Redirection gomeo/topprixnet

Résolu
redbull47 Messages postés 53 Statut Membre -  
 Utilisateur anonyme -
Bonjour, depuis quelque jours dans le moteur de recherche google je suis parfois
rediriger vers gomeo ou topprixnet.
mon antivirus (microsoft security essentials) ne trouvent rien,pas plus que malwares bytes (avec mises a jour).
si quelqu'un peut m'aider ca serait vraiment sympa.
merci par avance!!!!!!!!!!

82 réponses

  • 1
  • 2
  • 3
  • 4
  • 5
Résumé de la discussion

Des redirections dans Google vers gomeo ou topprixnet surviennent sur Windows XP avec Internet Explorer 8, alors que l'antivirus Microsoft Security Essentials ne les repère pas. Plusieurs réponses proposent des outils de nettoyage et des rapports détaillés, notamment ZHPFix et UsbFix, ainsi que OTM, afin de repérer et supprimer des clés de registre et fichiers malveillants. Des étapes concrètes proposent d'exécuter les outils en administrateur, de supprimer des clés Run et des services indésirables et de générer des rapports à utiliser pour le nettoyage. D'autres propositions recommandent des vérifications complémentaires, telles que SFC/scannow et des nettoyages plus généraux, ainsi que la vérification des programmes démarrés et des journaux système, sans conclure à une résolution immédiate.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    Salut

    * Télécharge ZHPDiag (de Nicolas coolman)

    ICI >> ZHPDiag (de Nicolas coolman)

    * Une fois le téléchargement achevé,
    * double clique sur ZHPDiag.exe et suis les instructions.
    * /!\Utilisateurs de Windows Vista et Windows 7
    >> Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
    * Laisse toi guider lors de l'installation,
    * coche >> créer une icône sur le bureau
    * il se lancera automatiquement à la fin.
    * Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
    * Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
    * Héberge le rapport sur ce site,
    >> Cijoint.fr
    * puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

    * Pour t aider ,pour heberger le rapport
    * rends toi sur Cijoint.fr
    * clic sur Parcourir
    * trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
    * et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
    * un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
    * il te suffit de le poster ici pour que je puisse voir le rapport

    Membre Contributeur sécurité CCM
    0
  2. redbull47 Messages postés 53 Statut Membre
     
    merci pour ta reponse!!
    pour infos je n'arrive pas a faire la mise a jour microsoft security ni rentrer dans windows update.
    par contre j'espere que tu es patient car je ne suis pas expert
    allez je me lance......
    0
  3. redbull47 Messages postés 53 Statut Membre
     
    quand je clique sur deposer le dossier une page s'ouvre et me dit que internet explorer ne peut pas afficher cette page?????????
    0
  4. Utilisateur anonyme
     
    Re

    * * Sinon tu postes le rapport en plusieurs parties >> mais en Entier >( Copié/Collé )

    Membre Contributeur sécurité CCM
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. redbull47 Messages postés 53 Statut Membre
     
    c'est a dire,comment je procede??
    0
  7. redbull47 Messages postés 53 Statut Membre
     
    Rapport de ZHPDiag v1.27.1704 par Nicolas Coolman, Update du 15/03/2011
    Run by fierro at 16/03/2011 16:08:22
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    Contact : nicolascoolman@yahoo.fr

    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

    ---\\ System Information
    Windows XP Home Edition Service Pack 3 (Build 2600)
    Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
    Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1982 MB (66% free)
    System Restore: Activé (Enable)
    System drive C: has 50 GB (69%) free of 72 GB

    ---\\ Logged in mode
    Computer Name: ACER-9DEB84EBB9
    User Name: fierro
    All Users Names: SUPPORT_388945a0, HelpAssistant, fierro, ASPNET, Administrateur,
    Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    %AppData%=C:\Documents and Settings\fierro\Application Data
    %LocalAppData%=C:\Documents and Settings\fierro\Local Settings\Application Data
    %StartMenu%=C:\Documents and Settings\fierro\Menu Démarrer

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 72 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 73 Go)
    E:\ CD-ROM drive (Not Inserted)
    F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

    ---\\ Recherche particulière de fichiers génériques
    [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:04.) -- C:\Windows\Explorer.exe [1037824]
    [MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480]
    [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
    [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
    [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:54.) -- C:\Windows\System32\drivers\ntfs.sys [574976]

    ---\\ Processus lancés
    [MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736]
    [MD5.82D8578CB09F4ED668DDD76525D6C1B7] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [90112]
    [MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768]
    [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\RUNDLL32.EXE [33792]
    [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
    [MD5.1E61596140EC9CCA62E3A7A6AB51159A] - (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe [286720]
    [MD5.F3D1C0E1A84B1295BC6401D686964E95] - (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe [114688]
    [MD5.65CB183CB14A048ECEA5330994307AE0] - (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe [425984]
    [MD5.7622F75E151910EF7355122A8438C899] - (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe [393216]
    [MD5.407811B64B588FE80FA2E27E783B41EA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
    [MD5.3588AFA5623BB8844F71F271A7A96669] - (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [634368]
    [MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552]
    [MD5.9AD31D8018B72E1013CFD012619E0232] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [182272]
    [MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112]
    [MD5.20BC7169B76BFD41CA21B3B82D501922] - (.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [438272]
    [MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672]
    [MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
    [MD5.B0C9FFF54F16DF2012F53A34736A0975] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632]
    [MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
    [MD5.ABC9091B6D438381DBACFD1A82E0C0EA] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe [282624]
    [MD5.682DB04704A74F228A080B31003B6FC6] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe [974848]
    [MD5.0B24AB7CC5B7ED2AA7F438A4072459F4] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) -- C:\WINDOWS\system32\nvsvc32.exe [131139]
    [MD5.CAF2CCB6E9F5FDBE99EE8904EB9DC506] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe [495616]
    [MD5.32CDEDD15E2D1A557CD54552AE78FF86] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008]
    [MD5.8E884B0A19679340BFFF5C157075D6B5] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe [53248]
    [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
    [MD5.6DFF20574CE7A0FEAEBC40DB4423848A] - (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe [2385456]
    [MD5.008020C8CF84F34FAD3B71EF61EA50F8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [639488]

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
    P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
    P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
    R0 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
    R1 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

    ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} . (.Trend Media Group - FlashGet Browser Helper Object.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\FlashGetBHO3.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} . (.Orange - IE Toolbar Container.) -- C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

    ---\\ ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [LaunchApp] Clé orpheline
    O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe
    O4 - HKLM\..\Run: [ntiMUI] . (...) -- c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
    O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
    O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
    O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
    O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
    O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe
    O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    O4 - HKLM\..\Run: [SNPSTD2] . (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe
    O4 - HKLM\..\Run: [AspireService] . (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] . (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
    O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKCU\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
    O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
    O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
    O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [EPSON Stylus DX7400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.exe

    ---\\ ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2008.lnk . (.TuneUp Software GmbH.) -- C:\Program Files\TuneUp Utilities 2008\Integrator.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: Download all by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
    O8 - Extra context menu item: Download by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
    O8 - Extra context menu item: ????3?? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
    O8 - Extra context menu item: ????3?????? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
    O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
    O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
    O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
    O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
    O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
    O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
    O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

    ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: (Acer Media Server) . (.Acer Inc. - Acer UPnP Media Server Service.) - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: (Orange update Core Service) . (...) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
    O23 - Service: (TuneUp.Defrag) . (.TuneUp Software GmbH - TuneUp Drive Defrag-Dienst.) - C:\WINDOWS\System32\TuneUpDefragService.exe

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.)

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job

    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
    O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\System32\DRIVERS\AmdK8.sys
    O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
    O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
    O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
    O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
    O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
    O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
    O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
    O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys
    O41 - Driver: (MpKsl774fbc2c) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3FF76A8D-F76E-4ABE-90CA-AAF8E84672AF}\MpKsl774fbc2c.sys
    O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
    O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
    O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys
    O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
    O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
    O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
    O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
    O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
    O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
    O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

    ---\\ Logiciels installés (O42)
    O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
    O42 - Logiciel: Acer eConsole - (.Pas de propriétaire.) [HKLM] -- {EC028E6B-F3F1-4192-B63E-A7C97302ED5A}
    O42 - Logiciel: Acer eMode Management - (.Pas de propriétaire.) [HKLM] -- {65CDEC30-4BF4-48FB-8059-9FC480E4E94F}
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
    O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
    O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
    O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
    O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
    O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    O42 - Logiciel: Athlon 64 Processor Driver - (.Pas de propriétaire.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
    O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
    O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
    O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Pas de propriétaire.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}
    O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite
    O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
    O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
    O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
    O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
    O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
    O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
    O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
    O42 - Logiciel: EPSON Easy Photo Print - (.Pas de propriétaire.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}
    O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
    O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
    O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
    O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
    O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation
    O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
    O42 - Logiciel: FlashGet 3.5 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet 3.5
    O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
    O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
    O42 - Logiciel: J2SE Runtime Environment 5.0 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150050}
    O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}
    O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
    O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
    O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
    O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
    O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
    O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}
    O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
    O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
    O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
    O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}
    O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
    O42 - Logiciel: NTI Backup NOW! 4 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}
    O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
    O42 - Logiciel: NTI HomeVideo-Maker - (.ArcSoft.) [HKLM] -- {B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}
    O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
    O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier
    O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager
    O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
    O42 - Logiciel: PowerDVD - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
    O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
    O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
    O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
    O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    O42 - Logiciel: TuneUp Utilities 2008 - (.TuneUp Software.) [HKLM] -- {5888428E-699C-4E71-BF71-94EE06B497DA}
    O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] -- VLC media player
    O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
    O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
    O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
    O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
    O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
    O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM] -- OrangeToolbarFR
    O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\ABBYY]
    [HKCU\Software\Adobe]
    [HKCU\Software\Apple Computer, Inc.]
    [HKCU\Software\Apple Inc.]
    [HKCU\Software\Classes]
    [HKCU\Software\Cyberlink]
    [HKCU\Software\DivXNetworks]
    [HKCU\Software\EPSON]
    [HKCU\Software\FlashGet Network]
    [HKCU\Software\IM Providers]
    [HKCU\Software\Intel]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\Lake]
    [HKCU\Software\Local AppWizard-Generated Applications]
    [HKCU\Software\Macromedia]
    [HKCU\Software\Malwarebytes' Anti-Malware]
    [HKCU\Software\NVIDIA Corporation]
    [HKCU\Software\Netscape]
    [HKCU\Software\ODBC]
    [HKCU\Software\Orange]
    [HKCU\Software\Piriform]
    [HKCU\Software\Policies]
    [HKCU\Software\SEIKO EPSON]
    [HKCU\Software\Symantec]
    [HKCU\Software\Trolltech]
    [HKCU\Software\TuneUp]
    [HKCU\Software\VB and VBA Program Settings]
    [HKCU\Software\WinRAR SFX]
    [HKCU\Software\WinRAR]
    [HKCU\Software\YahooPartnerToolbar]
    [HKCU\Software\kde.org]
    [HKLM\Software\ABBYY]
    [HKLM\Software\AMD]
    [HKLM\Software\Adobe]
    [HKLM\Software\Apple Computer, Inc.]
    [HKLM\Software\Apple Inc.]
    [HKLM\Software\ArcSoft]
    [HKLM\Software\BrowserChoice]
    [HKLM\Software\C07ft5Y]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\CyberLink]
    [HKLM\Software\DivXNetworks]
    [HKLM\Software\EPSON]
    [HKLM\Software\FRANCE TELECOM]
    [HKLM\Software\FlashGet Network]
    [HKLM\Software\GEAR Software]
    [HKLM\Software\Gemplus]
    [HKLM\Software\Google]
    [HKLM\Software\InstallShield]
    [HKLM\Software\Intel]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\Lake]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Malwarebytes' Anti-Malware]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\NVIDIA Corporation]
    [HKLM\Software\NewTech Infosystems]
    [HKLM\Software\ODBC]
    [HKLM\Software\Orange]
    [HKLM\Software\Piriform]
    [HKLM\Software\Policies]
    [HKLM\Software\Program Groups]
    [HKLM\Software\Realtek Semiconductor Corp.]
    [HKLM\Software\Realtek]
    [HKLM\Software\Schlumberger]
    [HKLM\Software\Secure]
    [HKLM\Software\SymNRT]
    [HKLM\Software\TrendMicro]
    [HKLM\Software\TuneUp]
    [HKLM\Software\VideoLAN]
    [HKLM\Software\Windows 3.1 Migration Status]
    [HKLM\Software\acer]
    [HKLM\Software\muvee Technologies]
    0
  8. Utilisateur anonyme
     
    Re

    tu sais faire un copié//Collé

    *ICI >> copier-coller

    Si "oui " tu copies et colles environ la moitié du rapport de ZHPDiag dans ta prochaine réponse

    Ensuite tu copies/colles l'autre moitié dans un autre message !!

    @+

    Membre Contributeur sécurité CCM
    0
  9. redbull47 Messages postés 53 Statut Membre
     
    je n'arrive plus a coller la suite meme en la reduisant
    je ne comprends pas !!!!!!!!!
    0
  10. Utilisateur anonyme
     
    Re

    Lis bien !!!!!!!!!!!

    1) * Télécharge Defogger (de jpshortstuff) sur ton Bureau
    ICI >> Defogger (de jpshortstuff)
    * Lance le
    * Pour Windows Vista et Windows 7,
    * faire un clic droit et >> Exécuter en tant qu'administrateur.
    * Une fenêtre apparait : clique sur "Disable"
    * Fais redémarrer l'ordinateur si l'outil te le demande

    ensuite

    ensuite

    2) Télécharge Winsockxpfix
    ICI Winsockxpfix
    sur ton bureau sans l executer au cas tu en aurai besoin aprés tu le télécharges mais ne l éxécute pas sauf si besoin aprés Combofix)

    aprés

    /!\ Il faut IMPERATIVEMENT désactiver tous tes logiciels de protection(antivirus , antispyware )pour utiliser ce programme/!\

    2) * Télécharge ComboFix (de sUBs) .
    * sur ton bureau et pas ailleurs

    * ICI >> ComboFix (de sUBs)
    * Ferme toutes les fenêtres ouvertes

    /!\ Déconnecte-toi du net/!\

    * Double clique >> sur ComboFix.exe afin de le lancer

    * Tapes sur la touche1 pour démarrer le scan et suis les instructions indiquées par combofix.

    ** tu es sous Windows XP, il va te demander d'installer la console de récupération : tu dois absolument accepter.

    ** si il te propose de l'installer remets provisoirement internet

    * /!\ Déconnecte-toi du net aprés l installation /!\

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. /!\
    /!\ (ne touche a rien pendant que l'outil travaille pour ne pas figer ton pc)/!\


    * Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    si ta connexion internet n'est plus active après le redémarrage

    Windows XP ==>Fais un double clic sur le fichier de WinsockXPFix
    clique sur "Fix"

    au cas faudra faire une réparation manuelle image ci dessous
    réparation manuelle >> Image

    * PS >> Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

    Membre Contributeur sécurité CCM
    0
  11. redbull47 Messages postés 53 Statut Membre
     
    ComboFix 11-03-16.01 - fierro 16/03/2011 19:27:01.1.1 - FAT32x86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1982.1533 [GMT 1:00]
    Lancé depuis: c:\downloads\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\system32\ATHPRXY(2).DLL
    .
    .
    \\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-02-16 au 2011-03-16 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-03-16 18:20 . 2011-02-23 08:35 5943120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C6CF80E5-9E1B-49EE-8798-A00DE92CB3F3}\mpengine.dll
    2011-03-16 15:09 . 2011-03-16 15:09 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2011-03-16 15:07 . 2011-03-16 15:07 -------- d-----w- c:\program files\ZHPDiag
    2011-03-16 14:30 . 2011-03-16 14:30 -------- d-----w- c:\program files\Fichiers communs\Adobe
    2011-03-15 18:10 . 2011-03-15 18:10 -------- d-----w- c:\windows\Sun
    2011-03-15 17:32 . 2002-07-25 16:06 282624 ----a-w- c:\program files\Fichiers communs\InstallShield\UpdateService\agent.exe
    2011-03-15 17:31 . 2011-03-15 17:31 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL
    2011-03-15 17:29 . 2011-03-15 17:29 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
    2011-03-15 17:26 . 2006-10-30 23:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
    2011-03-15 17:26 . 2006-10-19 23:10 80024 ----a-w- c:\windows\system32\PICSDK.dll
    2011-03-15 17:26 . 2006-10-19 23:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll
    2011-03-15 17:26 . 2006-10-19 23:10 108704 ----a-w- c:\windows\system32\PICEntry.dll
    2011-03-15 17:26 . 2006-10-30 23:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
    2011-03-15 17:26 . 2011-03-15 17:26 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
    2011-03-15 17:26 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
    2011-03-15 17:26 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCDE.DLL
    2011-03-15 17:26 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCDE.DLL
    2011-03-15 17:26 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
    2011-03-15 17:26 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
    2011-03-15 17:24 . 2011-03-15 17:24 -------- d-----w- c:\program files\epson
    2011-03-15 17:24 . 2007-03-26 23:00 67072 ----a-w- c:\windows\system32\escwiad.dll
    2011-03-15 12:46 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
    2011-03-15 12:46 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
    2011-03-14 17:53 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
    2011-03-14 17:53 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
    2011-03-14 17:51 . 2011-03-14 17:51 -------- d-----w- c:\windows\SHELLNEW
    2011-03-14 17:48 . 2011-03-14 17:48 -------- d-----r- C:\MSOCache
    2011-03-14 17:23 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-03-14 17:23 . 2011-03-14 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2011-03-14 17:23 . 2011-03-14 17:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-03-14 17:23 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-14 13:00 . 2011-03-14 13:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
    2011-03-14 12:35 . 2011-03-14 12:35 -------- d-----w- c:\windows\system32\wbem\Repository
    2011-03-13 19:00 . 2011-03-13 19:00 -------- d-----w- c:\windows\$XNTUninstall643$
    2011-03-13 18:48 . 2011-03-13 18:48 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
    2011-03-13 13:38 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
    2011-03-13 13:38 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
    2011-03-13 13:38 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
    2011-03-13 13:37 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
    2011-03-13 13:33 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe
    2011-03-13 13:30 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
    2011-03-13 10:55 . 2011-03-13 10:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
    2011-03-13 08:28 . 2011-03-13 08:28 -------- d-----w- c:\program files\CCleaner
    2011-03-13 08:26 . 2011-03-13 08:26 -------- d-----w- C:\Downloads
    2011-03-13 06:37 . 2011-03-13 06:37 -------- d-----r- c:\documents and settings\NetworkService\Favoris
    2011-03-12 19:12 . 2011-03-12 19:12 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2011-03-12 19:12 . 2011-03-12 19:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-03-12 19:07 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-03-12 19:02 . 2011-03-12 19:02 -------- d-----w- c:\program files\Microsoft Security Client
    2011-03-12 18:46 . 2011-03-12 18:46 -------- d-----w- c:\windows\system32\fr
    2011-03-12 18:46 . 2011-03-12 18:46 -------- d-----w- c:\windows\system32\bits
    2011-03-12 18:46 . 2011-03-12 18:46 -------- d-----w- c:\windows\l2schemas
    2011-03-12 18:42 . 2011-03-12 18:42 -------- d-----w- c:\windows\EHome
    2011-03-12 18:39 . 2004-08-03 21:41 13776 ------w- c:\windows\system32\drivers\recagent.sys
    2011-03-12 18:28 . 2011-03-12 18:28 -------- d-----w- c:\windows\system32\LogFiles
    2011-03-12 18:20 . 2011-03-12 18:20 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2011-03-12 18:19 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
    2011-03-12 18:19 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
    2011-03-12 18:18 . 2010-02-24 13:11 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys
    2011-03-12 18:18 . 2010-08-26 13:39 357248 ------w- c:\windows\system32\dllcache\srv.sys
    2011-03-12 18:17 . 2010-08-27 08:02 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
    2011-03-12 18:17 . 2009-10-15 16:32 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
    2011-03-12 18:17 . 2009-11-21 15:58 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
    2011-03-12 18:14 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\drivers\bthport.sys
    2011-03-12 18:14 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\dllcache\bthport.sys
    2011-03-12 18:14 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
    2011-03-12 17:52 . 2011-03-12 17:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Orange
    2011-03-12 17:32 . 2009-08-24 11:22 65536 ----a-w- c:\windows\system32\Autodial2000.dll
    2011-03-12 17:32 . 2009-08-24 11:22 94208 ----a-w- c:\windows\system32\w32n50.dll
    2011-03-12 17:32 . 2009-08-24 11:22 34688 ----a-w- c:\windows\system32\pcampr5.sys
    2011-03-12 17:32 . 2009-08-24 11:22 32128 ----a-w- c:\windows\system32\pcandis5.sys
    2011-03-12 17:32 . 2011-03-12 17:32 -------- d-----w- c:\program files\Orange
    2011-03-12 17:32 . 2011-03-12 17:32 -------- d-----w- c:\program files\Fichiers communs\France Telecom
    2011-03-12 16:30 . 2011-03-12 16:30 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
    2011-03-12 16:25 . 2011-03-12 16:25 -------- d-----w- c:\program files\MSXML 6.0
    2011-03-12 16:13 . 2011-03-12 16:13 -------- d--h--w- c:\windows\msdownld.tmp
    2011-03-12 16:11 . 2011-03-12 16:11 307968 ----a-w- c:\windows\system32\TuneUpDefragService.exe
    2011-03-12 16:11 . 2008-02-27 12:15 28416 ----a-w- c:\windows\system32\uxtuneup.dll
    2011-03-12 16:11 . 2011-03-12 16:11 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
    2011-03-12 16:11 . 2011-03-12 16:11 -------- d-----w- c:\program files\TuneUp Utilities 2008
    2011-03-12 16:11 . 2011-03-12 16:11 -------- d--h--w- c:\windows\ie8
    2011-03-12 16:11 . 2011-03-12 16:11 -------- d-----w- c:\windows\system32\fr-FR
    2011-03-12 16:10 . 2011-03-12 16:11 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
    2011-03-12 16:10 . 2011-03-12 16:10 -------- d-----w- c:\program files\Microsoft
    2011-03-12 16:09 . 2011-03-12 16:09 -------- d-----w- c:\program files\Windows Live SkyDrive
    2011-03-12 16:08 . 2011-03-12 16:08 -------- d-----w- c:\program files\Windows Live
    2011-03-12 16:06 . 2010-07-16 12:04 221696 ------w- c:\windows\system32\dllcache\wordpad.exe
    2011-03-12 16:06 . 2010-12-20 23:53 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
    2011-03-12 16:06 . 2010-12-20 23:53 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
    2011-03-12 16:06 . 2010-12-20 23:53 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
    2011-03-12 16:06 . 2010-12-20 23:53 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
    2011-03-12 16:06 . 2010-12-20 23:53 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
    2011-03-12 16:06 . 2010-12-20 23:53 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
    2011-03-12 16:06 . 2010-12-21 04:23 11080704 ------w- c:\windows\system32\dllcache\ieframe.dll
    2011-03-12 16:05 . 2011-03-12 16:05 -------- d-----w- c:\program files\Fichiers communs\Windows Live
    2011-03-12 15:58 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2011-03-12 15:58 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
    2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\program files\iPod
    2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\program files\iTunes
    2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
    2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
    2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
    2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
    2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
    2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
    2011-03-12 15:57 . 2011-03-12 15:57 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
    2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\program files\QuickTime
    2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
    2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\program files\Apple Software Update
    2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\windows\system32\DRVSTORE
    2011-03-12 15:56 . 2011-03-12 15:56 -------- d-----w- c:\program files\Bonjour
    2011-03-12 15:55 . 2011-03-12 15:55 -------- d-----w- c:\program files\Fichiers communs\Apple
    2011-03-12 15:55 . 2011-03-12 15:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
    2011-03-12 15:50 . 2011-03-12 15:50 -------- d-----w- c:\program files\FlashGet Network
    2011-03-12 15:50 . 2011-03-12 15:50 -------- d-----w- c:\program files\VideoLAN
    2011-03-12 15:45 . 2009-05-07 15:33 348672 ------w- c:\windows\system32\dllcache\localspl.dll
    2011-03-12 15:45 . 2009-12-17 07:41 347648 ------w- c:\windows\system32\dllcache\mspaint.exe
    2011-03-12 15:43 . 2008-04-14 02:33 221184 ----a-w- c:\windows\system32\wmpns.dll
    2011-03-12 15:42 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys
    2011-03-12 15:41 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
    2011-03-12 15:41 . 2008-04-14 02:34 16384 ----a-w- c:\windows\system32\ipsink.ax
    2011-03-12 15:41 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
    2011-03-12 15:41 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\slip.sys
    2011-03-12 15:41 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-02-09 13:54 . 2004-08-05 04:00 270848 ----a-w- c:\windows\system32\sbe.dll
    2011-02-09 13:54 . 2004-08-05 04:00 186880 ----a-w- c:\windows\system32\encdec.dll
    2011-02-02 07:59 . 2004-08-05 04:00 2067456 ----a-w- c:\windows\system32\mstscax.dll
    2011-01-27 11:57 . 2004-08-05 04:00 677888 ----a-w- c:\windows\system32\mstsc.exe
    2011-01-21 14:44 . 2004-08-05 04:00 441344 ----a-w- c:\windows\system32\shimgvw.dll
    2011-01-07 14:09 . 2004-08-05 04:00 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-12-31 14:04 . 2005-03-02 18:07 1855104 ----a-w- c:\windows\system32\win32k.sys
    2010-12-22 12:34 . 2005-06-15 17:50 301568 ----a-w- c:\windows\system32\kerberos.dll
    2010-12-20 23:53 . 2005-07-03 02:16 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-12-20 23:53 . 2004-08-05 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-12-20 23:53 . 2004-08-05 04:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-12-20 17:26 . 2004-10-28 01:24 736768 ----a-w- c:\windows\system32\lsasrv.dll
    2010-12-20 12:55 . 2004-08-05 04:00 385024 ----a-w- c:\windows\system32\html.iec
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\FlashGet3.exe" [2010-05-11 2385456]
    "MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2010-11-04 634368]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" [X]
    "SoundMan"="SOUNDMAN.EXE" [2005-09-22 90112]
    "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-10-10 7286784]
    "nwiz"="nwiz.exe" [2005-10-10 1519616]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-10-10 86016]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-08-30 286720]
    "AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 114688]
    "MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 425984]
    "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-10-31 393216]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
    "ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-24 135920]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Orange\\Connexion Internet Orange\\Connectivity\\ConnectivityManager.exe"=
    "c:\\Program Files\\Orange\\OrangeUpdate\\Service\\OUCore.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    .
    S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [14/06/2010 13:39 1053424]
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
    .
    2011-03-16 c:\windows\Tasks\Maintenance en 1 clic.job
    - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-27 17:00]
    .
    2011-03-16 c:\windows\Tasks\MpIdleTask.job
    - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
    .
    2011-03-16 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.orange.fr/portail
    IE: Download all by FlashGet3 - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
    IE: Download by FlashGet3 - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: ????3?? - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
    IE: ????3?????? - c:\documents and settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    AddRemove-HijackThis - c:\documents and settings\fierro\Local Settings\Temporary Internet Files\Content.IE5\BW7F8659\HijackThis.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-03-16 19:31
    Windows 5.1.2600 Service Pack 3 FAT NTAPI
    .
    Recherche de processus cachés ...
    .
    Recherche d'éléments en démarrage automatique cachés ...
    .
    Recherche de fichiers cachés ...
    .
    Scan terminé avec succès
    Fichiers cachés: 0
    .
    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_USERS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f 3*N} ]
    @="c:\\Documents and Settings\\fierro\\Application Data\\FlashGetBHO\\GetUrl.htm"
    "contexts"=dword:00000022
    .
    [HKEY_USERS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f 3*N} hQè þ"¥c]
    @="c:\\Documents and Settings\\fierro\\Application Data\\FlashGetBHO\\GetAllUrl.htm"
    "contexts"=dword:000000f3
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    Heure de fin: 2011-03-16 19:32:16
    ComboFix-quarantined-files.txt 2011-03-16 18:32
    .
    Avant-CF: 53 597 929 472 octets libres
    Après-CF: 54 228 025 344 octets libres
    .
    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
    .
    - - End Of File - - 0EA0624C0FFDCE8C68636DA27EE070C2
    0
  12. Utilisateur anonyme
     
    Salut

    Trés bien c'est bien à quoi je pensais !!

    >>> !!!PhysicalDrive0 - Bootkit TDL4 was found and disinfected

    Pour vérification:

    1) TDSSKiller

    * Télécharge TDSSKiller ( de Kaspersky Labs ) sur ton bureau.

    >> ICI >> TDSSKiller

    * Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )

    * Clique sur [Start Scan] pour démarrer l'analyse.

    * Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]

    * Un rapport s'ouvrira au redémarrage du PC.

    * Copie/Colle son contenu dans ta prochaine réponse.

    Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.

    ensuite je pense que tu pourras faire ceci :

    2)* Poste un nouveau ZHPDiag

    * Héberge le rapport sur ce site,
    >> Cijoint.fr
    * puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

    * Pour t aider ,pour heberger le rapport
    * rends toi sur Cijoint.fr
    * clic sur Parcourir
    * trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
    * et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
    * un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
    * il te suffit de le poster ici pour que je puisse voir le rapport

    >> Entier si tu ne me donnes pas le lien !!

    Membre Contributeur sécurité CCM
    0
  13. redbull47 Messages postés 53 Statut Membre
     
    Rapport de ZHPDiag v1.27.1704 par Nicolas Coolman, Update du 15/03/2011
    Run by fierro at 16/03/2011 20:45:47
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    Contact : nicolascoolman@yahoo.fr

    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

    ---\\ System Information
    Windows XP Home Edition Service Pack 3 (Build 2600)
    Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
    Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1982 MB (71% free)
    System Restore: Activé (Enable)
    System drive C: has 51 GB (69%) free of 72 GB

    ---\\ Logged in mode
    Computer Name: ACER-9DEB84EBB9
    User Name: fierro
    All Users Names: SUPPORT_388945a0, HelpAssistant, fierro, ASPNET, Administrateur,
    Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    %AppData%=C:\Documents and Settings\fierro\Application Data
    %LocalAppData%=C:\Documents and Settings\fierro\Local Settings\Application Data
    %StartMenu%=C:\Documents and Settings\fierro\Menu Démarrer

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 51 Go of 72 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 73 Go)
    E:\ CD-ROM drive (Not Inserted)
    F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

    ---\\ Recherche particulière de fichiers génériques
    [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:04.) -- C:\Windows\Explorer.exe [1037824]
    [MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480]
    [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
    [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
    [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:54.) -- C:\Windows\System32\drivers\ntfs.sys [574976]

    ---\\ Processus lancés
    [MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736]
    [MD5.20BC7169B76BFD41CA21B3B82D501922] - (.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [438272]
    [MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672]
    [MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
    [MD5.B0C9FFF54F16DF2012F53A34736A0975] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632]
    [MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
    [MD5.0B24AB7CC5B7ED2AA7F438A4072459F4] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) -- C:\WINDOWS\system32\nvsvc32.exe [131139]
    [MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552]
    [MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112]
    [MD5.ABC9091B6D438381DBACFD1A82E0C0EA] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe [282624]
    [MD5.682DB04704A74F228A080B31003B6FC6] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe [974848]
    [MD5.CAF2CCB6E9F5FDBE99EE8904EB9DC506] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe [495616]
    [MD5.8E884B0A19679340BFFF5C157075D6B5] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe [53248]
    [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
    [MD5.6DFF20574CE7A0FEAEBC40DB4423848A] - (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\flashget3.exe [2385456]
    [MD5.008020C8CF84F34FAD3B71EF61EA50F8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [639488]

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
    P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
    P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
    R0 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
    R1 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll
    R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

    ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} . (.Trend Media Group - FlashGet Browser Helper Object.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\FlashGetBHO3.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} . (.Orange - IE Toolbar Container.) -- C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

    ---\\ ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [LaunchApp] Clé orpheline
    O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe
    O4 - HKLM\..\Run: [ntiMUI] . (...) -- c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
    O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
    O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
    O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
    O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
    O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe
    O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    O4 - HKLM\..\Run: [SNPSTD2] . (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe
    O4 - HKLM\..\Run: [AspireService] . (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] . (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
    O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKCU\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
    O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
    O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
    O4 - HKUS\S-1-5-21-2771552022-2225651995-1328987448-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

    ---\\ ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2008.lnk . (.TuneUp Software GmbH.) -- C:\Program Files\TuneUp Utilities 2008\Integrator.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Documents And Settings\fierro\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: Download all by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetAllUrl.htm
    O8 - Extra context menu item: Download by FlashGet3 . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fierro\Application Data\FlashGetBHO\GetUrl.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
    O8 - Extra context menu item: ????3?? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
    O8 - Extra context menu item: ????3?????? . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
    O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{9AEE9BCD-9500-43F4-89D9-2D72EF5B36E0}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
    O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
    O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
    O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
    O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
    O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
    O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
    O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

    ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: (Acer Media Server) . (.Acer Inc. - Acer UPnP Media Server Service.) - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: (Orange update Core Service) . (...) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
    O23 - Service: (TuneUp.Defrag) . (.TuneUp Software GmbH - TuneUp Drive Defrag-Dienst.) - C:\WINDOWS\System32\TuneUpDefragService.exe

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.)

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job

    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
    O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\System32\DRIVERS\AmdK8.sys
    O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
    O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
    O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
    O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
    O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
    O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
    O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
    O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys
    O41 - Driver: (MpKsl0e9ca3f3) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFC86AD2-F4E1-4572-937D-FCDCAC6BB556}\MpKsl0e9ca3f3.sys
    O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
    O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
    O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys
    O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
    O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
    O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
    O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
    O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
    O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
    O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

    ---\\ Logiciels installés (O42)
    O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
    O42 - Logiciel: Acer eConsole - (.Pas de propriétaire.) [HKLM] -- {EC028E6B-F3F1-4192-B63E-A7C97302ED5A}
    O42 - Logiciel: Acer eMode Management - (.Pas de propriétaire.) [HKLM] -- {65CDEC30-4BF4-48FB-8059-9FC480E4E94F}
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
    O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
    O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
    O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
    O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
    O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    O42 - Logiciel: Athlon 64 Processor Driver - (.Pas de propriétaire.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
    O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
    O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
    O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Pas de propriétaire.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}
    O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite
    O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
    O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
    O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
    O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
    O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
    O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
    O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
    O42 - Logiciel: EPSON Easy Photo Print - (.Pas de propriétaire.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}
    O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
    O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
    O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
    O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
    O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation
    O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
    O42 - Logiciel: FlashGet 3.5 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet 3.5
    O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
    O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
    O42 - Logiciel: J2SE Runtime Environment 5.0 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150050}
    O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}
    O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
    O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
    O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
    O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
    O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
    O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}
    O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
    O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
    O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
    O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}
    O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
    O42 - Logiciel: NTI Backup NOW! 4 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}
    O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
    O42 - Logiciel: NTI HomeVideo-Maker - (.ArcSoft.) [HKLM] -- {B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}
    O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
    O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier
    O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager
    O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
    O42 - Logiciel: PowerDVD - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
    O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
    O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
    O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
    O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    O42 - Logiciel: TuneUp Utilities 2008 - (.TuneUp Software.) [HKLM] -- {5888428E-699C-4E71-BF71-94EE06B497DA}
    O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] -- VLC media player
    O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
    O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
    O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
    O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
    O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
    O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM] -- OrangeToolbarFR
    O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\ABBYY]
    [HKCU\Software\Adobe]
    [HKCU\Software\Apple Computer, Inc.]
    [HKCU\Software\Apple Inc.]
    [HKCU\Software\Classes]
    [HKCU\Software\Cyberlink]
    [HKCU\Software\DivXNetworks]
    [HKCU\Software\EPSON]
    [HKCU\Software\FlashGet Network]
    [HKCU\Software\IM Providers]
    [HKCU\Software\Intel]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\Lake]
    [HKCU\Software\Local AppWizard-Generated Applications]
    [HKCU\Software\Macromedia]
    [HKCU\Software\Malwarebytes' Anti-Malware]
    [HKCU\Software\Mozilla]
    [HKCU\Software\NVIDIA Corporation]
    [HKCU\Software\Netscape]
    [HKCU\Software\ODBC]
    [HKCU\Software\Orange]
    [HKCU\Software\Piriform]
    [HKCU\Software\Policies]
    [HKCU\Software\SEIKO EPSON]
    [HKCU\Software\Symantec]
    [HKCU\Software\Sysinternals]
    [HKCU\Software\Trolltech]
    [HKCU\Software\TuneUp]
    [HKCU\Software\VB and VBA Program Settings]
    [HKCU\Software\Wget]
    [HKCU\Software\WinRAR SFX]
    [HKCU\Software\WinRAR]
    [HKCU\Software\YahooPartnerToolbar]
    [HKCU\Software\kde.org]
    [HKLM\Software\ABBYY]
    [HKLM\Software\AMD]
    [HKLM\Software\Adobe]
    [HKLM\Software\Apple Computer, Inc.]
    [HKLM\Software\Apple Inc.]
    [HKLM\Software\ArcSoft]
    [HKLM\Software\BrowserChoice]
    [HKLM\Software\C07ft5Y]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\CyberLink]
    [HKLM\Software\DivXNetworks]
    [HKLM\Software\EPSON]
    [HKLM\Software\FRANCE TELECOM]
    [HKLM\Software\FlashGet Network]
    [HKLM\Software\GEAR Software]
    [HKLM\Software\Gemplus]
    [HKLM\Software\Google]
    [HKLM\Software\InstallShield]
    [HKLM\Software\Intel]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\Lake]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Malwarebytes' Anti-Malware]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\NVIDIA Corporation]
    [HKLM\Software\NewTech Infosystems]
    [HKLM\Software\ODBC]
    [HKLM\Software\Orange]
    [HKLM\Software\Piriform]
    [HKLM\Software\Policies]
    [HKLM\Software\Program Groups]
    [HKLM\Software\Realtek Semiconductor Corp.]
    [HKLM\Software\Realtek]
    [HKLM\Software\Schlumberger]
    [HKLM\Software\Secure]
    [HKLM\Software\Swearware]
    [HKLM\Software\SymNRT]
    [HKLM\Software\TrendMicro]
    [HKLM\Software\TuneUp]
    [HKLM\Software\VideoLAN]
    [HKLM\Software\Windows 3.1 Migration Status]
    [HKLM\Software\acer]
    [HKLM\Software\muvee Technologies]

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 23/01/2005 - 11:52:02 - [346967275] ----D- C:\Program Files\Fichiers communs
    O43 - CFD: 23/01/2005 - 11:55:44 - [3942655] ----D- C:\Program Files\Windows NT
    O43 - CFD: 23/01/2005 - 11:55:44 - [19278399] ----D- C:\Program Files\MSN
    O43 - CFD: 23/01/2005 - 11:55:50 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
    O43 - CFD: 23/01/2005 - 11:55:52 - [2152579] ----D- C:\Program Files\Messenger
    O43 - CFD: 23/01/2005 - 11:55:58 - [3534189] ----D- C:\Program Files\Windows Media Player
    O43 - CFD: 23/01/2005 - 11:55:58 - [1712] ----D- C:\Program Files\Online Services
    O43 - CFD: 23/01/2005 - 11:56:26 - [0] ----D- C:\Program Files\ComPlus Applications
    O43 - CFD: 23/01/2005 - 11:56:44 - [5658831] ----D- C:\Program Files\Internet Explorer
    O43 - CFD: 23/01/2005 - 11:56:46 - [4379321] ----D- C:\Program Files\Outlook Express
    O43 - CFD: 23/01/2005 - 11:56:46 - [3285523] ----D- C:\Program Files\NetMeeting
    O43 - CFD: 23/01/2005 - 11:56:48 - [10374874] ----D- C:\Program Files\Movie Maker
    O43 - CFD: 23/01/2005 - 11:57:02 - [933] ----D- C:\Program Files\Services en ligne
    O43 - CFD: 23/01/2005 - 11:57:04 - [0] --H-D- C:\Program Files\WindowsUpdate
    O43 - CFD: 23/01/2005 - 11:58:12 - [0] ----D- C:\Program Files\microsoft frontpage
    O43 - CFD: 23/01/2005 - 11:58:12 - [0] ----D- C:\Program Files\xerox
    O43 - CFD: 23/01/2005 - 12:07:28 - [0] --H-D- C:\Program Files\Uninstall Information
    O43 - CFD: 23/01/2005 - 12:07:50 - [34590584] --H-D- C:\Program Files\InstallShield Installation Information
    O43 - CFD: 23/01/2005 - 12:07:52 - [39608612] ----D- C:\Program Files\Realtek AC97
    O43 - CFD: 23/01/2005 - 12:07:52 - [5479936] ----D- C:\Program Files\AvRack
    O43 - CFD: 23/01/2005 - 12:07:54 - [0] ----D- C:\Program Files\Realtek Sound Manager
    O43 - CFD: 23/01/2005 - 12:10:34 - [162858302] ----D- C:\Program Files\Adobe
    O43 - CFD: 23/01/2005 - 12:11:44 - [773954007] ----D- C:\Program Files\NewTech Infosystems
    O43 - CFD: 23/01/2005 - 12:13:06 - [96343958] ----D- C:\Program Files\CyberLink
    O43 - CFD: 23/01/2005 - 12:16:00 - [124948] ----D- C:\Program Files\AMD
    O43 - CFD: 12/03/2011 - 16:38:08 - [158546494] ----D- C:\Program Files\Java
    O43 - CFD: 12/03/2011 - 16:40:56 - [65597451] ----D- C:\Program Files\Acer
    O43 - CFD: 12/03/2011 - 16:49:18 - [57802016] ----D- C:\Program Files\DivX
    O43 - CFD: 12/03/2011 - 16:49:40 - [3718034] ----D- C:\Program Files\WinRAR
    O43 - CFD: 12/03/2011 - 16:50:06 - [75156207] ----D- C:\Program Files\VideoLAN
    O43 - CFD: 12/03/2011 - 16:50:40 - [16997157] ----D- C:\Program Files\FlashGet Network
    O43 - CFD: 12/03/2011 - 16:56:16 - [616779] ----D- C:\Program Files\Bonjour
    O43 - CFD: 12/03/2011 - 16:56:34 - [2306366] ----D- C:\Program Files\Apple Software Update
    O43 - CFD: 12/03/2011 - 16:56:46 - [76337719] ----D- C:\Program Files\QuickTime
    O43 - CFD: 12/03/2011 - 16:57:16 - [124813595] ----D- C:\Program Files\iTunes
    O43 - CFD: 12/03/2011 - 16:57:20 - [1856115] ----D- C:\Program Files\iPod
    O43 - CFD: 12/03/2011 - 17:08:26 - [45806173] ----D- C:\Program Files\Windows Live
    O43 - CFD: 12/03/2011 - 17:09:06 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
    O43 - CFD: 12/03/2011 - 17:10:02 - [226432] ----D- C:\Program Files\Microsoft
    O43 - CFD: 12/03/2011 - 17:11:30 - [33716731] ----D- C:\Program Files\TuneUp Utilities 2008
    O43 - CFD: 12/03/2011 - 17:25:54 - [6849] ----D- C:\Program Files\MSXML 6.0
    O43 - CFD: 12/03/2011 - 18:32:40 - [399049656] ----D- C:\Program Files\Orange
    O43 - CFD: 12/03/2011 - 19:20:52 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    O43 - CFD: 12/03/2011 - 20:02:38 - [18110254] ----D- C:\Program Files\Microsoft Security Client
    O43 - CFD: 13/03/2011 - 09:28:28 - [3653664] ----D- C:\Program Files\CCleaner
    O43 - CFD: 14/03/2011 - 18:23:26 - [4922239] ----D- C:\Program Files\Malwarebytes' Anti-Malware
    O43 - CFD: 14/03/2011 - 18:50:58 - [268918563] ----D- C:\Program Files\Microsoft Office
    O43 - CFD: 14/03/2011 - 18:50:58 - [315392] ----D- C:\Program Files\Microsoft.NET
    O43 - CFD: 15/03/2011 - 18:24:02 - [153246691] ----D- C:\Program Files\epson
    O43 - CFD: 15/03/2011 - 18:29:56 - [124428627] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
    O43 - CFD: 16/03/2011 - 16:07:56 - [3581811] ----D- C:\Program Files\ZHPDiag
    O43 - CFD: 23/01/2005 - 11:52:02 - [115601638] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
    O43 - CFD: 23/01/2005 - 11:52:02 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
    O43 - CFD: 23/01/2005 - 11:52:02 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
    O43 - CFD: 23/01/2005 - 11:56:44 - [19733999] ----D- C:\Program Files\Fichiers Communs\System
    O43 - CFD: 23/01/2005 - 11:56:50 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
    O43 - CFD: 23/01/2005 - 11:56:50 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
    O43 - CFD: 23/01/2005 - 12:05:36 - [13772500] ----D- C:\Program Files\Fichiers Communs\InstallShield
    O43 - CFD: 23/01/2005 - 12:11:48 - [11735040] ----D- C:\Program Files\Fichiers Communs\NewTech Infosystems
    O43 - CFD: 23/01/2005 - 12:12:04 - [6003080] ----D- C:\Program Files\Fichiers Communs\muvee Technologies
    O43 - CFD: 12/03/2011 - 16:38:06 - [28453991] ----D- C:\Program Files\Fichiers Communs\Java
    O43 - CFD: 12/03/2011 - 16:40:30 - [4324860] ----D- C:\Program Files\Fichiers Communs\ArcSoft
    O43 - CFD: 12/03/2011 - 16:55:56 - [80026250] ----D- C:\Program Files\Fichiers Communs\Apple
    O43 - CFD: 12/03/2011 - 17:05:42 - [34145223] ----D- C:\Program Files\Fichiers Communs\Windows Live
    O43 - CFD: 12/03/2011 - 17:11:00 - [14610432] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
    O43 - CFD: 12/03/2011 - 18:32:08 - [8113537] ----D- C:\Program Files\Fichiers Communs\France Telecom
    O43 - CFD: 14/03/2011 - 18:51:28 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER
    O43 - CFD: 16/03/2011 - 15:30:22 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
    O43 - CFD: 23/01/2005 - 12:07:30 - [0] ----D- C:\Documents and Settings\fierro\Application Data\Identities
    O43 - CFD: 23/01/2005 - 11:51:36 - [4289102] -S--D- C:\Documents and Settings\fierro\Application Data\Microsoft
    O43 - CFD: 12/03/2011 - 16:50:44 - [478841] ----D- C:\Documents and Settings\fierro\Application Data\FlashGetBHO
    O43 - CFD: 12/03/2011 - 16:50:48 - [9811] ----D- C:\Documents and Settings\fierro\Application Data\BITS
    O43 - CFD: 12/03/2011 - 16:50:50 - [48] ----D- C:\Documents and Settings\fierro\Application Data\FlashGet
    O43 - CFD: 12/03/2011 - 16:51:56 - [476284] ----D- C:\Documents and Settings\fierro\Application Data\vlc
    O43 - CFD: 12/03/2011 - 16:58:38 - [180387] ----D- C:\Documents and Settings\fierro\Application Data\Apple Computer
    O43 - CFD: 12/03/2011 - 17:11:56 - [27370] ----D- C:\Documents and Settings\fierro\Application Data\TuneUp Software
    O43 - CFD: 12/03/2011 - 17:16:06 - [16440] ----D- C:\Documents and Settings\fierro\Application Data\DivX
    O43 - CFD: 12/03/2011 - 18:42:38 - [2873191] ----D- C:\Documents and Settings\fierro\Application Data\Macromedia
    O43 - CFD: 12/03/2011 - 20:12:10 - [8533073] ----D- C:\Documents and Settings\fierro\Application Data\Sun
    O43 - CFD: 14/03/2011 - 10:11:24 - [1522713] ----D- C:\Documents and Settings\fierro\Application Data\Adobe
    O43 - CFD: 14/03/2011 - 18:23:42 - [6307] ----D- C:\Documents and Settings\fierro\Application Data\Malwarebytes
    O43 - CFD: 15/03/2011 - 18:26:46 - [0] ----D- C:\Documents and Settings\fierro\Application Data\InstallShield
    O43 - CFD: 23/01/2005 - 11:57:54 - [156644014] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Microsoft
    O43 - CFD: 12/03/2011 - 16:54:18 - [2204379] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Apple Computer
    O43 - CFD: 12/03/2011 - 16:56:36 - [0] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Apple
    O43 - CFD: 12/03/2011 - 18:36:00 - [49] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Orange
    O43 - CFD: 12/03/2011 - 19:22:18 - [5091] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\ApplicationHistory
    O43 - CFD: 14/03/2011 - 10:11:24 - [192804] ----D- C:\Documents and Settings\fierro\Local Settings\Application Data\Adobe
    0
  14. redbull47 Messages postés 53 Statut Membre
     
    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.E42F532E84C9D61B7E7BF546BDA2F5F2] - 16/03/2011 - 20:45:02 ---A- . (...) -- C:\TDSSKiller.2.4.21.0_16.03.2011_20.43.53_log.txt [37696]
    O44 - LFC:[MD5.59B43928D7992DCE9BC5B7D6BAD6EA41] - 16/03/2011 - 20:43:00 ---A- . (...) -- C:\WINDOWS\System32\secushr.dat [1770]
    O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:44:40 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1085196]
    O44 - LFC:[MD5.7DCA9E5438D6B4AB47BFB84435A6B2B8] - 16/03/2011 - 19:32:18 ---A- . (...) -- C:\ComboFix.txt [21537]
    O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 16/03/2011 - 19:31:20 ---A- . (...) -- C:\WINDOWS\system.ini [227]
    O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:26:14 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32170]
    O44 - LFC:[MD5.8BA0D3956D250904292E1EA582137CB3] - 16/03/2011 - 19:26:12 ---A- . (...) -- C:\WINDOWS\setupapi.log [2646]
    O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:26:02 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
    O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/03/2011 - 19:25:44 ---A- . (...) -- C:\WINDOWS\0.log [0]
    O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/03/2011 - 19:25:40 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
    O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 16/03/2011 - 19:24:58 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
    O44 - LFC:[MD5.2E1B512BBBD2DC2942CB00946B331C3C] - 16/03/2011 - 19:21:58 RSHA- . (...) -- C:\boot.ini [332]
    O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 16/03/2011 - 19:19:27 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232]
    O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 16/03/2011 - 19:19:27 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792]
    O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 16/03/2011 - 19:19:27 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704]
    O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 16/03/2011 - 19:19:27 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480]
    O44 - LFC:[MD5.B7317840CAF0CF61AF8CE248FB082350] - 16/03/2011 - 19:15:04 ---A- . (...) -- C:\WINDOWS\System32\secustat.dat [424]
    O44 - LFC:[MD5.B28C246AB8A58CDA69B6949267BA3E85] - 16/03/2011 - 18:33:08 ---A- . (...) -- C:\WINDOWS\System32\d3d9caps.dat [664]
    O44 - LFC:[MD5.9571771CC61F5278DBB1047482EB8098] - 16/03/2011 - 18:22:06 ---A- . (...) -- C:\WINDOWS\System32\eRLog.ini [680]
    O44 - LFC:[MD5.5A44B7C2D933E52A034128EA4E634153] - 16/03/2011 - 18:21:30 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [39291]
    O44 - LFC:[MD5.9E53501FCD68C138B6F19E9D4D2880E1] - 16/03/2011 - 16:09:54 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
    O44 - LFC:[MD5.2E409416D32024870A2D841B157A8E19] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 1.10.) -- C:\WINDOWS\System32\EpPicPrt.dll [120992]
    O44 - LFC:[MD5.68D2DE06776BEC0409AF80D26C2FD42E] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\WINDOWS\System32\PICEntry.dll [108704]
    O44 - LFC:[MD5.93C3E9EE30280A8ED2D56DCEDA0FAF3F] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\WINDOWS\System32\PICSDK.dll [80024]
    O44 - LFC:[MD5.17152A7F21C9802E7826DE63D2DF184C] - 15/03/2011 - 18:26:47 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\WINDOWS\System32\PICSDK2.dll [501912]
    O44 - LFC:[MD5.8C1013EAF95FF2CEC2391EB0E8B04B31] - 15/03/2011 - 18:26:46 ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 1.10.) -- C:\WINDOWS\System32\EPPicMgr.dll [71840]
    O44 - LFC:[MD5.1129871724A26B1DD6678DE88B7FE941] - 15/03/2011 - 18:26:12 ---A- . (.SEIKO EPSON CORP. - E_DCINST.) -- C:\WINDOWS\System32\E_DCINST.DLL [49152]
    O44 - LFC:[MD5.8EB50EB111D161708B899A6AF6A8F860] - 15/03/2011 - 18:26:11 ---A- . (.SEIKO EPSON CORPORATION - ECBTEGB.) -- C:\WINDOWS\System32\E_FD4BCDE.DLL [62976]
    O44 - LFC:[MD5.A4EC6B9766E2A7FAA77283697BC5C307] - 15/03/2011 - 18:26:11 ---A- . (.SEIKO EPSON CORPORATION - EPSON Bi-directional Monitor.) -- C:\WINDOWS\System32\E_FLBCDE.DLL [76800]
    O44 - LFC:[MD5.B35DBB90FA79BE79956E481D1AF9E7E7] - 15/03/2011 - 18:24:01 ---A- . (.SEIKO EPSON CORP. - EPSON WIA Module.) -- C:\WINDOWS\System32\escwiad.dll [67072]
    O44 - LFC:[MD5.40FDF3546B2DD93413C2223169683979] - 15/03/2011 - 18:23:48 ---A- . (...) -- C:\WINDOWS\CDE DX7400DEFGIPS.ini [25]
    O44 - LFC:[MD5.574C94EED8119C6860546294753EC938] - 15/03/2011 - 11:14:10 ---A- . (...) -- C:\Boot.bak [216]
    O44 - LFC:[MD5.F394BC4BB82AF9972EBE266370CCD3B9] - 15/03/2011 - 11:14:10 ---A- . (...) -- C:\WINDOWS\win.ini [573]
    O44 - LFC:[MD5.7DA6C0436905BCAB93C276FEAE8569F8] - 14/03/2011 - 20:29:18 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [259840]
    O44 - LFC:[MD5.045977768AC9730F79F17F8FDE55D5EE] - 14/03/2011 - 20:25:14 ---A- . (...) -- C:\WINDOWS\System32\TZLog.log [13218]
    O44 - LFC:[MD5.660023DF771C9730463234B831785EE7] - 14/03/2011 - 20:17:18 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158]
    O44 - LFC:[MD5.D4761D8CDB9DEF6C39253C4166C610A7] - 14/03/2011 - 18:53:04 ---A- . (...) -- C:\WINDOWS\ODBC.INI [385]
    O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 14/03/2011 - 18:23:29 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]
    O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 14/03/2011 - 18:23:24 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952]
    O44 - LFC:[MD5.3FD411DF4A9999EA848615DEF336E905] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Control Panel.) -- C:\WINDOWS\System32\javacpl.cpl [73728]
    O44 - LFC:[MD5.F87BA06FE22C81CDE563761DDFBAB267] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [472808]
    O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184]
    O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184]
    O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 12/03/2011 - 20:12:46 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [157472]
    O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 12/03/2011 - 20:04:08 ---A- . (...) -- C:\WINDOWS\epplauncher.mif [1912]
    O44 - LFC:[MD5.C7E800CDF54D012C2723071BE05E54D2] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1004624]
    O44 - LFC:[MD5.F2B087103F87D3E25CE3F9D598CB4B3F] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [59856]
    O44 - LFC:[MD5.CCC1B8FE8ABE911C2981AF7AD26A5CCF] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [72714]
    O44 - LFC:[MD5.B34A7A0BDEFCD2F5ED3F0184C322915B] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [397086]
    O44 - LFC:[MD5.4EBDE64847A985601EBFFD5D914CF3A3] - 12/03/2011 - 19:55:48 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [464508]
    O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 12/03/2011 - 19:55:00 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
    O44 - LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] - 12/03/2011 - 19:54:22 ---A- . (...) -- C:\WINDOWS\System32\spupdwxp.log [90]
    O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 12/03/2011 - 19:44:54 RSHA- . (...) -- C:\ntldr [252240]
    O44 - LFC:[MD5.1C7EE42FE601457D874AC6478AE68A7A] - 12/03/2011 - 18:32:48 ---A- . (.France Telecom SA - Orange Connection Kit.) -- C:\WINDOWS\System32\Autodial2000.dll [65536]
    O44 - LFC:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 12/03/2011 - 18:32:46 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\System32\pcampr5.sys [34688]
    O44 - LFC:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 12/03/2011 - 18:32:46 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\System32\pcandis5.sys [32128]
    O44 - LFC:[MD5.58729B4DF51BC160837B2E020EF74456] - 12/03/2011 - 18:32:46 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - WinDis 32 API & Platform Compatibility DLL.) -- C:\WINDOWS\System32\w32n50.dll [94208]
    O44 - LFC:[MD5.F61187E55BFA395AA04E8B4550AA6DF3] - 12/03/2011 - 17:11:56 ---A- . (.TuneUp Software GmbH - TuneUp Drive Defrag-Dienst.) -- C:\WINDOWS\System32\TuneUpDefragService.exe [307968]
    O44 - LFC:[MD5.411D534C568DE0B9D38DBC892D027897] - 12/03/2011 - 17:11:55 ---A- . (.TuneUp Software GmbH - TuneUp Theme Extension.) -- C:\WINDOWS\System32\uxtuneup.dll [28416]
    O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 12/03/2011 - 16:58:26 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26600]
    O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 12/03/2011 - 16:58:26 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\WINDOWS\System32\GEARAspi.dll [107368]
    O44 - LFC:[MD5.6EC55E88C0FCE0339759CB37FC118B78] - 12/03/2011 - 16:51:28 ---A- . (...) -- C:\WINDOWS\libem.INI [25]
    O44 - LFC:[MD5.D86B4A68565E444D76457F14172C875A] - 12/03/2011 - 16:49:29 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [43528]
    O44 - LFC:[MD5.6469C3E72B888EC76FFF0DB610602CC5] - 12/03/2011 - 16:43:50 ---A- . (...) -- C:\WINDOWS\ALaunch.ini [83]
    O44 - LFC:[MD5.A7B8A3A79D35215D798A300DF49ED23F] - 12/03/2011 - 16:40:29 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\System32\drivers\afc.sys [11776]
    O44 - LFC:[MD5.7ED438C44B90AF7B01609A942C7E7196] - 12/03/2011 - 16:39:42 ---A- . (.Eastman Kodak - PCDLIB32.) -- C:\WINDOWS\PCDLIB32.DLL [212480]
    O44 - LFC:[MD5.D85290AAFDED4E699F4A5C060AB1A2EC] - 12/03/2011 - 16:38:46 ---A- . (...) -- C:\WINDOWS\System32\jupdate-1.5.0_05-b05.log [5435]
    O44 - LFC:[MD5.2D2B2457CBD25F0958E9105BACE32D39] - 12/03/2011 - 16:36:30 ---A- . (...) -- C:\WINDOWS\System32\$winnt$.inf [733]
    O44 - LFC:[MD5.08C26E1D8C50302193A41FC8741F6128] - 12/03/2011 - 16:34:00 ---A- . (.NVIDIA Corporation - NVIDIA Uninstaller Utility.) -- C:\WINDOWS\System32\nvudisp.exe [180224]
    O44 - LFC:[MD5.B5C14ACECB75F93E0AFEB026F249D52B] - 12/03/2011 - 16:33:48 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
    O44 - LFC:[MD5.B80CA456D577AAEA3979E112CF69C0FD] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsel.dll [335872]
    O44 - LFC:[MD5.9FC0CA6618065AE7DC5203886DE02BE0] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrseng.dll [286720]
    O44 - LFC:[MD5.4C96E3905C11FAC476EE9D81F53AAAD8] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrses.dll [335872]
    O44 - LFC:[MD5.4AB1BE91C3C50ED4EACF6F848B3468DB] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsesm.dll [327680]
    O44 - LFC:[MD5.C6502628309BD3493AAFD25C26E08DA6] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsfi.dll [303104]
    O44 - LFC:[MD5.87C2B4642115BE5C625E3CF1FFE6AA0A] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsfr.dll [327680]
    O44 - LFC:[MD5.FFE9A891D076B642B53EAB3A4129376F] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrshe.dll [278528]
    O44 - LFC:[MD5.5972B86DB263228D32E2F19F920A6F7A] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrshu.dll [315392]
    O44 - LFC:[MD5.6C89C827F5AA5BA377D4D85044AD2DD8] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsit.dll [323584]
    O44 - LFC:[MD5.852B1A2E23365C1EEE1EBD5BD26BF3CD] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsja.dll [212992]
    O44 - LFC:[MD5.20139550B7242D39D18079375BF08828] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsko.dll [196608]
    O44 - LFC:[MD5.F2377D65749CD02F5B377CF222F6B09D] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsnl.dll [319488]
    O44 - LFC:[MD5.AF1B8A6428BB0D15CD8CDDC4B6688AAE] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsno.dll [299008]
    O44 - LFC:[MD5.EC93AD5C671102347339E0E4B86AA490] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrspl.dll [294912]
    O44 - LFC:[MD5.0239C36604070BB94D9FAF706101ED44] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrspt.dll [323584]
    O44 - LFC:[MD5.9452406B5CD6AB906AE16DB5B28A9ECE] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsptb.dll [319488]
    O44 - LFC:[MD5.9780E718D5ED068130BD640EF662CFBA] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsru.dll [315392]
    O44 - LFC:[MD5.C142FDA779362FBFFE4B692AFBEEA252] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrssk.dll [299008]
    O44 - LFC:[MD5.7AF51847FE18229D46C8E73DD084F9BC] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrssl.dll [303104]
    O44 - LFC:[MD5.682D5B906D20C1428A45883FEC2EA79C] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrssv.dll [294912]
    O44 - LFC:[MD5.8613CA009AB01C35C7E10BB7098CC795] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrstr.dll [303104]
    O44 - LFC:[MD5.1EBC1CBB2B72355E00E98EA4EB1694E6] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrszhc.dll [163840]
    O44 - LFC:[MD5.8AA88F4861B53C82808CB4B868737A1A] - 12/03/2011 - 16:31:53 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrszht.dll [167936]
    O44 - LFC:[MD5.9DE9D4A1DC121FFD4A850498B224AD68] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsar.dll [282624]
    O44 - LFC:[MD5.6EE1541BC2609127801CBBE43D29F6F1] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrscs.dll [286720]
    O44 - LFC:[MD5.ECD888756E9F9E9A22DCD43BFB71A463] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsda.dll [294912]
    O44 - LFC:[MD5.D7572F8C2A1D557CEC88C07969BB1104] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Desktop and Window Manager.) -- C:\WINDOWS\System32\nvwrsde.dll [311296]
    O44 - LFC:[MD5.5D4D2606B988DAFBD8493348AC830653] - 12/03/2011 - 16:31:52 ---A- . (.NVIDIA Corporation - NVIDIA nView Display Driver Interface Lib,.) -- C:\WINDOWS\System32\nvwddi.dll [81920]
    O44 - LFC:[MD5.768D57FCAA1E706391D3DE6C40791084] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Chinese (Traditional) language resou.) -- C:\WINDOWS\System32\nvrszht.dll [118784]
    O44 - LFC:[MD5.0B24AB7CC5B7ED2AA7F438A4072459F4] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) -- C:\WINDOWS\System32\nvsvc32.exe [131139]
    O44 - LFC:[MD5.22A41BFF5511DEFCE6372F6379A24C61] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Dutch language resource library.) -- C:\WINDOWS\System32\nvrsnl.dll [266240]
    O44 - LFC:[MD5.DB4CC6E87DADB2E285A4723D9E844417] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Hebrew language resource library.) -- C:\WINDOWS\System32\nvrshe.dll [319488]
    O44 - LFC:[MD5.88F8BF63823C690ED1F34CE5D92635AF] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Hungarian language resource library.) -- C:\WINDOWS\System32\nvrshu.dll [253952]
    O44 - LFC:[MD5.CBFF70A06ECA26CC10B955F477C92BC5] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Iberian Portuguese language resource.) -- C:\WINDOWS\System32\nvrspt.dll [266240]
    O44 - LFC:[MD5.1F873E1BF40596EE887D80A98C0B61D6] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Italian language resource library.) -- C:\WINDOWS\System32\nvrsit.dll [274432]
    O44 - LFC:[MD5.725AE1BBC84B2818F622120E13A6E639] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Japanese language resource library.) -- C:\WINDOWS\System32\nvrsja.dll [258048]
    O44 - LFC:[MD5.0B1B2CFB399AB4E19FCADE6FAC80FB82] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Korean language resource library.) -- C:\WINDOWS\System32\nvrsko.dll [253952]
    O44 - LFC:[MD5.92A5FFF6E6BF938669482B039B57BD84] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Norwegian language resource library.) -- C:\WINDOWS\System32\nvrsno.dll [249856]
    O44 - LFC:[MD5.8C7FBBEBCB9D4E8B50658C88E585C97E] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Polish language resource library.) -- C:\WINDOWS\System32\nvrspl.dll [249856]
    O44 - LFC:[MD5.8FB5009FCE893BCD7D9491264E86F7BE] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Portuguese (Brazilian) language reso.) -- C:\WINDOWS\System32\nvrsptb.dll [262144]
    O44 - LFC:[MD5.C942C0F44574FBA773D4E565871CFA84] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Russian language resource library.) -- C:\WINDOWS\System32\nvrsru.dll [262144]
    O44 - LFC:[MD5.CD40EBCB2DA61C4DA6935FA591B75DEA] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Simplified Chinese language resource.) -- C:\WINDOWS\System32\nvrszhc.dll [217088]
    O44 - LFC:[MD5.9E600A61A8FE954C85DD7EC0D163EE0B] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Slovak language resource library.) -- C:\WINDOWS\System32\nvrssk.dll [249856]
    O44 - LFC:[MD5.04874E5C01EC112BC1CCE6CFDDF8E6DB] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Slovenian language resource library.) -- C:\WINDOWS\System32\nvrssl.dll [249856]
    O44 - LFC:[MD5.020EEF13449408A720EA27CDED527D1C] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Swedish language resource library.) -- C:\WINDOWS\System32\nvrssv.dll [245760]
    O44 - LFC:[MD5.513094ED0C28E7A4AD1A9529C48FC27D] - 12/03/2011 - 16:31:51 ---A- . (.NVIDIA Corporation - NVIDIA Turkish language resource library.) -- C:\WINDOWS\System32\nvrstr.dll [249856]
    O44 - LFC:[MD5.5F7A720FD8B69C5E49746019B0641B64] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Arabic language resource library.) -- C:\WINDOWS\System32\nvrsar.dll [319488]
    O44 - LFC:[MD5.9C65EE38A2AE5C4F3B2E063DBC12981A] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Czech language resource library.) -- C:\WINDOWS\System32\nvrscs.dll [241664]
    O44 - LFC:[MD5.24263F922A07AD964CB304212E636BC2] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Danish language resource library.) -- C:\WINDOWS\System32\nvrsda.dll [245760]
    O44 - LFC:[MD5.4D5B1BE381CCD332EB7C15C584C56275] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Finnish language resource library.) -- C:\WINDOWS\System32\nvrsfi.dll [241664]
    O44 - LFC:[MD5.023C14A9F04CB332C193C5B220EB75A4] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA French language resource library.) -- C:\WINDOWS\System32\nvrsfr.dll [278528]
    O44 - LFC:[MD5.CAD2F44DCFDA2FF8A2C41464DA2889A7] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA German language resource library.) -- C:\WINDOWS\System32\nvrsde.dll [270336]
    O44 - LFC:[MD5.34ABF17DB9788463DD75D8B1B627CC80] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Greek language resource library.) -- C:\WINDOWS\System32\nvrsel.dll [274432]
    O44 - LFC:[MD5.349610D0FABA54D9EE3CF67E44C1645F] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Latin American Spanish language reso.) -- C:\WINDOWS\System32\nvrsesm.dll [266240]
    O44 - LFC:[MD5.03CC73962FA687491CF283AF0330F059] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA Spanish language resource library.) -- C:\WINDOWS\System32\nvrses.dll [274432]
    O44 - LFC:[MD5.9E0D87EBB7F509D0375D8B61E1A6D93F] - 12/03/2011 - 16:31:50 ---A- . (.NVIDIA Corporation - NVIDIA UK English language resource library.) -- C:\WINDOWS\System32\nvrseng.dll [241664]
    O44 - LFC:[MD5.DA222964DF2C502662DFD6CB71F27682] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\WINDOWS\System32\nvoglnt.dll [5378048]
    O44 - LFC:[MD5.FCC333F0625C04EA9315B0D571B5BE52] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA French language resource library.) -- C:\WINDOWS\System32\nvmccsrs.dll [45056]
    O44 - LFC:[MD5.AD26D98C35CA98DE4B3388AFA158FA54] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\System32\nvmctray.dll [86016]
    O44 - LFC:[MD5.2B2D85AC10D0E38384EEB281A11963D5] - 12/03/2011 - 16:31:49 ---A- . (.NVIDIA Corporation - NVIDIA U.S. English language resource libra.) -- C:\WINDOWS\System32\nvmccs.dll [229376]
    O44 - LFC:[MD5.C9D985299655B1A4C80BEC4D60828F98] - 12/03/2011 - 16:31:45 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\System32\nvcpl.dll [7286784]
    O44 - LFC:[MD5.CAE4BA99CA86B593A048DFC4E7F93053] - 12/03/2011 - 16:31:44 ---A- . (.NVIDIA Corporation - NVIDIA Driver CoInstaller.) -- C:\WINDOWS\System32\nvcod.dll [34304]
    O44 - LFC:[MD5.CAE4BA99CA86B593A048DFC4E7F93053] - 12/03/2011 - 16:31:44 ---A- . (.NVIDIA Corporation - NVIDIA Driver CoInstaller.) -- C:\WINDOWS\System32\nvcodins.dll [34304]
    O44 - LFC:[MD5.BFC1C4E5FBA0A4C8D8495965EF44AE4D] - 12/03/2011 - 16:31:44 ---A- . (.NVIDIA Corporation - NVIDIA NVIDIA Color Optimizer, Version 81.8.) -- C:\WINDOWS\System32\nvcolor.exe [147456]
    O44 - LFC:[MD5.7246FD8D779691C26F2C28CDE8AFA1C1] - 12/03/2011 - 16:31:43 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Display driv.) -- C:\WINDOWS\System32\nv4_disp.dll [3921024]
    O44 - LFC:[MD5.9E1F2F09E34C92A96B9900B6A45D5026] - 12/03/2011 - 16:31:43 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Dri.) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [3530432]
    O44 - LFC:[MD5.1E61596140EC9CCA62E3A7A6AB51159A] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - CameraMonitor MFC Application.) -- C:\WINDOWS\vsnpstd2.exe [286720]
    O44 - LFC:[MD5.556278AB03A51D95C8226F651F3EBED5] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - DelHwKey MFC Application.) -- C:\WINDOWS\usnpstd2.exe [20480]
    O44 - LFC:[MD5.7FC5B8E9581E543FB42FB8DCDE3132E2] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - PC Camera driver.) -- C:\WINDOWS\System32\drivers\snpstd2.sys [347264]
    O44 - LFC:[MD5.398AE8F2837AA7A7DC92B579083785F4] - 12/03/2011 - 14:40:10 ---A- . (.Pas de propriétaire - The utilities for device installation.) -- C:\WINDOWS\System32\csnpstd2.dll [61440]
    O44 - LFC:[MD5.9DAA7218961710008D7385B01BD3F386] - 08/11/2010 - 01:20:24 ---A- . (...) -- C:\WINDOWS\MBR.exe [89088]
    O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 15:58:12 ---A- . (...) -- C:\WINDOWS\PEV.exe [256512]
    O44 - LFC:[MD5.0F23634D5375EBC97A1D77838730A55D] - 31/10/2006 - 00:10:00 ---A- . (...) -- C:\WINDOWS\System32\PICSDK.ini [97]
    O44 - LFC:[MD5.3BFDF49E3E53BEC267829611A24B9019] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\keystone.exe [425984]
    O44 - LFC:[MD5.A8BF5B56DE6D6932816236E5C2BAAB5B] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvapi.dll [45056]
    O44 - LFC:[MD5.699EB187225E8DAC28A7A27A49FFCEED] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvappbar.exe [442368]
    O44 - LFC:[MD5.92224E035CDD28EAFD065410C4556D0D] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvdisp.nvu [15868]
    O44 - LFC:[MD5.113D087C598A9092FAA9979F993577B1] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvdspsch.exe [1339392]
    O44 - LFC:[MD5.E36EDD779727388F6DECFF2D3454DEFC] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvhwvid.dll [573440]
    O44 - LFC:[MD5.6F56256F5ABF9896DFEA304972F34A16] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nview.dll [1466368]
    O44 - LFC:[MD5.79A20793214F1E037CC05974F14107BC] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvnt4cpl.dll [286720]
    O44 - LFC:[MD5.6966EEF7437CC3C42043506AB40B44D2] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvshell.dll [466944]
    O44 - LFC:[MD5.889374808C96987B6A735F2301D08006] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvtuicpl.cpl [73728]
    O44 - LFC:[MD5.025E01756E1E1F9B1CE9BEFD27406CD6] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvwdmcpl.dll [1662976]
    O44 - LFC:[MD5.EBFD83DE98B1A7025602B73EC69A113B] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nvwimg.dll [1019904]
    O44 - LFC:[MD5.60D44EF1CB5F41160E9D0A7E637CC8AA] - 10/10/2005 - 14:49:00 ---A- . (...) -- C:\WINDOWS\System32\nwiz.exe [1519616]
    O44 - LFC:[MD5.7AA6FCF74FEA8DE3F1E71CF579E9BCB9] - 01/06/2005 - 00:20:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPrinterDB.dat [111932]
    O44 - LFC:[MD5.71E6747D37C1C8350C6693A4C1172308] - 24/09/2004 - 13:52:36 ---A- . (...) -- C:\WINDOWS\System32\vsnpstd2.dll [36864]
    O44 - LFC:[MD5.0E3A2DC6171D45F86EDD34DA8C9FC931] - 24/09/2004 - 12:14:16 ---A- . (...) -- C:\WINDOWS\System32\dsnpstd2.ax [36864]
    O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 03/08/2004 - 23:00:08 RSHA- . (...) -- C:\cmldr [263488]
    O44 - LFC:[MD5.17C094B0F5243CEFD3F7334E2B8020A8] - 08/06/2004 - 18:25:42 ---A- . (...) -- C:\WINDOWS\System32\dsnpstd2.dll [53248]
    O44 - LFC:[MD5.8C5D98825C4A3F840290D3000BCBD751] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_BP.cfg [6347]
    O44 - LFC:[MD5.4522750EA97E574F092B463A5072F5D3] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_CF.cfg [6195]
    O44 - LFC:[MD5.3B085599D53A8E49A02B42316167791D] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_DU.cfg [6122]
    O44 - LFC:[MD5.87CC3262E60487AC2A7DF54E7A94405E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_EN.cfg [13732]
    O44 - LFC:[MD5.D74F30976FC27C4134AC650747E141F6] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_ES.cfg [6103]
    O44 - LFC:[MD5.4522750EA97E574F092B463A5072F5D3] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_FR.cfg [6195]
    O44 - LFC:[MD5.5AF012AA8CF511EBA96E1FB620800406] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_GE.cfg [6335]
    O44 - LFC:[MD5.C97F01641F82529F811750CC8BA8F6BE] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_IT.cfg [6442]
    O44 - LFC:[MD5.EFBB67A52E13B74D9504C72A7FFBAC66] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_KO.cfg [5817]
    O44 - LFC:[MD5.8C5D98825C4A3F840290D3000BCBD751] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_PT.cfg [6347]
    O44 - LFC:[MD5.3310F4A726ABF152C54C6AEF9FF6A73C] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_RU.cfg [2889]
    O44 - LFC:[MD5.6CD8BBC5EFB7F458A8FE3AC3F566D48E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_SC.cfg [5436]
    O44 - LFC:[MD5.01BDBCEABF472323F62D879A7A2AACF9] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICLocal_TC.cfg [2426]
    O44 - LFC:[MD5.11CEF97EC383B4A9268CEBCAFDA1C0BF] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern1.dat [26154]
    O44 - LFC:[MD5.99B39A991604A09125A63D1F83A1668F] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern121.dat [27417]
    O44 - LFC:[MD5.C35D83EF6773F875E85A37CD389FC98A] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern131.dat [31053]
    O44 - LFC:[MD5.AED88E22D1F234668E0FF2F1C6D80AD1] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern2.dat [20148]
    O44 - LFC:[MD5.EA23048F088AAC681C4FE4EC051A8663] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern3.dat [24903]
    O44 - LFC:[MD5.DAEF4897E14EFB7050F7E0FC6887379F] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern4.dat [11811]
    O44 - LFC:[MD5.7124C6AA586A840A5AE1F2972D4F6E12] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern5.dat [21390]
    O44 - LFC:[MD5.E000BC718432CBB8F8AF9A2DD4EBCC59] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPattern6.dat [4943]
    O44 - LFC:[MD5.17252792B6016C58F15C9A04AC834147] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [1139]
    O44 - LFC:[MD5.EC10E010C637383D566C95CEA4307737] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [1129]
    O44 - LFC:[MD5.7C52CC8596D832C902FD194EBBB2CB2E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [1146]
    O44 - LFC:[MD5.4843A0BA0A20A81373086ACCAD81725B] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [1104]
    O44 - LFC:[MD5.A40E9AED5BB4DF99EEC5C973DA0C0B42] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [1136]
    O44 - LFC:[MD5.EC10E010C637383D566C95CEA4307737] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [1129]
    O44 - LFC:[MD5.968070015D107F9353471E2CCA8F432E] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [1107]
    O44 - LFC:[MD5.1E58B11A525A5C324F4BCF86E62E1826] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [1120]
    O44 - LFC:[MD5.17252792B6016C58F15C9A04AC834147] - 03/03/2004 - 06:10:00 ---A- . (...) -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [1139]
    O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\grep.exe [80412]
    O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\sed.exe [98816]
    O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\zip.exe [68096]
    O44 - LFC:[MD5.B322118EF59D45C1B6CA13BCDE1EB9CA] - 17/01/2003 - 17:35:40 ---A- . (...) -- C:\WINDOWS\snpstd2.src [13023]
    O44 - LFC:[MD5.22D879AFA9637322B01418933E2BBA8D] - 17/01/2003 - 17:34:40 ---A- . (...) -- C:\WINDOWS\snpstd2.ini [15541]

    ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

    ---\\ Export de clé d'application autorisée (O47)
    O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [Enabled] .(.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\eConsole.exe" [Enabled] .(.Acer Inc. - eConsole.) -- C:\Program Files\Acer\Acer eConsole\eConsole.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe" [Enabled] .(.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" [Enabled] .(.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
    O47 - AAKE:Key Export SP - "C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
    O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
    O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
    O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    ---\\ Image File Execution Options (IFEO) (O50)
    O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

    ---\\ Trojan Driver Search Data (HKLM) (O52)
    O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
    O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
    O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
    O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
    O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
    O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
    O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
    O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
    O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
    O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
    O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
    O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
    O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
    O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
    O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
    O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

    ---\\ Microsoft Control Security Providers (O54)
    O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
    O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
    O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
    O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
    O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
    O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

    ---\\ Microsoft Windows Policies System (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
    O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

    ---\\ Microsoft Windows Policies Explorer (O56)
    O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
    O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863
    O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
    O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
    O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863
    O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
    O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

    ---\\ Liste des Drivers Système (O58)
    O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
    O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 05:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
    O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 05:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
    O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 05:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
    O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 05:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
    O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 05:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
    O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 05:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
    O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 05:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
    O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952]
    O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224]
    O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 09/03/2005 - 15:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008]
    O58 - SDL:[MD5.D86B4A68565E444D76457F14172C875A] - 06/11/2008 - 17:37:28 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\PxHelp20.sys [43528]
    O58 - SDL:[MD5.93F93A8E3E14CBBF1CE9A5AF1A70C095] - 22/09/2005 - 16:34:00 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\alcxwdm.sys [3727680]
    O58 - SDL:[MD5.E0C67BE430C6DE490D6CCAECFA071F9E] - 17/12/2004 - 17:14:44 ---A- . (...) -- C:\WINDOWS\system32\drivers\UBHelper.sys [13952]
    O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 23/01/2005 - 12:11:40 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys [6144]
    O58 - SDL:[MD5.20526A8827DC0956B5526AEBCB6751A0] - 29/07/2005 - 17:11:04 ---A- . (.NVIDIA Corporation - NVIDIA Networking Bus Driver..) -- C:\WINDOWS\system32\drivers\nvnetbus.sys [12928]
    O58 - SDL:[MD5.143856A6E46E74A19CEFAE9FF2246C71] - 29/07/2005 - 17:10:46 ---A- . (.NVIDIA Corporation - NVIDIA Network Resource Manager..) -- C:\WINDOWS\system32\drivers\nvnrm.sys [301312]
    O58 - SDL:[MD5.58D7D9E20D81117FB49768F8592DA74F] - 29/07/2005 - 17:10:32 ---A- . (.NVIDIA Corporation - NVIDIA Networking Soft-NPU Driver..) -- C:\WINDOWS\system32\drivers\nvsnpu.sys [221824]
    O58 - SDL:[MD5.14FF39920AFAEEED23E42F1DDC639168] - 29/07/2005 - 17:10:54 ---A- . (.NVIDIA Corporation - NVIDIA Networking Protocol Driver..) -- C:\WINDOWS\system32\drivers\nvtcp.sys [100480]
    O58 - SDL:[MD5.2A7A2C6AB9631028B6E3A4159AA65705] - 29/07/2005 - 17:11:02 ---A- . (.NVIDIA Corporation - NVIDIA Networking Function Driver..) -- C:\WINDOWS\system32\drivers\NVENETFD.sys [34048]
    O58 - SDL:[MD5.9E1F2F09E34C92A96B9900B6A45D5026] - 10/10/2005 - 14:49:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 81.85.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3530432]
    O58 - SDL:[MD5.7FC5B8E9581E543FB42FB8DCDE3132E2] - 14/10/2004 - 17:12:02 ---A- . (.Pas de propriétaire - PC Camera driver.) -- C:\WINDOWS\system32\drivers\snpstd2.sys [347264]
    O58 - SDL:[MD5.A7B8A3A79D35215D798A300DF49ED23F] - 23/02/2005 - 14:58:56 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [11776]
    O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
    O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
    O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
    O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
    O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
    O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
    O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
    O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
    O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
    O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
    O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
    O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
    O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
    O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
    O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
    O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
    O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
    O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 24/08/2009 - 12:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys [32128]
    O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 24/08/2009 - 12:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys [34688]

    ---\\ Liste des outils de nettoyage (O63)
    O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

    ---\\ Liste des services Legacy (O64)
    O64 - Services: CurCS - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe - Acer Media Server (Acer Media Server) .(.Acer Inc. - Acer UPnP Media Server Service.) - LEGACY_ACER_MEDIA_SERVER
    O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
    O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
    O64 - Services: CurCS - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Apple Mobile Device (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS
    O64 - Services: CurCS - C:\Program Files\Bonjour\mDNSResponder.exe - Service Bonjour (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
    O64 - Services: CurCS - C:\DOCUME~1\fierro\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS
    O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
    O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
    O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN
    O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
    O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
    O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS
    O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
    O64 - Services: CurCS - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe - France Telecom Routing Table Service (FTRTSVC) .(.France Telecom SA - Orange Connection Kit.) - LEGACY_FTRTSVC
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
    O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER
    O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
    O64 - Services: CurCS - C:\Program Files\iPod\bin\iPodService.exe - Service de l'iPod (iPod Service) .(.Apple Inc. - iPodService Module (32-bit).) - LEGACY_IPOD_SERVICE
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\irda.sys - Protocole IrDA (irda) .(.Microsoft Corporation - IRDA Protocol Driver.) - LEGACY_IRDA
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Moniteur infrarouge (Irmon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_IRMON
    O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
    O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS
    O64 - Services: CurCS - C:\DOCUME~1\fierro\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\MpFilter.sys - Microsoft Malware Protection Driver (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER
    O64 - Services: CurCS - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFC86AD2-F4E1-4572-937D-FCDCAC6BB556}\MpKsl0e9ca3f3.sys - MpKsl0e9ca3f3 (MpKsl0e9ca3f3) .(.Microsoft Corporation - KSLDriver
    O64 - Services: CurCS - (.not file.) - MpKsl27fc8052 (MpKsl27fc8052) .(...) - LEGACY_MPKSL27FC8052
    O64 - Services: CurCS - (.not file.) - MpKsl3273fa61 (MpKsl3273fa61) .(...) - LEGACY_MPKSL3273FA61
    O64 - Services: CurCS - (.not file.) - MpKsl349274f9 (MpKsl349274f9) .(...) - LEGACY_MPKSL349274F9
    O64 - Services: CurCS - (.not file.) - MpKsl6be749e5 (MpKsl6be749e5) .(...) - LEGACY_MPKSL6BE749E5
    O64 - Services: CurCS - (.not file.) - MpKsl774fbc2c (MpKsl774fbc2c) .(...) - LEGACY_MPKSL774FBC2C
    O64 - Services: CurCS - (.not file.) - MpKsl8027b156 (MpKsl8027b156) .(...) - LEGACY_MPKSL8027B156
    O64 - Services: CurCS - (.not file.) - MpKslc8d22358 (MpKslc8d22358) .(...) - LEGACY_MPKSLC8D22358
    O64 - Services: CurCS - (.not file.) - MpKslc93980e4 (MpKslc93980e4) .(...) - LEGACY_MPKSLC93980E4
    O64 - Services: CurCS - (.not file.) - MpKslcb90be2b (MpKslcb90be2b) .(...) - LEGACY_MPKSLCB90BE2B
    O64 - Services: CurCS - (.not file.) - MpKslcd6155c4 (MpKslcd6155c4) .(...) - LEGACY_MPKSLCD6155C4
    O64 - Services: CurCS - (.not file.) - MpKsldc264e76 (MpKsldc264e76) .(...) - LEGACY_MPKSLDC264E76
    O64 - Services: CurCS - (.not file.) - MpKslde14688d (MpKslde14688d) .(...) - LEGACY_MPKSLDE14688D
    O64 - Services: CurCS - (.not file.) - MpKslf4646a05 (MpKslf4646a05) .(...) - LEGACY_MPKSLF4646A05
    O64 - Services: CurCS - (.not file.) - MpKslfbbcf485 (MpKslfbbcf485) .(...) - LEGACY_MPKSLFBBCF485
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
    O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
    O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER
    O64 - Services: CurCS - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - Microsoft Antimalware Service (MsMpSvc) .(.Microsoft Corporation - Antimalware Service Executable.) - LEGACY_MSMPSVC
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
    O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
    O64 - Services: CurCS - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.85.) - LEGACY_NVSVC
    O64 - Services: CurCS - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe - Orange update Core Service (Orange update Core Service) .(...) - LEGACY_ORANGE_UPDATE_CORE_SERVICE
    O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe - Office Source Engine (ose) .(.Microsoft Corporation - Office Source Engine.) - LEGACY_OSE
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR
    O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM
    O64 - Services: CurCS - C:\WINDOWS\system32\PCAMPR5.sys - PCAMPR5 NDIS Protocol Driver (PCAMPR5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMPR5
    O64 - Services: CurCS - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5
    O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
    O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(...) - LEGACY_PROCEXP113
    O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexion automatique d'accès distant (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO
    O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Minipor
    0
  15. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    yo :]

    Hébergement de rapport sur pjjoint.malekal.com

    ▶ Rends toi sur pjjoint.malekal.com
    ▶ Clique sur le bouton Parcourir
    ▶ Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
    ▶ Clique sur le bouton Envoyer
    ▶ Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015 Copie le lien dans ta prochaine réponse.

    @+ (bonne chasse Virus/C/C)
    0
  16. redbull47 Messages postés 53 Statut Membre
     
    voila c'est fait
    avec tdsskiller le rapport dit aucun fichier infectes.
    je suis sur mon pc jusqu'a environ 22h00 car apres je me couche car je bosse de nuit.
    je serais de retour vers 13h00.
    0
    1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
       
      il nous faudrait ce lien sinon on aura du mal de lire ton rapport lol
      0
    2. redbull47 Messages postés 53 Statut Membre
       
      c'es fait !!!!!
      0
  17. Utilisateur anonyme
     
    Salut

    Merçi >> juju666 de ton intervention !!

    redbull47 poste le rapport de tdsskiller

    ensuite en attendant :

    1) /!\ ZHPFix /!\

    * ferme toutes les applications ouvertes.
    * Copies tout le texte présent en gras dans l'encadré ci-dessous
    *( tu le selectionnes avec ta souris >> Clique droit dessus et choisis "copier" ou fait Ctrl+C )

    ================================================================================


    O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
    O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe


    ================================================================================

    * Double Clique sur l'icone ZhpFix du bureau pour le lancer ( l icone en forme de seringue) .
    * Utilisateurs de Windows7/Vista >> Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur"
    * Une fois l'outil ZHPFix ouvert ,

    * clique sur le bouton [ H ] ==> Image ( "coller les lignes Helper" ) .

    * Dans l'encadré principal
    * tu verras donc les lignes que tu as copié précédemment apparaitre .
    * Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
    * cliques >> OK puis
    * Cliques sur >>Tous
    * Pour finir clique sur >> Nettoyer .
    * colle le rapport obtenu .

    ensuite pour vérification :

    2)* Desactive ton antivirus le temps de la manip

    * Telecharge et install UsbFix (de El Desaparecido et C_XX )

    >> UsbFix (de El Desaparecido et C_XX )

    * Déconnectes toi et fermes toutes applications en cours
    * Au message ==> Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir
    * Double clic sur le raccourci UsbFix présent sur ton bureau .
    * Choisi >> l option Recherche
    * Laisse travailler l outil.
    * Ensuite poste le rapport UsbFix.txt qui apparaitra.
    * Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    * Réactive ton antivirus

    Membre Contributeur sécurité CCM
    0
  18. redbull47 Messages postés 53 Statut Membre
     
    Rapport de ZHPFix 1.12.3260 par Nicolas Coolman, Update du 11/03/2011
    Fichier d'export Registre :
    Run by fierro at 16/03/2011 21:43:17
    Windows XP Home Edition Service Pack 3 (Build 2600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
    Contact : nicolascoolman@yahoo.fr

    ========== Valeur(s) du Registre ==========
    O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente
    O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente

    ========== Récapitulatif ==========
    2 : Valeur(s) du Registre

    End of the scan
    0
  19. redbull47 Messages postés 53 Statut Membre
     
    ############################## | UsbFix 7.042 | [Recherche]

    Utilisateur: fierro (Administrateur) # ACER-9DEB84EBB9 [ ]
    Mis à jour le 14/03/2011 par TeamXscript
    Lancé à 21:51:11 | 16/03/2011
    Site Web: http://www.teamxscript.org
    Submit your sample: http://www.teamxscript.org/Upload.php
    Contact: TeamXscript.ElDesaparecido@gmail.com

    CPU: AMD Sempron(tm) Processor 3200+
    Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702

    Pare-feu Windows: Activé
    Antivirus: Microsoft Security Essentials 3.0.8107.0 [(!) Disabled | Updated]
    RAM -> 1982 Mo
    C:\ (%systemdrive%) -> Disque fixe # 72 Go (51 Go libre(s) - 70%) [ACER] # FAT32
    D:\ -> Disque fixe # 73 Go (3 Go libre(s) - 5%) [ACERDATA] # NTFS
    E:\ -> CD-ROM

    ################## | Éléments infectieux |

    Présent! C:\WINDOWS\system32\secushr.dat

    ################## | Registre |

    Présent! HKLM\software\microsoft\shared tools\msconfig\startupreg\
    Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
    Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

    ################## | Mountpoints2 |

    ################## | Vaccin |

    (!) Cet ordinateur n'est pas vacciné!

    ################## | E.O.F |
    0
  20. redbull47 Messages postés 53 Statut Membre
     
    2011/03/16 20:43:53.0140 0832 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
    2011/03/16 20:43:53.0562 0832 ================================================================================
    2011/03/16 20:43:53.0562 0832 SystemInfo:
    2011/03/16 20:43:53.0562 0832
    2011/03/16 20:43:53.0562 0832 OS Version: 5.1.2600 ServicePack: 3.0
    2011/03/16 20:43:53.0562 0832 Product type: Workstation
    2011/03/16 20:43:53.0562 0832 ComputerName: ACER-9DEB84EBB9
    2011/03/16 20:43:53.0562 0832 UserName: fierro
    2011/03/16 20:43:53.0562 0832 Windows directory: C:\WINDOWS
    2011/03/16 20:43:53.0562 0832 System windows directory: C:\WINDOWS
    2011/03/16 20:43:53.0562 0832 Processor architecture: Intel x86
    2011/03/16 20:43:53.0562 0832 Number of processors: 1
    2011/03/16 20:43:53.0562 0832 Page size: 0x1000
    2011/03/16 20:43:53.0562 0832 Boot type: Normal boot
    2011/03/16 20:43:53.0562 0832 ================================================================================
    2011/03/16 20:43:54.0140 0832 Initialize success
    2011/03/16 20:43:58.0234 0224 ================================================================================
    2011/03/16 20:43:58.0234 0224 Scan started
    2011/03/16 20:43:58.0234 0224 Mode: Manual;
    2011/03/16 20:43:58.0234 0224 ================================================================================
    2011/03/16 20:43:59.0140 0224 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/03/16 20:43:59.0218 0224 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
    2011/03/16 20:43:59.0515 0224 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2011/03/16 20:43:59.0734 0224 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
    2011/03/16 20:43:59.0812 0224 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
    2011/03/16 20:44:00.0359 0224 ALCXWDM (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
    2011/03/16 20:44:00.0671 0224 AmdK8 (62271ff14baa810323ac816c5d355ba9) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
    2011/03/16 20:44:00.0953 0224 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    2011/03/16 20:44:01.0484 0224 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/03/16 20:44:01.0578 0224 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/03/16 20:44:01.0812 0224 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/03/16 20:44:01.0937 0224 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/03/16 20:44:02.0046 0224 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/03/16 20:44:02.0218 0224 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/03/16 20:44:02.0390 0224 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    2011/03/16 20:44:02.0546 0224 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/03/16 20:44:02.0687 0224 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/03/16 20:44:02.0796 0224 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/03/16 20:44:03.0562 0224 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/03/16 20:44:03.0718 0224 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/03/16 20:44:03.0890 0224 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
    2011/03/16 20:44:03.0968 0224 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/03/16 20:44:04.0125 0224 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/03/16 20:44:04.0406 0224 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/03/16 20:44:04.0578 0224 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/03/16 20:44:04.0703 0224 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    2011/03/16 20:44:04.0843 0224 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
    2011/03/16 20:44:05.0000 0224 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    2011/03/16 20:44:05.0093 0224 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2011/03/16 20:44:05.0156 0224 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/03/16 20:44:05.0218 0224 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/03/16 20:44:05.0328 0224 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    2011/03/16 20:44:05.0484 0224 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/03/16 20:44:05.0656 0224 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/03/16 20:44:05.0906 0224 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/03/16 20:44:06.0234 0224 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/03/16 20:44:06.0359 0224 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/03/16 20:44:06.0687 0224 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2011/03/16 20:44:06.0781 0224 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/03/16 20:44:06.0921 0224 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/03/16 20:44:07.0062 0224 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/03/16 20:44:07.0156 0224 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/03/16 20:44:07.0296 0224 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
    2011/03/16 20:44:07.0437 0224 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/03/16 20:44:07.0546 0224 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
    2011/03/16 20:44:07.0656 0224 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/03/16 20:44:07.0734 0224 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/03/16 20:44:07.0843 0224 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    2011/03/16 20:44:07.0968 0224 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2011/03/16 20:44:08.0062 0224 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/03/16 20:44:08.0281 0224 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/03/16 20:44:08.0421 0224 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
    2011/03/16 20:44:08.0546 0224 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/03/16 20:44:08.0671 0224 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/03/16 20:44:08.0781 0224 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/03/16 20:44:08.0890 0224 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
    2011/03/16 20:44:09.0046 0224 MpKsl0e9ca3f3 (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFC86AD2-F4E1-4572-937D-FCDCAC6BB556}\MpKsl0e9ca3f3.sys
    2011/03/16 20:44:09.0343 0224 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/03/16 20:44:09.0453 0224 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/03/16 20:44:09.0656 0224 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/03/16 20:44:09.0796 0224 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/03/16 20:44:09.0906 0224 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/03/16 20:44:10.0046 0224 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/03/16 20:44:10.0125 0224 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/03/16 20:44:10.0234 0224 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    2011/03/16 20:44:10.0328 0224 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    2011/03/16 20:44:10.0437 0224 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    2011/03/16 20:44:10.0578 0224 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/03/16 20:44:10.0687 0224 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    2011/03/16 20:44:10.0828 0224 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/03/16 20:44:10.0968 0224 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/03/16 20:44:11.0109 0224 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/03/16 20:44:11.0203 0224 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/03/16 20:44:11.0328 0224 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/03/16 20:44:11.0421 0224 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/03/16 20:44:11.0609 0224 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    2011/03/16 20:44:11.0703 0224 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/03/16 20:44:11.0859 0224 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/03/16 20:44:11.0953 0224 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
    2011/03/16 20:44:12.0031 0224 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/03/16 20:44:12.0265 0224 nv (9e1f2f09e34c92a96b9900b6a45d5026) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    2011/03/16 20:44:12.0468 0224 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
    2011/03/16 20:44:12.0578 0224 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
    2011/03/16 20:44:12.0656 0224 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/03/16 20:44:12.0718 0224 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/03/16 20:44:12.0843 0224 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    2011/03/16 20:44:12.0984 0224 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
    2011/03/16 20:44:13.0140 0224 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/03/16 20:44:13.0187 0224 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/03/16 20:44:13.0921 0224 PCAMPR5 (b670c5d89f0726b7a2a7dfb4e968cdf8) C:\WINDOWS\system32\PCAMPR5.SYS
    2011/03/16 20:44:14.0609 0224 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS
    2011/03/16 20:44:14.0734 0224 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/03/16 20:44:14.0937 0224 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2011/03/16 20:44:15.0078 0224 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
    2011/03/16 20:44:15.0968 0224 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/03/16 20:44:16.0062 0224 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
    2011/03/16 20:44:16.0187 0224 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/03/16 20:44:16.0250 0224 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/03/16 20:44:16.0359 0224 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    2011/03/16 20:44:16.0968 0224 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/03/16 20:44:17.0078 0224 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
    2011/03/16 20:44:17.0203 0224 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/03/16 20:44:17.0328 0224 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/03/16 20:44:17.0390 0224 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/03/16 20:44:17.0484 0224 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/03/16 20:44:17.0531 0224 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/03/16 20:44:17.0687 0224 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/03/16 20:44:17.0828 0224 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/03/16 20:44:18.0078 0224 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/03/16 20:44:18.0296 0224 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    2011/03/16 20:44:18.0406 0224 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
    2011/03/16 20:44:18.0578 0224 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    2011/03/16 20:44:18.0859 0224 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    2011/03/16 20:44:19.0000 0224 snpstd2 (7fc5b8e9581e543fb42fb8dcde3132e2) C:\WINDOWS\system32\DRIVERS\snpstd2.sys
    2011/03/16 20:44:19.0234 0224 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/03/16 20:44:19.0359 0224 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/03/16 20:44:19.0468 0224 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/03/16 20:44:19.0609 0224 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    2011/03/16 20:44:19.0750 0224 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/03/16 20:44:19.0875 0224 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/03/16 20:44:20.0484 0224 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/03/16 20:44:20.0640 0224 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/03/16 20:44:20.0750 0224 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/03/16 20:44:20.0859 0224 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/03/16 20:44:20.0984 0224 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/03/16 20:44:21.0250 0224 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
    2011/03/16 20:44:21.0390 0224 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/03/16 20:44:21.0687 0224 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2011/03/16 20:44:21.0828 0224 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    2011/03/16 20:44:21.0921 0224 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2011/03/16 20:44:22.0078 0224 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/03/16 20:44:22.0203 0224 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/03/16 20:44:22.0312 0224 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    2011/03/16 20:44:22.0421 0224 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2011/03/16 20:44:22.0546 0224 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    2011/03/16 20:44:22.0671 0224 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/03/16 20:44:22.0828 0224 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2011/03/16 20:44:23.0328 0224 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/03/16 20:44:23.0453 0224 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/03/16 20:44:23.0703 0224 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/03/16 20:44:23.0937 0224 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    2011/03/16 20:44:24.0140 0224 ================================================================================
    2011/03/16 20:44:24.0140 0224 Scan finished
    2011/03/16 20:44:24.0140 0224 ================================================================================
    2011/03/16 20:45:01.0484 2008 Deinitialize success
    0
  • 1
  • 2
  • 3
  • 4
  • 5