color Optimizer, Version 81.8.) -- C:\WINDOWS\System32\nvcolor.exe [147456]
O44 - LFC:[MD5.7246FD8D779691C26F2C28CDE8AFA1C1] - 12/03/2011 - 16:31:43 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Display driv.) -- C:\WINDOWS\System32\nv4_disp.dll [3921024]
O44 - LFC:[MD5.9E1F2F09E34C92A96B9900B6A45D5026] - 12/03/2011 - 16:31:43 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Dri.) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [3530432]
O44 - LFC:[MD5.1E61596140EC9CCA62E3A7A6AB51159A] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe [286720]
O44 - LFC:[MD5.556278AB03A51D95C8226F651F3EBED5] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - DelHwKey MFC Application.) -- C:\WINDOWS\usnpstd2.exe [20480]
O44 - LFC:[MD5.7FC5B8E9581E543FB42FB8DCDE3132E2] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - PC Camera driver.) -- C:\WINDOWS\System32\drivers\snpstd2.sys [347264]
O44 - LFC:[MD5.398AE8F2837AA7A7DC92B579083785F4] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - The utilities for device installation.) -- C:\WINDOWS\System32\csnpstd2.dll [61440]
O44 - LFC:[MD5.9DAA7218961710008D7385B01BD3F386] - 08/11/2010 - 01:20:24 ---A- . (...) -- C:\WINDOWS\MBR.exe [89088]
O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 15:58:12 ---A- . (...) -- C:\WINDOWS\PEV.exe [256512]
O44 - LFC:[MD5.0F23634D5375EBC97A1D77838730A55D] - 31/10/2006 - 00:10:00 ---A- . (...) -- C:\WINDOWS\System32\PICSDK.ini [97]
O44 - LFC:[MD5.3BFDF49E3E53BEC267829611A24B9019] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\keystone.exe [425984]
O44 - LFC:[MD5.A8BF5B56DE6D6932816236E5C2BAAB5B] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvapi.dll [45056]
O44 - LFC:[MD5.699EB187225E8DAC28A7A27A49FFCEED] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvappbar.exe [442368]
O44 - LFC:[MD5.92224E035CDD28EAFD065410C4556D0D] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvdisp.nvu [15868]
O44 - LFC:[MD5.113D087C598A9092FAA9979F993577B1] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvdspsch.exe [1339392]
O44 - LFC:[MD5.E36EDD779727388F6DECFF2D3454DEFC] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvhwvid.dll [573440]
O44 - LFC:[MD5.6F56256F5ABF9896DFEA304972F34A16] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nview.dll [1466368]
O44 - LFC:[MD5.79A20793214F1E037CC05974F14107BC] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvnt4cpl.dll [286720]
O44 - LFC:[MD5.6966EEF7437CC3C42043506AB40B44D2] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvshell.dll [466944]
O44 - LFC:[MD5.889374808C96987B6A735F2301D08006] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvtuicpl.cpl [73728]
O44 - LFC:[MD5.025E01756E1E1F9B1CE9BEFD27406CD6] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvwdmcpl.dll [1662976]
O44 - LFC:[MD5.EBFD83DE98B1A7025602B73EC69A113B] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvwimg.dll [1019904]
O44 - LFC:[MD5.60D44EF1CB5F41160E9D0A7E637CC8AA] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nwiz.exe [1519616]
O44 - LFC:[MD5.7AA6FCF74FEA8DE3F1E71CF579E9BCB9] - 01/06/2005 - 00:20:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPrinterDB.dat [111932]
O44 - LFC:[MD5.71E6747D37C1C8350C6693A4C1172308] - 24/09/2004 - 13:52:36 ---A- . (...) -- C:\WINDOWS\System32\vsnpstd2.dll [36864]
O44 - LFC:[MD5.0E3A2DC6171D45F86EDD34DA8C9FC931] - 24/09/2004 - 12:14:16 ---A- . (...) -- C:\WINDOWS\System32\dsnpstd2.ax [36864]
O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 03/08/2004 - 23:00:08 RSHA- . (...) -- C:\cmldr [263488]
O44 - LFC:[MD5.17C094B0F5243CEFD3F7334E2B8020A8] - 08/06/2004 - 18:25:42 ---A- . (...) -- C:\WINDOWS\System32\dsnpstd2.dll [53248]
O44 - LFC:[MD5.8C5D98825C4A3F840290D3000BCBD751] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_BP.cfg [6347]
O44 - LFC:[MD5.4522750EA97E574F092B463A5072F5D3] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_CF.cfg [6195]
O44 - LFC:[MD5.3B085599D53A8E49A02B42316167791D] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_DU.cfg [6122]
O44 - LFC:[MD5.87CC3262E60487AC2A7DF54E7A94405E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_EN.cfg [13732]
O44 - LFC:[MD5.D74F30976FC27C4134AC650747E141F6] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_ES.cfg [6103]
O44 - LFC:[MD5.4522750EA97E574F092B463A5072F5D3] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_FR.cfg [6195]
O44 - LFC:[MD5.5AF012AA8CF511EBA96E1FB620800406] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_GE.cfg [6335]
O44 - LFC:[MD5.C97F01641F82529F811750CC8BA8F6BE] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_IT.cfg [6442]
O44 - LFC:[MD5.EFBB67A52E13B74D9504C72A7FFBAC66] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_KO.cfg [5817]
O44 - LFC:[MD5.8C5D98825C4A3F840290D3000BCBD751] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_PT.cfg [6347]
O44 - LFC:[MD5.3310F4A726ABF152C54C6AEF9FF6A73C] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_RU.cfg [2889]
O44 - LFC:[MD5.6CD8BBC5EFB7F458A8FE3AC3F566D48E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_SC.cfg [5436]
O44 - LFC:[MD5.01BDBCEABF472323F62D879A7A2AACF9] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_TC.cfg [2426]
O44 - LFC:[MD5.11CEF97EC383B4A9268CEBCAFDA1C0BF] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern1.dat [26154]
O44 - LFC:[MD5.99B39A991604A09125A63D1F83A1668F] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern121.dat [27417]
O44 - LFC:[MD5.C35D83EF6773F875E85A37CD389FC98A] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern131.dat [31053]
O44 - LFC:[MD5.AED88E22D1F234668E0FF2F1C6D80AD1] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern2.dat [20148]
O44 - LFC:[MD5.EA23048F088AAC681C4FE4EC051A8663] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern3.dat [24903]
O44 - LFC:[MD5.DAEF4897E14EFB7050F7E0FC6887379F] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern4.dat [11811]
O44 - LFC:[MD5.7124C6AA586A840A5AE1F2972D4F6E12] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern5.dat [21390]
O44 - LFC:[MD5.E000BC718432CBB8F8AF9A2DD4EBCC59] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern6.dat [4943]
O44 - LFC:[MD5.17252792B6016C58F15C9A04AC834147] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [1139]
O44 - LFC:[MD5.EC10E010C637383D566C95CEA4307737] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [1129]
O44 - LFC:[MD5.7C52CC8596D832C902FD194EBBB2CB2E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [1146]
O44 - LFC:[MD5.4843A0BA0A20A81373086ACCAD81725B] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [1104]
O44 - LFC:[MD5.A40E9AED5BB4DF99EEC5C973DA0C0B42] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [1136]
O44 - LFC:[MD5.EC10E010C637383D566C95CEA4307737] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [1129]
O44 - LFC:[MD5.968070015D107F9353471E2CCA8F432E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [1107]
O44 - LFC:[MD5.1E58B11A525A5C324F4BCF86E62E1826] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [1120]
O44 - LFC:[MD5.17252792B6016C58F15C9A04AC834147] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [1139]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\grep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\sed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\zip.exe [68096]
O44 - LFC:[MD5.B322118EF59D45C1B6CA13BCDE1EB9CA] - 17/01/2003 - 17:35:40 ---A- . (...) -- C:\WINDOWS\snpstd2.src [13023]
O44 - LFC:[MD5.22D879AFA9637322B01418933E2BBA8D] - 17/01/2003 - 17:34:40 ---A- . (...) -- C:\WINDOWS\snpstd2.ini [15541]



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [Enabled] .(.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\eConsole.exe" [Enabled] .(.Acer Inc. - eConsole.) -- C:\Program Files\Acer\Acer eConsole\eConsole.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe" [Enabled] .(.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O47 - AAKE:Key Export SP - "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" [Enabled] .(.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 05:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 05:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 05:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 05:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 05:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 05:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 05:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 09/03/2005 - 15:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008]
O58 - SDL:[MD5.D86B4A68565E444D76457F14172C875A] - 06/11/2008 - 17:37:28 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\PxHelp20.sys [43528]
O58 - SDL:[MD5.93F93A8E3E14CBBF1CE9A5AF1A70C095] - 22/09/2005 - 16:34:00 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\alcxwdm.sys [3727680]
O58 - SDL:[MD5.E0C67BE430C6DE490D6CCAECFA071F9E] - 17/12/2004 - 17:14:44 ---A- . (...) -- C:\WINDOWS\system32\drivers\UBHelper.sys [13952]
O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 23/01/2005 - 12:11:40 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys [6144]
O58 - SDL:[MD5.20526A8827DC0956B5526AEBCB6751A0] - 29/07/2005 - 17:11:04 ---A- . (.NVIDIA Corporation - NVIDIA Networking Bus Driver..) -- C:\WINDOWS\system32\drivers\nvnetbus.sys [12928]
O58 - SDL:[MD5.143856A6E46E74A19CEFAE9FF2246C71] - 29/07/2005 - 17:10:46 ---A- . (.NVIDIA Corporation - NVIDIA Network Resource Manager..) -- C:\WINDOWS\system32\drivers\nvnrm.sys [301312]
O58 - SDL:[MD5.58D7D9E20D81117FB49768F8592DA74F] - 29/07/2005 - 17:10:32 ---A- . (.NVIDIA Corporation - NVIDIA Networking Soft-NPU Driver..) -- C:\WINDOWS\system32\drivers\nvsnpu.sys [221824]
O58 - SDL:[MD5.14FF39920AFAEEED23E42F1DDC639168] - 29/07/2005 - 17:10:54 ---A- . (.NVIDIA Corporation - NVIDIA Networking Protocol Driver..) -- C:\WINDOWS\system32\drivers\nvtcp.sys [100480]
O58 - SDL:[MD5.2A7A2C6AB9631028B6E3A4159AA65705] - 29/07/2005 - 17:11:02 ---A- . (.NVIDIA Corporation - NVIDIA Networking Function Driver..) -- C:\WINDOWS\system32\drivers\NVENETFD.sys [34048]
O58 - SDL:[MD5.9E1F2F09E34C92A96B9900B6A45D5026] - 10/10/2005 - 14:49:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 81.85.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3530432]
O58 - SDL:[MD5.7FC5B8E9581E543FB42FB8DCDE3132E2] - 14/10/2004 - 17:12:02 ---A- . (.Pas de propriétaire - PC Camera driver.) -- C:\WINDOWS\system32\drivers\snpstd2.sys [347264]
O58 - SDL:[MD5.A7B8A3A79D35215D798A300DF49ED23F] - 23/02/2005 - 14:58:56 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [11776]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 24/08/2009 - 12:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys [32128]
O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 24/08/2009 - 12:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys [34688]



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe - Acer Media Server (Acer Media Server) .(.Acer Inc. - Acer UPnP Media Server Service.) - LEGACY_ACER_MEDIA_SERVER
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Apple Mobile Device (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS
O64 - Services: CurCS - C:\Program Files\Bonjour\mDNSResponder.exe - Service Bonjour (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
O64 - Services: CurCS - C:\DOCUME~1\fierro\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS
O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN
O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS
O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe - France Telecom Routing Table Service (FTRTSVC) .(.France Telecom SA - Orange Connection Kit.) - LEGACY_FTRTSVC
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER
O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
O64 - Services: CurCS - C:\Program Files\iPod\bin\iPodService.exe - Service de l'iPod (iPod Service) .(.Apple Inc. - iPodService Module (32-bit).) - LEGACY_IPOD_SERVICE
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\irda.sys - Protocole IrDA (irda) .(.Microsoft Corporation - IRDA Protocol Driver.) - LEGACY_IRDA
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Moniteur infrarouge (Irmon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_IRMON
O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS
O64 - Services: CurCS - C:\DOCUME~1\fierro\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\MpFilter.sys - Microsoft Malware Protection Driver (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER
O64 - Services: CurCS - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFC86AD2-F4E1-4572-937D-FCDCAC6BB556}\MpKsl0e9ca3f3.sys - MpKsl0e9ca3f3 (MpKsl0e9ca3f3) .(.Microsoft Corporation - KSLDriver
O64 - Services: CurCS - (.not file.) - MpKsl27fc8052 (MpKsl27fc8052) .(...) - LEGACY_MPKSL27FC8052
O64 - Services: CurCS - (.not file.) - MpKsl3273fa61 (MpKsl3273fa61) .(...) - LEGACY_MPKSL3273FA61
O64 - Services: CurCS - (.not file.) - MpKsl349274f9 (MpKsl349274f9) .(...) - LEGACY_MPKSL349274F9
O64 - Services: CurCS - (.not file.) - MpKsl6be749e5 (MpKsl6be749e5) .(...) - LEGACY_MPKSL6BE749E5
O64 - Services: CurCS - (.not file.) - MpKsl774fbc2c (MpKsl774fbc2c) .(...) - LEGACY_MPKSL774FBC2C
O64 - Services: CurCS - (.not file.) - MpKsl8027b156 (MpKsl8027b156) .(...) - LEGACY_MPKSL8027B156
O64 - Services: CurCS - (.not file.) - MpKslc8d22358 (MpKslc8d22358) .(...) - LEGACY_MPKSLC8D22358
O64 - Services: CurCS - (.not file.) - MpKslc93980e4 (MpKslc93980e4) .(...) - LEGACY_MPKSLC93980E4
O64 - Services: CurCS - (.not file.) - MpKslcb90be2b (MpKslcb90be2b) .(...) - LEGACY_MPKSLCB90BE2B
O64 - Services: CurCS - (.not file.) - MpKslcd6155c4 (MpKslcd6155c4) .(...) - LEGACY_MPKSLCD6155C4
O64 - Services: CurCS - (.not file.) - MpKsldc264e76 (MpKsldc264e76) .(...) - LEGACY_MPKSLDC264E76
O64 - Services: CurCS - (.not file.) - MpKslde14688d (MpKslde14688d) .(...) - LEGACY_MPKSLDE14688D
O64 - Services: CurCS - (.not file.) - MpKslf4646a05 (MpKslf4646a05) .(...) - LEGACY_MPKSLF4646A05
O64 - Services: CurCS - (.not file.) - MpKslfbbcf485 (MpKslfbbcf485) .(...) - LEGACY_MPKSLFBBCF485
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - Microsoft Antimalware Service (MsMpSvc) .(.Microsoft Corporation - Antimalware Service Executable.) - LEGACY_MSMPSVC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) - LEGACY_NVSVC
O64 - Services: CurCS - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe - Orange update Core Service (Orange update Core Service) .(...) - LEGACY_ORANGE_UPDATE_CORE_SERVICE
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe - Office Source Engine (ose) .(.Microsoft Corporation - Office Source Engine.) - LEGACY_OSE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM
O64 - Services: CurCS - C:\WINDOWS\system32\PCAMPR5.sys - PCAMPR5 NDIS Protocol Driver (PCAMPR5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMPR5
O64 - Services: CurCS - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(...) - LEGACY_PROCEXP113
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexion automatique d'accès distant (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Minipor
0
Réponse 14 / 82
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
16 mars 2011 à 20:50
yo :]

Hébergement de rapport sur pjjoint.malekal.com

▶ Rends toi sur pjjoint.malekal.com
▶ Clique sur le bouton Parcourir
▶ Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
▶ Clique sur le bouton Envoyer
▶ Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015 Copie le lien dans ta prochaine réponse.

@+ (bonne chasse Virus/C/C)
0
Réponse 15 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 20:53
voila c'est fait
avec tdsskiller le rapport dit aucun fichier infectes.
je suis sur mon pc jusqu'a environ 22h00 car apres je me couche car je bosse de nuit.
je serais de retour vers 13h00.
0
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
16 mars 2011 à 20:54
il nous faudrait ce lien sinon on aura du mal de lire ton rapport lol
0
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 21:06
c'es fait !!!!!
0
Réponse 16 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 20:57
https://pjjoint.malekal.com/files.php?id=518f75c67a12712
0
Réponse 17 / 82
Utilisateur anonyme
16 mars 2011 à 21:28
Salut

Merçi >> juju666 de ton intervention !!



redbull47 poste le rapport de tdsskiller


ensuite en attendant :



1) /!\ ZHPFix /!\


* ferme toutes les applications ouvertes.
* Copies tout le texte présent en gras dans l'encadré ci-dessous
*( tu le selectionnes avec ta souris >> Clique droit dessus et choisis "copier" ou fait Ctrl+C )

================================================================================


O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe




================================================================================

* Double Clique sur l'icone ZhpFix du bureau pour le lancer ( l icone en forme de seringue) .
* Utilisateurs de Windows7/Vista >> Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur"
* Une fois l'outil ZHPFix ouvert ,

* clique sur le bouton [ H ] ==> Image ( "coller les lignes Helper" ) .

* Dans l'encadré principal
* tu verras donc les lignes que tu as copié précédemment apparaitre .
* Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
* cliques >> OK puis
* Cliques sur >>Tous
* Pour finir clique sur >> Nettoyer .
* colle le rapport obtenu .

ensuite pour vérification :


2)* Desactive ton antivirus le temps de la manip

* Telecharge et install UsbFix (de El Desaparecido et C_XX )

>> UsbFix (de El Desaparecido et C_XX )

* Déconnectes toi et fermes toutes applications en cours
* Au message ==> Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix présent sur ton bureau .
* Choisi >> l option Recherche
* Laisse travailler l outil.
* Ensuite poste le rapport UsbFix.txt qui apparaitra.
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )


* Réactive ton antivirus




Membre Contributeur sécurité CCM
0
Réponse 18 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
Modifié par redbull47 le 16/03/2011 à 21:57
Rapport de ZHPFix 1.12.3260 par Nicolas Coolman, Update du 11/03/2011
Fichier d'export Registre :
Run by fierro at 16/03/2011 21:43:17
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Valeur(s) du Registre ==========
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente


========== Récapitulatif ==========
2 : Valeur(s) du Registre


End of the scan
0
Réponse 19 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 21:51
############################## | UsbFix 7.042 | [Recherche]

Utilisateur: fierro (Administrateur) # ACER-9DEB84EBB9 [ ]
Mis à jour le 14/03/2011 par TeamXscript
Lancé à 21:51:11 | 16/03/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: AMD Sempron(tm) Processor 3200+
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Pare-feu Windows: Activé
Antivirus: Microsoft Security Essentials 3.0.8107.0 [(!) Disabled | Updated]
RAM -> 1982 Mo
C:\ (%systemdrive%) -> Disque fixe # 72 Go (51 Go libre(s) - 70%) [ACER] # FAT32
D:\ -> Disque fixe # 73 Go (3 Go libre(s) - 5%) [ACERDATA] # NTFS
E:\ -> CD-ROM

################## | Éléments infectieux |


Présent! C:\WINDOWS\system32\secushr.dat

################## | Registre |

Présent! HKLM\software\microsoft\shared tools\msconfig\startupreg\
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |
0
Réponse 20 / 82
redbull47 Messages postés 51 Date d'inscription mercredi 16 mars 2011 Statut Membre Dernière intervention 25 mars 2011
16 mars 2011 à 21:54
2011/03/16 20:43:53.0140 0832 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/16 20:43:53.0562 0832 ================================================================================
2011/03/16 20:43:53.0562 0832 SystemInfo:
2011/03/16 20:43:53.0562 0832
2011/03/16 20:43:53.0562 0832 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/16 20:43:53.0562 0832 Product type: Workstation
2011/03/16 20:43:53.0562 0832 ComputerName: ACER-9DEB84EBB9
2011/03/16 20:43:53.0562 0832 UserName: fierro
2011/03/16 20:43:53.0562 0832 Windows directory: C:\WINDOWS
2011/03/16 20:43:53.0562 0832 System windows directory: C:\WINDOWS
2011/03/16 20:43:53.0562 0832 Processor architecture: Intel x86
2011/03/16 20:43:53.0562 0832 Number of processors: 1
2011/03/16 20:43:53.0562 0832 Page size: 0x1000
2011/03/16 20:43:53.0562 0832 Boot type: Normal boot
2011/03/16 20:43:53.0562 0832 ================================================================================
2011/03/16 20:43:54.0140 0832 Initialize success
2011/03/16 20:43:58.0234 0224 ================================================================================
2011/03/16 20:43:58.0234 0224 Scan started
2011/03/16 20:43:58.0234 0224 Mode: Manual;
2011/03/16 20:43:58.0234 0224 ================================================================================
2011/03/16 20:43:59.0140 0224 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/16 20:43:59.0218 0224 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/03/16 20:43:59.0515 0224 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/16 20:43:59.0734 0224 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
2011/03/16 20:43:59.0812 0224 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/03/16 20:44:00.0359 0224 ALCXWDM (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/03/16 20:44:00.0671 0224 AmdK8 (62271ff14baa810323ac816c5d355ba9) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/03/16 20:44:00.0953 0224 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/03/16 20:44:01.0484 0224 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/16 20:44:01.0578 0224 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/16 20:44:01.0812 0224 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/16 20:44:01.0937 0224 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/16 20:44:02.0046 0224 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/16 20:44:02.0218 0224 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/16 20:44:02.0390 0224 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/16 20:44:02.0546 0224 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/16 20:44:02.0687 0224 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/16 20:44:02.0796 0224 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/16 20:44:03.0562 0224 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/16 20:44:03.0718 0224 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/16 20:44:03.0890 0224 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/16 20:44:03.0968 0224 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/16 20:44:04.0125 0224 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/16 20:44:04.0406 0224 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/16 20:44:04.0578 0224 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/16 20:44:04.0703 0224 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/03/16 20:44:04.0843 0224 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/16 20:44:05.0000 0224 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/03/16 20:44:05.0093 0224 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/16 20:44:05.0156 0224 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/16 20:44:05.0218 0224 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/16 20:44:05.0328 0224 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/03/16 20:44:05.0484 0224 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/16 20:44:05.0656 0224 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/16 20:44:05.0906 0224 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/16 20:44:06.0234 0224 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/16 20:44:06.0359 0224 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/16 20:44:06.0687 0224 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/16 20:44:06.0781 0224 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/16 20:44:06.0921 0224 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/16 20:44:07.0062 0224 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/16 20:44:07.0156 0224 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/16 20:44:07.0296 0224 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/03/16 20:44:07.0437 0224 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/16 20:44:07.0546 0224 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2011/03/16 20:44:07.0656 0224 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/16 20:44:07.0734 0224 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/16 20:44:07.0843 0224 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/16 20:44:07.0968 0224 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/16 20:44:08.0062 0224 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/16 20:44:08.0281 0224 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/16 20:44:08.0421 0224 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/16 20:44:08.0546 0224 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/16 20:44:08.0671 0224 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/16 20:44:08.0781 0224 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/16 20:44:08.0890 0224 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/03/16 20:44:09.0046 0224 MpKsl0e9ca3f3 (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFC86AD2-F4E1-4572-937D-FCDCAC6BB556}\MpKsl0e9ca3f3.sys
2011/03/16 20:44:09.0343 0224 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/16 20:44:09.0453 0224 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/16 20:44:09.0656 0224 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/16 20:44:09.0796 0224 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/16 20:44:09.0906 0224 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/16 20:44:10.0046 0224 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/16 20:44:10.0125 0224 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/16 20:44:10.0234 0224 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/16 20:44:10.0328 0224 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/16 20:44:10.0437 0224 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/16 20:44:10.0578 0224 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/16 20:44:10.0687 0224 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/16 20:44:10.0828 0224 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/16 20:44:10.0968 0224 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/16 20:44:11.0109 0224 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/16 20:44:11.0203 0224 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/16 20:44:11.0328 0224 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/16 20:44:11.0421 0224 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/16 20:44:11.0609 0224 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/03/16 20:44:11.0703 0224 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/16 20:44:11.0859 0224 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/16 20:44:11.0953 0224 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
2011/03/16 20:44:12.0031 0224 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/16 20:44:12.0265 0224 nv (9e1f2f09e34c92a96b9900b6a45d5026) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/16 20:44:12.0468 0224 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/03/16 20:44:12.0578 0224 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/03/16 20:44:12.0656 0224 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/16 20:44:12.0718 0224 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/16 20:44:12.0843 0224 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/03/16 20:44:12.0984 0224 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/03/16 20:44:13.0140 0224 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/16 20:44:13.0187 0224 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/16 20:44:13.0921 0224 PCAMPR5 (b670c5d89f0726b7a2a7dfb4e968cdf8) C:\WINDOWS\system32\PCAMPR5.SYS
2011/03/16 20:44:14.0609 0224 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS
2011/03/16 20:44:14.0734 0224 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/16 20:44:14.0937 0224 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/16 20:44:15.0078 0224 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/03/16 20:44:15.0968 0224 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/16 20:44:16.0062 0224 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/03/16 20:44:16.0187 0224 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/16 20:44:16.0250 0224 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/16 20:44:16.0359 0224 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/16 20:44:16.0968 0224 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/16 20:44:17.0078 0224 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/03/16 20:44:17.0203 0224 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/16 20:44:17.0328 0224 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/16 20:44:17.0390 0224 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/16 20:44:17.0484 0224 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/16 20:44:17.0531 0224 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/16 20:44:17.0687 0224 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/16 20:44:17.0828 0224 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/16 20:44:18.0078 0224 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/16 20:44:18.0296 0224 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/03/16 20:44:18.0406 0224 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/03/16 20:44:18.0578 0224 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/16 20:44:18.0859 0224 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/16 20:44:19.0000 0224 snpstd2 (7fc5b8e9581e543fb42fb8dcde3132e2) C:\WINDOWS\system32\DRIVERS\snpstd2.sys
2011/03/16 20:44:19.0234 0224 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/16 20:44:19.0359 0224 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/16 20:44:19.0468 0224 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/16 20:44:19.0609 0224 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/16 20:44:19.0750 0224 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/16 20:44:19.0875 0224 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/16 20:44:20.0484 0224 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/16 20:44:20.0640 0224 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/16 20:44:20.0750 0224 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/16 20:44:20.0859 0224 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/16 20:44:20.0984 0224 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/16 20:44:21.0250 0224 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
2011/03/16 20:44:21.0390 0224 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/16 20:44:21.0687 0224 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/16 20:44:21.0828 0224 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/03/16 20:44:21.0921 0224 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/16 20:44:22.0078 0224 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/16 20:44:22.0203 0224 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/16 20:44:22.0312 0224 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/03/16 20:44:22.0421 0224 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/16 20:44:22.0546 0224 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/16 20:44:22.0671 0224 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/16 20:44:22.0828 0224 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/16 20:44:23.0328 0224 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/16 20:44:23.0453 0224 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/16 20:44:23.0703 0224 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/16 20:44:23.0937 0224 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/16 20:44:24.0140 0224 ================================================================================
2011/03/16 20:44:24.0140 0224 Scan finished
2011/03/16 20:44:24.0140 0224 ================================================================================
2011/03/16 20:45:01.0484 2008 Deinitialize success
0

Discussions similaires

recherche d'u
mimi -
brucine -

1 réponse
Avertissement de redirection Google image
Gui² -
gthfgfd,rsjthdgs -

2 réponses
Erreur de déplacement du répertoire "Mes documents"
Jim951 -
Ansmix -

22 réponses
redirection dangereuse
DM -
MPMP10 -

2 réponses
Transfert email FREE
Starsky -
ppppplllll -

26 réponses