Je suis rempli d espion ou de troyens

benjamin66 Messages postés 22 Statut Membre -  
Kristopher Messages postés 3752 Statut Contributeur -
bonjour voila je suis rempli d espion ou de troyens adware mais hijackthis me detect pas grand chose apparament d apres ce qu on ma dit mais cool webshreder men trouve beauboup plus je vous en voi quand mon log hijackthis pour linstant
Logfile of HijackThis v1.99.1
Scan saved at 10:58:50, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\a-squared\a2start.exe
C:\Program Files\a-squared\a2scan.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

sinon je sais que toute ma base de registre est infectée tout comme mon bios d aprés spybot merci de votre aide

34 réponses

  • 1
  • 2
  1. JiGéGé Messages postés 2281 Date d'inscription   Statut Membre Dernière intervention  
     
    Salut.

    Ben évidemment : t'as ni antivirus, ni firewall ....
    après ca faut pas t'étonner d'avoir des virus

    voir https://sebsauvage.net/safehex.html
    0
  2. benjamin66 Messages postés 22 Statut Membre
     
    il y a pas lontemps j ai trouvé un win32 spybot nlx
    0
  3. benjamin66 Messages postés 22 Statut Membre
     
    vous rigoler la jesper ?loool si j en ai pas c est pour une bonne raison non?c est parce qu on me la demandé ca ma fait un pe de nettoyage car si vous le gars m a infecté deja le telechargement avec un adware mediapipe puis l installation des logiciels dans msi et la desinstallation des logiciels sinon j avais tout avan javai zone alarm ewido a2 free et spybot quelque fois j allais sur le net secuser.com mais le mek il ma envoyé quand meme ca
    et a2 squared le detecte sinon aussi
    **** Run Keys ****

    RUN: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    RUN: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    RUN: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    RUN: [WooCnxMon]
    RUN: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

    **** Browser Helper Objects ****

    **** IE Toolbars ****

    **** IE Extensions ****

    **** Hosts File Entries ****

    **** IE Settings ****

    Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Local Page: \blank.htm
    Search Page: http://www.msn.com/access/allinone.asp

    **** IE Context Menu (Right click) ****

    **** Layered Service Providers ****

    LSP: imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [TCP/IP]]]
    LSP: imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [UDP/IP]]]
    LSP: imslsp/1144400931 over [MSAFD Tcpip [TCP/IP]]
    LSP: imslsp/1144400931 over [MSAFD Tcpip [UDP/IP]]
    LSP: CA ISafe LSP over [MSAFD Tcpip [TCP/IP]]
    LSP: CA ISafe LSP over [MSAFD Tcpip [UDP/IP]]
    LSP: MSAFD Tcpip [TCP/IP]
    LSP: MSAFD Tcpip [UDP/IP]
    LSP: RSVP UDP Service Provider
    LSP: RSVP TCP Service Provider
    LSP: MSAFD nwlnkipx [IPX]
    LSP: MSAFD nwlnkspx [SPX]
    LSP: MSAFD nwlnkspx [SPX] [Pseudo Stream]
    LSP: MSAFD nwlnkspx [SPX II]
    LSP: MSAFD nwlnkspx [SPX II] [Pseudo Stream]
    LSP: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 3
    LSP: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 3
    LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3BBF674C-1113-41D3-B7DF-E12A5AB9EF53}] SEQPACKET 0
    LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3BBF674C-1113-41D3-B7DF-E12A5AB9EF53}] DATAGRAM 0
    LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FB458613-4778-4C16-92F4-0450C437C848}] SEQPACKET 1
    LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FB458613-4778-4C16-92F4-0450C437C848}] DATAGRAM 1
    LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{74046427-157B-460E-8CF1-35C9520B9896}] SEQPACKET 2
    LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{74046427-157B-460E-8CF1-35C9520B9896}] DATAGRAM 2

    **** Blocked Control Panel Items ****

    BLOCKED: [ncpa.cpl] No
    BLOCKED: [odbccp32.cpl] No

    **** Downloaded Program Files ****

    **** Windows Services ****

    [Alerter] %SystemRoot%\System32\svchost.exe -k LocalService
    [ALG] %SystemRoot%\System32\alg.exe
    [AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
    [aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
    [AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
    [BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
    [Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
    [CAISafe] C:\WINDOWS\system32\ZoneLabs\isafe.exe
    [CiSvc] %SystemRoot%\system32\cisvc.exe
    [ClipSrv] %SystemRoot%\system32\clipsrv.exe
    [COMSysApp] C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
    [CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
    [DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
    [Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs
    [dmadmin] %SystemRoot%\System32\dmadmin.exe /com
    [dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
    [Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService
    [ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
    [Eventlog] %SystemRoot%\system32\services.exe
    [EventSystem] C:\WINDOWS\System32\svchost.exe -k netsvcs
    [ewido security suite control] C:\Program Files\ewido anti-malware\ewidoctrl.exe
    [FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
    [Fax] %systemroot%\system32\fxssvc.exe
    [FTRTSVC] C:\WINDOWS\System32\FTRTSVC.exe
    [helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
    [HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
    [HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
    [IDriverT] "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"
    [ImapiService] C:\WINDOWS\System32\imapi.exe
    [lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs
    [lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs
    [LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService
    [LPDSVC] %SystemRoot%\System32\tcpsvcs.exe
    [Messenger] %SystemRoot%\System32\svchost.exe -k netsvcs
    [mnmsrvc] C:\WINDOWS\System32\mnmsrvc.exe
    [MSDTC] C:\WINDOWS\System32\msdtc.exe
    [MSIServer] C:\WINDOWS\System32\msiexec.exe /V
    [NetDDE] %SystemRoot%\system32\netdde.exe
    [NetDDEdsdm] %SystemRoot%\system32\netdde.exe
    [Netlogon] %SystemRoot%\System32\lsass.exe
    [Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
    [Nla] %SystemRoot%\System32\svchost.exe -k netsvcs
    [NtLmSsp] %SystemRoot%\System32\lsass.exe
    [NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
    [NVSvc] %SystemRoot%\System32\nvsvc32.exe
    [PavPrSrv] "C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe"
    [PlugPlay] %SystemRoot%\system32\services.exe
    [PolicyAgent] %SystemRoot%\System32\lsass.exe
    [ProtectedStorage] %SystemRoot%\system32\lsass.exe
    [RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
    [RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
    [RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
    [RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
    [RpcLocator] %SystemRoot%\System32\locator.exe
    [RpcSs] %SystemRoot%\system32\svchost -k rpcss
    [RSVP] %SystemRoot%\System32\rsvp.exe
    [SamSs] %SystemRoot%\system32\lsass.exe
    [SCardSvr] %SystemRoot%\System32\SCardSvr.exe
    [Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
    [seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
    [SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
    [SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
    [ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
    [Spooler] %SystemRoot%\system32\spoolsv.exe
    [spupdsvc] C:\WINDOWS\system32\spupdsvc.exe
    [srservice] %SystemRoot%\System32\svchost.exe -k netsvcs
    [SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService
    [stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc
    [SwPrv] C:\WINDOWS\System32\dllhost.exe /Processid:{C4798664-C900-47C5-B3C3-98CB7EEAA115}
    [SysmonLog] %SystemRoot%\system32\smlogsvc.exe
    [TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
    [TermService] %SystemRoot%\System32\svchost -k DComLaunch
    [Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
    [TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
    [UMWdf] C:\WINDOWS\system32\wdfmgr.exe
    [upnphost] %SystemRoot%\System32\svchost.exe -k LocalService
    [UPS] %SystemRoot%\System32\ups.exe
    [vsmon] C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
    [VSS] %SystemRoot%\System32\vssvc.exe
    [W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
    [WebClient] %SystemRoot%\System32\svchost.exe -k LocalService
    [winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
    [WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
    [WmiApSrv] C:\WINDOWS\System32\wbem\wmiapsrv.exe
    [wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
    [WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
    [xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs

    **** Custom IE Search Items ****

    SEARCH: [SearchAssistant] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
    SEARCH: [CustomizeSearch] https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
    SEARCH: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

    **** Complete IE Options ****

    IEOPT: [NoUpdateCheck]
    IEOPT: [NoJITSetup]
    IEOPT: [Disable Script Debugger] yes
    IEOPT: [Show_ChannelBand] No
    IEOPT: [Anchor Underline] yes
    IEOPT: [Cache_Update_Frequency] Once_Per_Session
    IEOPT: [Display Inline Images] yes
    IEOPT: [Do404Search]
    IEOPT: [Save_Session_History_On_Exit] no
    IEOPT: [Show_FullURL] no
    IEOPT: [Show_StatusBar] yes
    IEOPT: [Show_ToolBar] yes
    IEOPT: [Show_URLinStatusBar] yes
    IEOPT: [Show_URLToolBar] yes
    IEOPT: [Start Page] about:blank
    IEOPT: [Use_DlgBox_Colors] yes
    IEOPT: [Window_Placement] ,
    IEOPT: [Use Custom Search URL]
    IEOPT: [Use FormSuggest] yes
    IEOPT: [Error Dlg Displayed On Every Error] no
    IEOPT: [ShowedCheckBrowser] Yes
    IEOPT: [Check_Associations] Yes
    IEOPT: [FullScreen] no
    IEOPT: [NotifyDownloadComplete] yes
    IEOPT: [FormSuggest PW Ask] no
    IEOPT: [AddToFavoritesExpanded]
    IEOPT: [Search Page] http://www.msn.com/access/allinone.asp
    IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IEOPT: [AutoSearch]
    IEOPT: [Local Page] \blank.htm
    IEOPT: [Window Title] Wanadoo
    IEOPT: [Enable_Disk_Cache] yes
    IEOPT: [Cache_Percent_of_Disk]
    IEOPT: [Delete_Temp_Files_On_Exit] yes
    IEOPT: [Anchor_Visitation_Horizon]
    IEOPT: [Use_Async_DNS] yes
    IEOPT: [Placeholder_Width]
    IEOPT: [Placeholder_Height]
    IEOPT: [Start Page] http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    IEOPT: [CompanyName] Microsoft Corporation
    IEOPT: [Custom_Key] MICROSO
    IEOPT: [Wizard_Version] 6.00.2800.1017
    IEOPT: [FullScreen] no
    IEOPT: [Default_Page_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IEOPT: [Search Page] http://www.msn.com/access/allinone.asp
    IEOPT: [Local Page] \blank.htm
    IEOPT: [BigBitmap] C:\PROGRA~1\Wanadoo\static38.bmp
    IEOPT: [SmallBitmap] C:\PROGRA~1\Wanadoo\static22.bmp
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. benjamin66 Messages postés 22 Statut Membre
     
    si vous voulez plus j installe de logiciels et plus ca m infecte apparemment
    0
    1. BmV Messages postés 43646 Date d'inscription   Statut Modérateur Dernière intervention   4 962
       
      .... sauf que dans tes listes, il n'y a pas que des virus, mon bon !
      Il y a aussi des éléments tout à fait normaux.
      0
  6. BmV Messages postés 43646 Date d'inscription   Statut Modérateur Dernière intervention   4 962
     
    Salut.

    Oui, et alors ?
    Normal, si t'as pas d'anti-virus !

    zone alarm ewido a2 free et spybot ne sont PAS des anti-virus, mon grand !

    Et je crois qu'ils rigolent du tout, au-dessus, là ! Sur CCM, on essaie d'être "sérieux", et de donner des conseils "sérieux".
    Ca m'étonenrait d'ailleurs que Secuser t'ait envoyé tout ce que tu nous listes là ; c'est un site sérieux et clean, aussi, et ce depuis des années.

    Cela dit, as-tu suivi les liens donnés au < 1 > et au < 2 > ?
    Y'a toutes les infos basiques sur la sécurité.

    Et pour ton log Hijack, on va s'en occuper, mais c'est désespéré : si tu fais rien, ton PC va à nouveau être vérolé dans les huit minutes.

    Alors, bon, tu veux pas mettre d'antivirus ni de firewall, c'est ton choix, t'es majeur et vacciné, c'est ton PC, tu es complètement libre, tu en fais ce que tu veux, mais bon, faut pas t'étonner après et revenir pleurer dès ce soir avec une liste encore plus longue ....
    Mais bon, ça te regarde....

    A propos "si j en ai pas c est pour une bonne raison non?c est parce qu on me la demandé " : on peut savoir QUEL est l'artiste qui t'a demandé de faire ça ????
    0
  7. benjamin66 Messages postés 22 Statut Membre
     
    et ca pas un antivirus? mdr

    Logfile of HijackThis v1.99.1
    Scan saved at 12:00:25, on 07/04/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\spupdsvc.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spnpinst.exe
    C:\WINDOWS\system32\Sysocmgr.exe
    C:\WINDOWS\system32\ZoneLabs\isafe.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
    O13 - DefaultPrefix:
    O13 - WWW Prefix:
    O13 - Home Prefix:
    O13 - Mosaic Prefix:
    O13 - FTP Prefix:
    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.1 80.10.246.132
    O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    c est comme le port salut c est ecrit dessus je sais ce que c est ce sont des anti troyen anti malware et anti spyware
    0
  8. BmV Messages postés 43646 Date d'inscription   Statut Modérateur Dernière intervention   4 962
     
    Lis bien sur mes lèvres : zone alarm, ewido, a2 free ,et spybot ne sont PAS des anti-virus !

    Je constate cependant avec plaisir qu'entre ton premier log et celui-ci tu as installé ou réactivé l'antivirus Windows et Zone Alarm.
    C'est un début.

    Cela dit, si tu t'y connais si bien que ça, pourquoi tu viens poser tes problèmes ici ?

    Tchao !
    0
  9. Utilisateur anonyme
     
    Arrêtes un peu de faire ton mâlin ! t'es pas content on te retient pas ! ecoute les personnes qui sont plus "calés" que toi au lieu de jouer les cyber rebelles.

    O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe"

    si c'est ça ton anti-virus revois tes connaissances ;-)
    0
  10. benjamin66 Messages postés 22 Statut Membre
     
    la en fait c est les desinstalation des logiciels
    bon a la base si vous voulez il y avait plus de chose car on ma di de desinstaller tout ce qui etait securité je lai fait et il me resté wanadoo et kb

    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-03-30 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2006-02-06 advcheck.dll (1.0.2.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2006-02-20 Tools.dll (2.0.0.2)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2006-04-01 Includes\Cookies.sbi
    2006-04-01 Includes\Dialer.sbi
    2006-04-01 Includes\Hijackers.sbi
    2006-04-01 Includes\Keyloggers.sbi
    2004-11-29 Includes\LSP.sbi
    2006-04-01 Includes\Malware.sbi
    2006-04-01 Includes\PUPS.sbi
    2006-04-01 Includes\Revision.sbi
    2006-04-01 Includes\Security.sbi
    2006-04-01 Includes\Spybots.sbi
    2005-02-17 Includes\Tracks.uti
    2006-04-01 Includes\Trojans.sbi

    a-squared Free 1.6.5 1.6 (a-squared Free_is1)
    install location: C:\Program Files\a-squared\
    uninstall cmd: "C:\Program Files\a-squared\unins000.exe"
    publisher: Emsi Software GmbH
    comments: a-squared
    help link: https://support.emsisoft.com/

    Outil de connexion Wanadoo (EspaceWanadoo.exe)
    uninstall cmd: C:\PROGRA~1\Wanadoo\MessageDesinstallation.exe Wanadoo

    ewido anti-malware (ewidoantimalware)
    install location: C:\Program Files\ewido anti-malware
    uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
    publisher: ewido networks
    help link: https://www.avg.com/en-us/free-antivirus-download

    Navigateur Wanadoo (FranceTelecomUninstall_FTBrowser)
    install location: C:\PROGRA~1\Wanadoo\WOOBrowser
    uninstall cmd: C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl

    HijackThis 1.99.1 1.99.1 (HijackThis)
    uninstall cmd: C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe /uninstall
    publisher: Soeperman Enterprises Ltd.

    (KB905915)

    4.8.0.6787 (MailFrontier Desktop)
    publisher: MailFrontier

    WinAntiVirus Pro 2006 2.0.175.0 (WA6P_is1)
    install location: C:\Program Files\WinAntiVirus Pro 2006\
    uninstall cmd: "C:\Program Files\WinAntiVirus Pro 2006\pv.exe"
    publisher: WinSoftware, Ltd.
    help link: http://fr.winsoftware.com

    ZoneAlarm Security Suite 6.1.744.001 (ZoneAlarm Security Suite)
    uninstall cmd: C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
    publisher: Zone Labs, Inc
    help link: C:\Program Files\Zone Labs\ZoneAlarm\Aide\zaclients.chm
    0
  11. BmV Messages postés 43646 Date d'inscription   Statut Modérateur Dernière intervention   4 962
     
    "on ma di de desinstaller tout ce qui etait securité" : mais p**$ de bor*$ùù* de $ù§§* , QUI t'a dit de désinstaller tout ça ?

    QUI ???????

    Bon.
    Allez.
    Stop.

    On va pas te faire un laïus là dessus, tu ne réponds pas à nos questions, tu sais tout mieux que tout le monde (à part que tu confonds tout, les AV, les antispy, les programmes, les process normaux, les infections, etc.) , alors tu fais comme tu veux avec ton PC.

    Encore une fois, va voir ici https://sebsauvage.net/safehex.html (parce que je suis certain que t'es pas allé lire ...)
    0
  12. Kristopher Messages postés 3752 Statut Contributeur 106
     
    Bonjour tout le monde,

    benjamin66, la personne ou le forum qui t'as demandé de désinstaller ce qui était en rapport avec la sécurité de ton PC n'était pas digne de confiance.

    Par contre, notre forum CCM est digne de confiance - tu peux nous poser des questions tout en restant très poli.

    Pour commencer, visite la page que BmV s'efforce de te montrer depuis un certain temps, histoire de voir le minimum que tu devrais posséder pour sécuriser ton PC.

    Avec notre collaboration, tu devrais parvenir à guérir ton PC, mais tout dépend de Toi ;)

    Courage man ^^
    0
  13. benjamin66 Messages postés 22 Statut Membre
     
    bin c est un gars sur un autre site mais qui fais les memes chose que vous quoi je crois que forum.telecharger.01net.com/.../securite_virus_et_assimiles/virus/sos______gchris-395608/messages-1.html
    0
    1. Utilisateur anonyme
       
      ça m'ettonerait que Gchris ta dit de désinstallé tes logiciels de sécurité :-D ...allez bonne lecture !
      0
  14. benjamin66 Messages postés 22 Statut Membre
     
    pas gchris mais un otr gars qui est sur leur site
    0
    1. Utilisateur anonyme
       
      :-)
      0
  15. benjamin66 Messages postés 22 Statut Membre
     
    par contre une fois un programme ma detecté tout ca

    WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

    If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

    »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
    Internet Explorer Version: 6.0.2900.2180

    »»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

    Checking %SystemDrive% folder...

    Checking %ProgramFilesDir% folder...

    Checking %WinDir% folder...
    UPX! 25/03/2006 00:32:56 176709 C:\WINDOWS\tsc.exe
    PECompact2 25/03/2006 00:32:56 17265523 C:\WINDOWS\VPTNFILE.283
    qoologic 25/03/2006 00:32:56 17265523 C:\WINDOWS\VPTNFILE.283
    SAHAgent 25/03/2006 00:32:56 17265523 C:\WINDOWS\VPTNFILE.283
    UPX! 25/03/2006 00:32:56 1077328 C:\WINDOWS\vsapi32.dll
    aspack 25/03/2006 00:32:56 1077328 C:\WINDOWS\vsapi32.dll

    Checking %System% folder...
    UPX! 28/01/2006 00:38:10 503296 C:\WINDOWS\SYSTEM32\aswBoot.exe
    aspack 18/03/2005 17:19:58 2337488 C:\WINDOWS\SYSTEM32\d3dx9_25.dll
    aspack 26/05/2005 15:34:52 2297552 C:\WINDOWS\SYSTEM32\d3dx9_26.dll
    PEC2 02/08/2003 07:23:30 41131 C:\WINDOWS\SYSTEM32\dfrg.msc
    aspack 04/08/2004 01:54:16 733184 C:\WINDOWS\SYSTEM32\ntdll.dll
    Umonitor 04/08/2004 01:54:38 685056 C:\WINDOWS\SYSTEM32\rasdlg.dll
    winsync 02/08/2003 06:30:18 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

    Checking %System%\Drivers folder and sub-folders...
    PTech 03/08/2004 23:41:38 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

    Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts

    Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
    04/04/2006 10:09:06 S 2048 C:\WINDOWS\bootstat.dat
    25/03/2006 10:53:32 RHS 310568 C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_10.cab
    31/03/2006 17:29:44 H 4212 C:\WINDOWS\system32\zllictbl.dat
    04/04/2006 11:34:24 H 1024 C:\WINDOWS\system32\config\default.LOG
    31/03/2006 16:48:34 H 0 C:\WINDOWS\system32\config\default_TU_43374.LOG
    04/04/2006 10:09:06 H 1024 C:\WINDOWS\system32\config\SAM.LOG
    31/03/2006 16:48:36 H 0 C:\WINDOWS\system32\config\SAM_TU_85643.LOG
    04/04/2006 10:10:44 H 1024 C:\WINDOWS\system32\config\SECURITY.LOG
    31/03/2006 16:48:34 H 0 C:\WINDOWS\system32\config\SECURITY_TU_42581.LOG
    04/04/2006 11:48:02 H 1024 C:\WINDOWS\system32\config\software.LOG
    31/03/2006 16:48:34 H 0 C:\WINDOWS\system32\config\software_TU_81178.LOG
    04/04/2006 11:48:46 H 1024 C:\WINDOWS\system32\config\system.LOG
    31/03/2006 16:48:34 H 0 C:\WINDOWS\system32\config\system_TU_91266.LOG
    30/03/2006 14:53:38 H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
    23/03/2006 10:26:24 H 262144 C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
    23/03/2006 10:26:24 H 1024 C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
    23/03/2006 10:33:56 RHS 4266 C:\WINDOWS\system32\drivers\HP_DQ054A-ABF t329.fr_YC_Pavi_QCZB345_E34FRheBLT2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.07_T031015_W1_L40C_M768_J164_7AMD_8Athlon XP 2600+_91,91_110DE006E_N10DE0066_P_Z14F12F00_K_A10DE006A_U10DE0067_G10025961.MRK
    23/03/2006 10:28:22 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\1275afed-20bc-481d-aa9a-9083ebb592fe
    23/03/2006 10:28:22 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\cf9e110c-03e7-4c9c-a5d2-32f53df741c8
    23/03/2006 10:28:22 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\f08bc652-9fb0-41cb-b554-3e0a91ed702e
    23/03/2006 10:28:22 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
    04/04/2006 10:09:08 H 6 C:\WINDOWS\Tasks\SA.DAT

    Checking for CPL files...
    Microsoft Corporation 04/08/2004 01:55:04 71680 C:\WINDOWS\SYSTEM32\access.cpl
    Realtek Semiconductor Corp. 27/06/2003 21:40:32 8606208 C:\WINDOWS\SYSTEM32\ALSNDMGR.CPL
    Microsoft Corporation 04/08/2004 01:55:04 555008 C:\WINDOWS\SYSTEM32\appwiz.cpl
    21/12/2005 13:10:46 69632 C:\WINDOWS\SYSTEM32\av.cpl
    Microsoft Corporation 04/08/2004 01:55:04 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl
    Microsoft Corporation 04/08/2004 01:55:04 138240 C:\WINDOWS\SYSTEM32\desk.cpl
    Microsoft Corporation 04/08/2004 01:55:04 80384 C:\WINDOWS\SYSTEM32\firewall.cpl
    Microsoft Corporation 04/08/2004 01:55:04 157184 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
    Intel Corporation 07/04/2003 07:14:30 94208 C:\WINDOWS\SYSTEM32\igfxcpl.cpl
    Microsoft Corporation 04/08/2004 01:55:04 359936 C:\WINDOWS\SYSTEM32\inetcpl.cpl
    Microsoft Corporation 04/08/2004 01:55:04 134144 C:\WINDOWS\SYSTEM32\intl.cpl
    Microsoft Corporation 04/08/2004 01:55:04 380928 C:\WINDOWS\SYSTEM32\irprops.cpl
    Microsoft Corporation 04/08/2004 01:55:04 70144 C:\WINDOWS\SYSTEM32\joy.cpl
    Sun Microsystems 20/02/2003 23:42:34 229487 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
    Microsoft Corporation 02/08/2003 08:16:22 189952 C:\WINDOWS\SYSTEM32\main.cpl
    Microsoft Corporation 04/08/2004 01:55:04 626176 C:\WINDOWS\SYSTEM32\mmsys.cpl
    Microsoft Corporation 02/08/2003 10:31:58 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
    Microsoft Corporation 04/08/2004 01:55:04 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl
    Microsoft Corporation 04/08/2004 01:55:04 261120 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
    NVIDIA Corporation 02/05/2003 23:19:00 143360 C:\WINDOWS\SYSTEM32\nvtuicpl.cpl
    Microsoft Corporation 04/08/2004 01:55:04 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl
    Microsoft Corporation 04/08/2004 01:55:04 118272 C:\WINDOWS\SYSTEM32\powercfg.cpl
    Microsoft Corporation 04/08/2004 01:55:04 305152 C:\WINDOWS\SYSTEM32\sysdm.cpl
    Microsoft Corporation 02/08/2003 18:38:20 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
    Microsoft Corporation 04/08/2004 01:55:04 94208 C:\WINDOWS\SYSTEM32\timedate.cpl
    Microsoft Corporation 04/08/2004 01:55:04 148480 C:\WINDOWS\SYSTEM32\wscui.cpl
    Microsoft Corporation 26/05/2005 05:16:32 175896 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
    Microsoft Corporation 02/08/2003 08:16:22 189952 C:\WINDOWS\SYSTEM32\dllcache\main.cpl
    Microsoft Corporation 02/08/2003 10:31:58 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
    Microsoft Corporation 02/08/2003 18:38:20 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl

    »»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

    Checking files in %ALLUSERSPROFILE%\Startup folder...
    05/08/2003 13:11:26 HS 84 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini

    Checking files in %ALLUSERSPROFILE%\Application Data folder...
    23/03/2006 14:29:00 305 C:\Documents and Settings\All Users\Application Data\addr_file.html
    05/08/2003 14:02:42 HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini
    27/03/2006 11:35:42 1509 C:\Documents and Settings\All Users\Application Data\hpzinstall.log

    Checking files in %USERPROFILE%\Startup folder...
    05/08/2003 13:11:26 HS 84 C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\desktop.ini

    Checking files in %USERPROFILE%\Application Data folder...
    05/08/2003 14:02:42 HS 62 C:\Documents and Settings\Propriétaire\Application Data\desktop.ini

    »»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    Wanadoo 7.1 ; NaviWoo1.1 = IEAKFT
    SV1 =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

    [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido
    {57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido anti-malware\context.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
    {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
    {09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
    {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ShellExtension
    {1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} = C:\Program Files\WinAntiVirus Pro 2006\WAV6COM.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
    Épingle du menu Démarrer = %SystemRoot%\system32\SHELL32.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}
    = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\a2ContMenu
    {AB77609F-2178-4E6F-9C4B-44AC179D937A} = C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}
    = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
    {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido
    {57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido anti-malware\context.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
    {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ShellExtension
    {1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} = C:\Program Files\WinAntiVirus Pro 2006\WAV6COM.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{7D4D6379-F301-4311-BEBA-E26EB0561882}
    = C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
    &Astuce du jour = %SystemRoot%\System32\shdocvw.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
    =

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = :
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
    {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} = :
    {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Liens : %SystemRoot%\system32\SHELL32.dll
    {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Adresse : %SystemRoot%\System32\browseui.dll
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} = :

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    WinAntiVirusPro2006 C:\Program Files\WinAntiVirus Pro 2006\winav.exe /min

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    msnmsgr "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    Steam "C:\Program Files\Steam\Steam.exe" -silent

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PS2
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item ps2
    hkey HKLM
    inimapping 0
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item ps2
    hkey HKLM
    inimapping 0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item Skype
    hkey HKCU
    command "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    inimapping 0
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item Skype
    hkey HKCU
    command "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    inimapping 0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item
    hkey HKCU
    command
    inimapping 0
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item
    hkey HKCU
    command
    inimapping 0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WooCnxMon
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item
    hkey HKCU
    command
    inimapping 0
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item
    hkey HKCU
    command
    inimapping 0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
    system.ini 0
    win.ini 0
    bootini 0
    services 0
    startup 2

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
    {BDEADF00-C265-11D0-BCED-00A0C90AB50F} =
    {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} =

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    dontdisplaylastusername 0
    legalnoticecaption
    legalnoticetext
    shutdownwithoutlogon 1
    undockwithoutlogon 1

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    NoDriveTypeAutoRun •
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
    CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
    WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} =
    SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,
    Shell = Explorer.exe
    System =

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
    Debugger = ntsd -d

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLs

    <<<<<<<<<< Checking for AddOn Monitors.def information >>>>>>>>>>
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors;;
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors found!

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\BJ Language Monitor
    Driver cnbjmon.dll

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Local Port
    Driver localspl.dll

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\LPR Port
    Driver lprmon.dll

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\LPR Port\Ports

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Microsoft Shared Fax Monitor
    Driver FXSMON.DLL

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\PJL Language Monitor
    Driver pjlmon.dll
    EOJTimeout 60000

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port
    Driver tcpmon.dll

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port\Ports
    StatusUpdateInterval 10
    StatusUpdateEnabled 1

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\USB Monitor
    Driver usbmon.dll

    <<<<<<<<<< Checking for AddOn OpenCommand.def information >>>>>>>>>>
    >>>>>>>>>> Exporting Shell Open\Command entries
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\batfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\batfile\shell\open\command found!
    "%1" %*

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\comfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\comfile\shell\open\command found!
    "%1" %*

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\exefile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\exefile\shell\open\command found!
    "%1" %*

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\piffile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\piffile\shell\open\command found!
    "%1" %*

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\regfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\regfile\shell\open\command found!
    regedit.exe "%1"

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\scrfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\scrfile\shell\open\command found!
    "%1" /S

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\vbsfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\vbsfile\shell\open\command found!

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\htmlfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\htmlfile\shell\open\command found!
    "C:\Program Files\Internet Explorer\iexplore.exe" -nohome

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\http\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\http\shell\open\command found!
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mp3file\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mp3file\shell\open\command found!
    "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "%L"

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mpegfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\mpegfile\shell\open\command found!
    "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:9 /Open "%L"

    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\jsfile\shell\open\command;;
    HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\jsfile\shell\open\command found!

    <<<<<<<<<< Checking for AddOn Policies.def information >>>>>>>>>>

    <<<<<<<<<< Checking for AddOn Qoologic.def information >>>>>>>>>>
    >>>>>>>>>> Search by size and name
    >>>>>>>>>> Files found by this method are not necessarily bad
    >>>>>>>>>> Example PNGFILT.DLL is a windows file
    Parameter line : file=%sysdir%;*.exe;150;61952;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 61952 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;150;7680;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 7680 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;150;91648;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 91648 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;150;81920;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 81920 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;150;7168;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 7168 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;150;65536;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 150 days with a size of 65536 bytes was not found!
    Parameter line : file=%sysdir%;redit.cpl;;;;;
    File C:\WINDOWS\SYSTEM32\redit.cpl was not found!
    Parameter line : file=%sysdir%;conres.cpl;;;;;
    File C:\WINDOWS\SYSTEM32\conres.cpl was not found!
    Parameter line : file=%sysdir%;datadx.dll;;;;;
    File C:\WINDOWS\SYSTEM32\datadx.dll was not found!
    Parameter line : file=%sysdir%;*.dll;150;10240;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 10240 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;46080;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 46080 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;34816;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 34816 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;16384;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 16384 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;29184;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 29184 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;26624;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 26624 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;9728;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 9728 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;10843;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 10843 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;18432;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 18432 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;23040;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 23040 bytes was not found!
    Parameter line : file=%sysdir%;*.dll;150;17920;;;
    File C:\WINDOWS\SYSTEM32\*.dll for today - 150 days with a size of 17920 bytes was not found!
    Parameter line : file=%allusers%\start menu\programs\startup;*.exe;;;;;
    File C:\Documents and Settings\All User\start menu\programs\startup\*.exe was not found!
    >>>>>>>>>> Misc Checks
    Parameter line : file=%sysdir%;*.dat;150;81920;;;
    File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 81920 bytes was not found!
    Parameter line : file=%sysdir%;*.dat;150;61952;;;
    File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 61952 bytes was not found!
    Parameter line : file=%sysdir%;*.dat;150;65536;;;
    File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 65536 bytes was not found!
    Parameter line : file=%sysdir%;*.dat;150;7680;;;
    File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 7680 bytes was not found!
    Parameter line : file=%sysdir%;*.dat;150;91648;;;
    File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 91648 bytes was not found!
    Parameter line : file=%sysdir%;*.dat;150;7168;;;
    File C:\WINDOWS\SYSTEM32\*.dat for today - 150 days with a size of 7168 bytes was not found!
    Parameter line : file=%windir%;*.dll;150;10843;;;
    File C:\WINDOWS\*.dll for today - 150 days with a size of 10843 bytes was not found!
    Parameter line : file=%windir%;*.dll;150;3950;;;
    File C:\WINDOWS\*.dll for today - 150 days with a size of 3950 bytes was not found!
    Parameter line : file=%windir%;*.dll;150;3943;;;
    File C:\WINDOWS\*.dll for today - 150 days with a size of 3943 bytes was not found!

    <<<<<<<<<< Checking for AddOn RDriv.def information >>>>>>>>>>
    Registry Entries
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center found!
    AntiVirusDisableNotify 0
    FirewallDisableNotify 0
    UpdatesDisableNotify 0
    AntiVirusOverride 1
    FirewallOverride 1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall

    Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Updates;;
    HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Updates not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center AntiVirus;;
    HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center AntiVirus not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Firewall;;
    HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center Firewall not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\OLE;;
    HKEY_LOCAL_MACHINE\Software\Microsoft\OLE found!
    EnableDCOM Y

    HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat

    HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat\ActivationSecurityCheckExemptionList
    {A50398B8-9075-4FBF-A7A1-456BF21937AD} 1
    {AD65A69D-3831-40D7-9629-9B0B50A93843} 1
    {0040D221-54A1-11D1-9DE0-006097042D69} 1
    {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} 1

    HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\NONREDIST
    System.EnterpriseServices.Thunk.dll

    Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdriv;;
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdriv not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iTunesMusic;;
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iTunesMusic not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_ITUNESMUSIC;;
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_ITUNESMUSIC not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_RDRIV;;
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\Legacy_RDRIV not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate;;
    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall not found!
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\parameters;;
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\parameters found!
    autodisconnect 15
    enableforcedlogoff 1
    enablesecuritysignature 0
    requiresecuritysignature 0
    Lmannounce 0
    Size 1
    Guid Å2;l^ÆJB«aYç

    CachedOpenLimit 0
    AdjustedNullSessionPipes 1
    srvcomment l ordinateur de benji
    Parameter line : RegKey=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanworkstation\parameters;;
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanworkstation\parameters found!
    enableplaintextpassword 0
    enablesecuritysignature 1
    requiresecuritysignature 0

    Parameter line : RegKey=HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions;;
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions found!

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
    {00022613-0000-0000-C000-000000000046} Feuille de propriétés du fichier multimédia
    {176d6597-26d3-11d1-b350-080036a75b03} Gestion de scanneur ICM
    {1F2E5C40-9550-11CE-99D2-00AA006E086C} Page de sécurité NTFS
    {3EA48300-8CF6-101B-84FB-666CCB9BCD32} Page des propriétés de OLE DocFile
    {40dd6e20-7c17-11ce-a804-00aa003ca9f6} Extensions de l'environnement pour le partage
    {41E300E0-78B6-11ce-849B-444553540000} PlusPack CPL Extension
    {42071712-76d4-11d1-8b24-00a0c9068ff3} Extension Affichage Carte du Panneau de configuration
    {42071713-76d4-11d1-8b24-00a0c9068ff3} Extension Affichage Écran du Panneau de configuration
    {42071714-76d4-11d1-8b24-00a0c9068ff3} Extension Affichage Panorama du Panneau de configuration
    {4E40F770-369C-11d0-8922-00A024AB2DBB} Page de sécurité DS
    {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Page de compatibilité
    {56117100-C0CD-101B-81E2-00AA004AE837} Gestionnaire de données endommagées de l'environnement
    {59099400-57FF-11CE-BD94-0020AF85B590} Extension copie de disquette
    {59be4990-f85c-11ce-aff7-00aa003ca9f6} Extensions de l'environnement pour les objets réseau de Microsoft Windows
    {5DB2625A-54DF-11D0-B6C4-0800091AA605} Gestion d'écran ICM
    {675F097E-4C4D-11D0-B6C1-0800091AA605} Gestion d'imprimante ICM
    {764BF0E1-F219-11ce-972D-00AA00A14F56} Extensions de l'environnement de compression de fichiers
    {77597368-7b15-11d0-a0c2-080036af3f03} Extension de l'environnement d'imprimante Web
    {7988B573-EC89-11cf-9C00-00AA00A14F56} Disk Quota UI
    {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} Menu contextuel de cryptage
    {85BBD920-42A0-1069-A2E4-08002B30309D} Porte-documents
    {88895560-9AA2-1069-930E-00AA0030EBC8} Extension icône HyperTerminal
    {BD84B380-8CA2-1069-AB1D-08000948F534} Fonts
    {DBCE2480-C732-101B-BE72-BA78E9AD5B27} Profil ICC
    {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} Page de sécurité des imprimantes
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} Extensions de l'environnement pour le partage
    {f92e8c40-3d33-11d2-b1aa-080036a75b03} Display TroubleShoot CPL Extension
    {7444C717-39BF-11D1-8CD9-00C04FC29D45} Extension de cryptographie PKO
    {7444C719-39BF-11D1-8CD9-00C04FC29D45} Extension de cryptographie Sign
    {7007ACC7-3202-11D1-AAD2-00805FC1270E} Connexions réseau
    {992CFFA0-F557-101A-88EC-00DD010CCC48} Connexions réseau
    {E211B736-43FD-11D1-9EFB-0000F8757FCD} &Scanneurs et appareils photo
    {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} &Scanneurs et appareils photo
    {905667aa-acd6-11d2-8080-00805f6596d2} &Scanneurs et appareils photo
    {3F953603-1008-4f6e-A73A-04AAC7A992F1} &Scanneurs et appareils photo
    {83bbcbf3-b28a-4919-a5aa-73027445d672} &Scanneurs et appareils photo
    {F0152790-D56E-4445-850E-4F3117DB740C} Remote Sessions CPL Extension
    {5F327514-6C5E-4d60-8F16-D07FA08A78ED} Auto Update Property Sheet Extension
    {60254CA5-953B-11CF-8C96-00AA00B8708C} Extensions de l'interpréteur de commandes pour l'environnement d'exécution de scripts Windows
    {2206CDB2-19C1-11D1-89E0-00C04FD7A829} Liaison de données Microsoft
    {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} Tasks Folder Icon Handler
    {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} Tasks Folder Shell Extension
    {D6277990-4C6A-11CF-8D87-00AA0060F5BF} Tâches planifiées
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} Barre des tâches et menu Démarrer
    {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} Rechercher
    {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} Aide et support
    {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} Aide et support
    {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} Exécuter...
    {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} Internet
    {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} Courrier électronique
    {D20EA4E1-3957-11d2-A40B-0C5020524152} Polices
    {D20EA4E1-3957-11d2-A40B-0C5020524153} Outils d'administration
    {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} Audio Media Properties Handler
    {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} Video Media Properties Handler
    {E4B29F9D-D390-480b-92FD-7DDB47101D71} Wav Properties Handler
    {87D62D94-71B3-4b9a-9489-5FE6850DC73E} Avi Properties Handler
    {A6FD9E45-6E44-43f9-8644-08598F5A74D9} Midi Properties Handler
    {c5a40261-cd64-4ccf-84cb-c394da41d590} Video Thumbnail Extractor
    {5E6AB780-7743-11CF-A12B-00AA004AE837} Barre d'outils Internet Microsoft
    {22BF0C20-6DA7-11D0-B373-00A0C9034938} État du téléchargement
    {91EA3F8B-C99B-11d0-9815-00C04FD91972} Dossier Bureau étendu
    {6413BA2C-B461-11d1-A18A-080036B11A03} Dossier du shell augmenté
    {F61FFEC1-754F-11d0-80CA-00AA005B4383} BandProxy
    {7BA4C742-9E81-11CF-99D3-00AA004AE837} Bande du navigateur Microsoft
    {30D02401-6A81-11d0-8274-00C04FD5AE38} Bande de recherche
    {32683183-48a0-441b-a342-7c2a440a9478} Media Band
    {169A0691-8DF9-11d1-A1C4-00C04FD75D13} Volet intégré de recherche
    {07798131-AF23-11d1-9111-00A0C98BA67D} Recherche Web
    {AF4F6510-F982-11d0-8595-00AA004CD6D8} Utilitaire des options de l'arborescence du Registre
    {01E04581-4EEE-11d0-BFE9-00AA005B4383} &Adresse
    {A08C11D2-A228-11d0-825B-00AA005B4383} Boîte d'entrée de l'adresse
    {00BB2763-6A77-11D0-A535-00C04FD7D062} Saisie semi-automatique Microsoft
    {7376D660-C583-11d0-A3A5-00C04FD706EC} TridentImageExtractor
    {6756A641-DE71-11d0-831B-00AA005B4383} Liste de saisie semi-automatique MRU
    {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} Liste de saisie semi-automatique personnalisée MRU
    {7e653215-fa25-46bd-a339-34a2790f3cb7} Accessible
    {acf35015-526e-4230-9596-becbe19f0ac9} Barre de progrès auto-ouvrante
    {E0E11A09-5CB8-4B6C-8332-E00720A168F2} Analyseur de la barre d'adresses
    {00BB2764-6A77-11D0-A535-00C04FD7D062} Liste de saisie semi-automatique de l'historique Microsoft
    {03C036F1-A186-11D0-824A-00AA005B4383} Liste de saisie semi-automatique du dossier Shell Microsoft
    {00BB2765-6A77-11D0-A535-00C04FD7D062} Conteneur de la liste de saisie semi-automatique multiple Microsoft
    {ECD4FC4E-521C-11D0-B792-00A0C90312E1} Menu Site de bandes
    {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} Shell DeskBarApp
    {ECD4FC4C-521C-11D0-B792-00A0C90312E1} Barre du Bureau
    {ECD4FC4D-521C-11D0-B792-00A0C90312E1} Shell Rebar BandSite
    {DD313E04-FEFF-11d1-8ECD-0000F87A470C} Assistance utilisateur
    {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} Paramètres du dossier global
    {EFA24E61-B078-11d0-89E4-00C04FC9E26E} Favorites Band
    {0A89A860-D7B1-11CE-8350-444553540000} Shell Automation Inproc Service
    {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} Shell DocObject Viewer
    {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} Microsoft Browser Architecture
    {FBF23B40-E3F0-101B-8488-00AA003E56F8} InternetShortcut
    {3C374A40-BAE4-11CF-BF7D-00AA006946EE} Microsoft Url History Service
    {FF393560-C2A7-11CF-BFF4-444553540000} Historique
    {7BD29E00-76C1-11CF-9DD0-00A0C9034933} Temporary Internet Files
    {7BD29E01-76C1-11CF-9DD0-00A0C9034933} Temporary Internet Files
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Microsoft Url Search Hook
    {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} Image de démarrage de la Suite IE4
    {67EA19A0-CCEF-11d0-8024-00C04FD75D13} CDF Extension Copy Hook
    {131A6951-7F78-11D0-A979-00C04FD705A2} ISFBand OC
    {9461b922-3c5a-11d2-bf8b-00c04fb93661} Search Assistant OC
    {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} Internet
    {871C5380-42A0-1069-A2EA-08002B30309D} Internet Name Space
    {EFA24E64-B078-11d0-89E4-00C04FC9E26E} Explorer Band
    {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
    {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} Sendmail service
    {88C6C381-2E85-11D0-94DE-444553540000} Dossier ActiveX Cache
    {E6FB5E20-DE35-11CF-9C87-00AA005127ED} WebCheck
    {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} Subscription Mgr
    {F5175861-2688-11d0-9C5E-00AA00A45957} Dossier Inscription
    {08165EA0-E946-11CF-9C87-00AA005127ED} WebCheckWebCrawler
    {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} WebCheckChannelAgent
    {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} TrayAgent
    {7D559C10-9FE9-11d0-93F7-00AA0059CE02} Code Download Agent
    {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} ConnectionAgent
    {D8BD2030-6FC9-11D0-864F-00AA006809D9} PostAgent
    {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} WebCheck SyncMgr Handler
    {352EC2B7-8B9A-11D1-B8AE-006008059382} Gestionnaire d'applications d'environnement
    {0B124F8F-91F0-11D1-B8B5-006008059382} Énumérateur d'applications installées
    {CFCCC7A0-A282-11D1-9082-006008059382} Publication d'application Darwin
    {e84fda7c-1d6a-45f6-b725-cb260c236066} Shell Image Verbs
    {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} Shell Image Data Factory
    {3F30C968-480A-4C6C-862D-EFC0897BB84B} Extracteur de miniatures de fichier + GDI
    {9DBD2C50-62AD-11d0-B806-00C04FD706EC} Gestionnaire de miniatures - Informations de résumé (DOCFILES)
    {EAB841A0-9550-11cf-8C16-00805F1408F3} Extracteur de miniatures HTML
    {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} Shell Image Property Handler
    {CC6EEFFB-43F6-46c5-9619-51D571967F7D} Assistant Publication de sites Web
    {add36aa8-751a-4579-a266-d66f5202ccbb} Commande d'impressions via le Web
    {6b33163c-76a5-4b6c-bf21-45de9cd503a1} Objet Assistant de publication Shell
    {58f1f272-9240-4f51-b6d4-fd63d1618591} Assistant Obtenir une identité Passport
    {7A9D77BD-5403-11d2-8785-2E0420524153} Comptes d'utilisateurs
    {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} Dossier compressé
    {BD472F60-27FA-11cf-B8B4-444553540000} Compressed (zipped) Folder Right Drag Handler
    {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} Compressed (zipped) Folder SendTo Target
    {f39a0dc0-9cc8-11d0-a599-00c04fd64433} Fichier de chaîne
    {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} Raccourci de chaîne
    {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} Channel Handler Object
    {f3da0dc0-9cc8-11d0-a599-00c04fd64437} Channel Menu
    {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} Channel Properties
    {63da6ec0-2e98-11cf-8d82-444553540000} FTP Folders Webview
    {883373C3-BF89-11D1-BE35-080036B11A03} Microsoft DocProp Shell Ext
    {A9CF0EAE-901A-4739-A481-E35B73E47F6D} Microsoft DocProp Inplace Edit Box Control
    {8EE97210-FD1F-4B19-91DA-67914005F020} Microsoft DocProp Inplace ML Edit Box Control
    {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} Microsoft DocProp Inplace Droplist Combo Control
    {6A205B57-2567-4A2C-B881-F787FAB579A3} Microsoft DocProp Inplace Calendar Control
    {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} Microsoft DocProp Inplace Time Control
    {8A23E65E-31C2-11d0-891C-00A024AB2DBB} Directory Query UI
    {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} Shell properties for a DS object
    {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} Directory Object Find
    {F020E586-5264-11d1-A532-0000F8757D7E} Directory Start/Search Find
    {0D45D530-764B-11d0-A1CA-00AA00C16E65} Directory Property UI
    {62AE1F9A-126A-11D0-A14B-0800361B1103} Directory Context Menu Verbs
    {ECF03A33-103D-11d2-854D-006008059367} MyDocs Copy Hook
    {ECF03A32-103D-11d2-854D-006008059367} MyDocs Drop Target
    {4a7ded0a-ad25-11d0-98a8-0800361b1103} MyDocs Properties
    {750fdf0e-2a26-11d1-a3ea-080036587f03} Offline Files Menu
    {10CFC467-4392-11d2-8DB4-00C04FA31A66} Offline Files Folder Options
    {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} Dossier Fichiers hors connexion
    {143A62C8-C33B-11D1-84FE-00C04FA34A14} Microsoft Agent Character Property Sheet Handler
    {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} DfsShell
    {60fd46de-f830-4894-a628-6fa81bc0190d} %DESC_PublishDropTarget%
    {7A80E4A8-8005-11D2-BCF8-00C04F72C717} MMC Icon Handler
    {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} .CAB file viewer
    {32714800-2E5F-11d0-8B85-00AA0044F941} Des &personnes...
    {8DD448E6-C188-4aed-AF92-44956194EB1F} Windows Media Player Play as Playlist Context Menu Handler
    {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} Windows Media Player Burn Audio CD Context Menu Handler
    {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} Windows Media Player Add to Playlist Context Menu Handler
    {1D2680C9-0E2A-469d-B787-065558BC7D43} Fusion Cache
    {7F67036B-66F1-411A-AD85-759FB9C5B0DB} SampleView
    {1CDB2949-8F65-4355-8456-263E7C208A5D} Explorateur de Bureau
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47} Desktop Explorer Menu
    {45AC2688-0253-4ED8-97DE-B5370FA7D48A} Shell Extension for Malware scanning
    {D9872D13-7651-4471-9EEE-F0A00218BEBB} Multiscan
    {AB77609F-2178-4E6F-9C4B-44AC179D937A} a² Context Menu Shell Extension
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} WinRAR shell extension
    {640167b4-59b0-47a6-b335-a6b3c0695aea} Portable Media Devices
    {cc86590a-b60a-48e6-996b-41d25ed39a1e} Portable Media Devices Menu
    {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} Set Program Access and Defaults
    {596AB062-B4D2-4215-9F74-E9109B0A8153} Previous Versions Property Page
    {9DB7A13C-F208-4981-8353-73CC61AE2783} Previous Versions
    {692F0339-CBAA-47e6-B5B5-3B84DB604E87} Extensions Manager Folder
    {21569614-B795-46b1-85F4-E737A8DC09AD} Shell Search Band
    {B327765E-D724-4347-8B16-78AE18552FC3} NeroDigitalIconHandler
    {7F1CF152-04F8-453A-B34C-E609530A9DC8} NeroDigitalPropSheetHandler
    {CCA60260-A2C9-11D2-BA62-0020188191B2} Registrar Registry Manager SHell Extension

    Files
    Parameter line : File=%sysdir%;rdriv.sys;;;;;
    File C:\WINDOWS\SYSTEM32\rdriv.sys was not found!
    Parameter line : File=%sysdir%;ItunesMusic.exe;;;;;
    File C:\WINDOWS\SYSTEM32\ItunesMusic.exe was not found!
    Parameter line : File=%sysdir%;wkssvc.exe;;;;;
    File C:\WINDOWS\SYSTEM32\wkssvc.exe was not found!
    Parameter line : File=%windir%;ItunesMusic.exe;;;;;
    File C:\WINDOWS\ItunesMusic.exe was not found!
    Parameter line : File=%windir%;wkssvc.exe;;;;;
    File C:\WINDOWS\wkssvc.exe was not found!

    <<<<<<<<<< Checking for AddOn SharedTaskScheduler.def information >>>>>>>>>>
    >>>>>>>>>> Exporting Policies from HKLM
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler found!

    <<<<<<<<<< Checking for AddOn WareOut.def information >>>>>>>>>>
    >>>>>>>>>> PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
    Parameter line : file=%sysdir%;*.exe;300;55304;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 300 days with a size of 55304 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;;43528;;;
    File C:\WINDOWS\SYSTEM32\*.exe with a size of 43528 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;300;4096;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 300 days with a size of 4096 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;;43528;;;
    File C:\WINDOWS\SYSTEM32\*.exe with a size of 43528 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;300;28680;;;
    File C:\WINDOWS\SYSTEM32\*.exe for today - 300 days with a size of 28680 bytes was not found!
    Parameter line : file=%sysdir%;*.exe;;11264;;;
    04/08/2004 01:54:50 11264 C:\WINDOWS\SYSTEM32\atmadm.exe found!
    02/08/2003 18:59:06 11264 C:\WINDOWS\SYSTEM32\attrib.exe found!
    04/08/2004 01:54:50 11264 C:\WINDOWS\SYSTEM32\autolfn.exe found!
    02/08/2003 18:33:20 11264 C:\WINDOWS\SYSTEM32\chkntfs.exe found!
    Parameter line : file=%sysdir%;*.ren;300;43528;;;
    File C:\WINDOWS\SYSTEM32\*.ren for today - 300 days with a size of 43528 bytes was not found!
    Parameter line : file=%sysdir%;ntfsnlpa.exe;;;;;
    File C:\WINDOWS\SYSTEM32\ntfsnlpa.exe was not found!
    Parameter line : file=%sysdir%;cisvvc.exe;;;;;
    File C:\WINDOWS\SYSTEM32\cisvvc.exe was not found!
    Parameter line : file=%sysdir%;drv2cltr.dll;;;;;
    File C:\WINDOWS\SYSTEM32\drv2cltr.dll was not found!
    Parameter line : file=%sysdir%;hybsys32.dll;;;;;
    File C:\WINDOWS\SYSTEM32\hybsys32.dll was not found!
    Parameter line : file=%sysdir%;loadctr.exe;;;;;
    File C:\WINDOWS\SYSTEM32\loadctr.exe was not found!
    Parameter line : file=%sysdir%;rdsndin.exe;;;;;
    File C:\WINDOWS\SYSTEM32\rdsndin.exe was not found!
    Parameter line : file=%sysdir%;pxpcya64.exe;;;;;
    File C:\WINDOWS\SYSTEM32\pxpcya64.exe was not found!
    Parameter line : file=%windir%;*.exe;300;55304;;;
    File C:\WINDOWS\*.exe for today - 300 days with a size of 55304 bytes was not found!
    Parameter line : file=%windir%;*.exe;300;43528;;;
    File C:\WINDOWS\*.exe for today - 300 days with a size of 43528 bytes was not found!
    Parameter line : file=%windir%;*.exe;300;4096;;;
    File C:\WINDOWS\*.exe for today - 300 days with a size of 4096 bytes was not found!
    Parameter line : file=%windir%;rdt.ini;;;;;
    File C:\WINDOWS\rdt.ini was not found!
    Parameter line : file=%windir%;baloon.wav;;;;;
    File C:\WINDOWS\baloon.wav was not found!
    Parameter line : file=%allusers%\start menu\programs\startup;*.exe;;;;;
    File C:\Documents and Settings\All User\start menu\programs\startup\*.exe was not found!
    >>>>>>>>>>Registry keys to look for
    Parameter line : regvalue=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon;system;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon found!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\system found!
    System
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins not found!
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WareOut;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WareOut not found!
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\WareOut;;
    HKEY_LOCAL_MACHINE\SOFTWARE\WareOut not found!
    Parameter line : regkey=HKEY_CURRENT_USER\Software\WareOut;;
    HKEY_CURRENT_USER\Software\WareOut not found!
    Parameter line : regvalue=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;NoBandCustomize;;
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer found!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoBandCustomize not found!
    Parameter line : regvalue=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion;Disabled;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion found!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\\Disabled not found!
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\SearchToolbar;;
    HKEY_LOCAL_MACHINE\SOFTWARE\SearchToolbar not found!
    Parameter line : regkey=HKEY_CURRENT_USER\Software\SearchToolbar;;
    HKEY_CURRENT_USER\Software\SearchToolbar not found!
    Parameter line : regkey=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls;;
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls not found!
    Parameter line : regvalue=HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser;{08BEC6AA-49FC-4379-3587-4B21E286C19E};;
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser found!
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{08BEC6AA-49FC-4379-3587-4B21E286C19E} not found!

    »»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
    Scan completed on 04/04/2006 11:48:48
    0
  16. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    'jour Benjamin,

    Ecoute, tu es sur CCM pour avoir un coup de main. Nous sommes tous prêt à t'aider si tu y mets un peu de tien.
    Saches aussi, que les bénévoles qui sont ici, sont sur PLUSIEURS forums techniques aussi.

    Donc, suis à la lettre ce qui va suivre dessous. STP -----MERCI

    PRIMO installes un anti-virus, tu as avast (si tu veux) est facile à manipuler ::

    https://www.commentcamarche.net/telecharger/securite/antivirus-antimalwares/

    ENSUITE :::

    TELECHARGE

    1/

    CleanUp! :

    http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
    - Aide en image (merci à Balltrap34) :
    http://pageperso.aol.fr/balltrap34/democleanup.htm

    2/
    Spybot
    S&D 1.4 <<nouvelle version.
    https://www.safer-networking.org/

    Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

    3/

    Ad-Aware SE 1.06 <<nouvelle version.
    https://www.adaware.com/
    -Une aide:
    http://usa.lucretius-ada.com/zcvisitor/8782d344-4821-11ea-83ce-0a2cdf2c6be7?campaignid=0d1dff40-82d7-11e9-9533-0a157bfa6bfc
    - installe le patch français, tu pourras le trouver ici:
    http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
    et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation).
    http://pageperso.aol.fr/balltrap34/adawrevid.asf

    4/
    http://www.hijackthis.de/downloads/hijackthis_199.zip

    Le dézipper dans un dossier prévu à cet effet.
    Par exemple C:\hijackthis < c : ! (Cela permet des back up en cas de mauvaises suppressions)
    Démo : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/Hijenr.gif

    L’exécuter puis sur "do a system scan and save logfile" (cf. démo)

    faire un copier coller du log entier sur le forum


    Démo
    : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    un petit curetage

    ewido (dowload)
    https://www.avg.com/en-ww/free-antivirus-download
    COLLER le rapport

    Bon courage
    A+
    0
  17. benjamin66 Messages postés 22 Statut Membre
     
    cleanup m a bien nettoyé ad ware me trouve pas grand chose et ewido je vais le faire
    0
  18. benjamin66 Messages postés 22 Statut Membre
     
    par contre j ai environ 6000 servers dans ma base de registre ca s enleve comment ca?
    0
  19. benjamin66 Messages postés 22 Statut Membre
     
    ad aware ma trouvé ca

    Ad-Aware SE Build 1.06r1
    Logfile Created on:vendredi 7 avril 2006 12:48:07
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R102 03.04.2006
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(TAC index:0):8 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Search for low-risk threats
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects

    07-04-2006 12:48:07 - Scan started. (Full System Scan)

    MRU List Object Recognized!
    Location: : C:\Documents and Settings\Propriétaire\recent
    Description : list of recently opened documents

    MRU List Object Recognized!
    Location: : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw

    MRU List Object Recognized!
    Location: : S-1-5-21-929223880-4112191661-3305533965-1003\software\microsoft\internet explorer
    Description : last download directory used in microsoft internet explorer

    MRU List Object Recognized!
    Location: : S-1-5-21-929223880-4112191661-3305533965-1003\software\microsoft\search assistant\acmru
    Description : list of recent search terms used with the search assistant

    MRU List Object Recognized!
    Location: : S-1-5-21-929223880-4112191661-3305533965-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description : list of recent programs opened

    MRU List Object Recognized!
    Location: : S-1-5-21-929223880-4112191661-3305533965-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description : list of recently saved files, stored according to file extension

    MRU List Object Recognized!
    Location: : S-1-5-21-929223880-4112191661-3305533965-1003\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened

    MRU List Object Recognized!
    Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
    Description : information on the last station listened to using musicmatch radio

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 392
    ThreadCreationTime : 07-04-2006 10:22:40
    BasePriority : Normal

    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 448
    ThreadCreationTime : 07-04-2006 10:22:42
    BasePriority : Normal

    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\SYSTEM32\
    ProcessID : 472
    ThreadCreationTime : 07-04-2006 10:22:44
    BasePriority : High

    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 516
    ThreadCreationTime : 07-04-2006 10:22:44
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Applications Services et Contrôleur
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 528
    ThreadCreationTime : 07-04-2006 10:22:44
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 672
    ThreadCreationTime : 07-04-2006 10:22:45
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 728
    ThreadCreationTime : 07-04-2006 10:22:45
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 792
    ThreadCreationTime : 07-04-2006 10:22:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 868
    ThreadCreationTime : 07-04-2006 10:22:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 924
    ThreadCreationTime : 07-04-2006 10:22:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 1000
    ThreadCreationTime : 07-04-2006 10:22:47
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Explorateur Windows
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : EXPLORER.EXE

    #:12 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1124
    ThreadCreationTime : 07-04-2006 10:22:47
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:13 [aspnet_state.exe]
    FilePath : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\
    ProcessID : 1220
    ThreadCreationTime : 07-04-2006 10:22:48
    BasePriority : Normal
    FileVersion : 1.1.4322.573
    ProductVersion : 1.1.4322.573
    ProductName : Microsoft (R) .NET Framework
    CompanyName : Microsoft Corporation
    FileDescription : aspnet_state.exe
    InternalName : aspnet_state.exe
    LegalCopyright : Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
    LegalTrademarks : Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the U.S. and/or other countries.
    OriginalFilename : aspnet_state.exe
    Comments : Microsoft .NET Framework build environement is Retail. SafeSync counter=0

    #:14 [ewidoctrl.exe]
    FilePath : C:\Program Files\ewido anti-malware\
    ProcessID : 1248
    ThreadCreationTime : 07-04-2006 10:22:48
    BasePriority : Normal
    FileVersion : 3, 0, 0, 1
    ProductVersion : 3, 0, 0, 1
    ProductName : ewido control
    CompanyName : ewido networks
    FileDescription : ewido control
    InternalName : ewido control
    LegalCopyright : Copyright © 2004
    OriginalFilename : ewidoctrl.exe

    #:15 [spupdsvc.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1384
    ThreadCreationTime : 07-04-2006 10:22:48
    BasePriority : Normal
    FileVersion : 6.2.0029.0 (SRV03_QFE.031113-0918)
    ProductVersion : 6.2.0029.0
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Update RunOnce Service
    InternalName : SPUPDSVC.EXE
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : SPUPDSVC.EXE

    #:16 [wdfmgr.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1436
    ThreadCreationTime : 07-04-2006 10:22:48
    BasePriority : Normal
    FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
    ProductVersion : 5.2.3790.1230
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows User Mode Driver Manager
    InternalName : WdfMgr
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : WdfMgr.exe

    #:17 [vsmon.exe]
    FilePath : C:\WINDOWS\system32\ZoneLabs\
    ProcessID : 1508
    ThreadCreationTime : 07-04-2006 10:22:48
    BasePriority : Normal
    FileVersion : 6.1.744.001
    ProductVersion : 6.1.744.001
    ProductName : TrueVector Service
    CompanyName : Zone Labs, LLC
    FileDescription : TrueVector Service
    InternalName : vsmon
    LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
    OriginalFilename : vsmon.exe

    #:18 [spnpinst.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1724
    ThreadCreationTime : 07-04-2006 10:22:50
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Peer-to-Peer Custom Setup
    InternalName : SPNPINST.EXE
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : SPNPINST.EXE

    #:19 [sysocmgr.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1756
    ThreadCreationTime : 07-04-2006 10:22:51
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Gestionnaire des composants optionnels de système autonome
    InternalName : sysocmgr
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : SYSOCMGR.EXE

    #:20 [zlclient.exe]
    FilePath : C:\Program Files\Zone Labs\ZoneAlarm\
    ProcessID : 1824
    ThreadCreationTime : 07-04-2006 10:22:56
    BasePriority : Normal
    FileVersion : 6.1.744.001
    ProductVersion : 6.1.744.001
    ProductName : Zone Labs Client
    CompanyName : Zone Labs, LLC
    FileDescription : Zone Labs Client
    InternalName : zlclient
    LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
    OriginalFilename : zlclient.exe

    #:21 [msnmsgr.exe]
    FilePath : C:\Program Files\MSN Messenger\
    ProcessID : 1840
    ThreadCreationTime : 07-04-2006 10:22:56
    BasePriority : Normal
    FileVersion : 7.5.0324
    ProductVersion : 7.5.0324
    ProductName : MSN Messenger
    CompanyName : Microsoft Corporation
    FileDescription : MSN Messenger
    InternalName : msnmsgr
    LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
    LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
    OriginalFilename : msnmsgr.exe

    #:22 [taskbaricon.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 1884
    ThreadCreationTime : 07-04-2006 10:22:56
    BasePriority : Normal
    FileVersion : 5.9 (1)
    ProductVersion : 5.9 (1)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Gestion de l'icône de la barre des tâches
    InternalName : TaskBarIcon
    LegalCopyright : Copyright (C) France Télécom R&D 1999 - 2003
    OriginalFilename : TaskBarIcon.exe

    #:23 [isafe.exe]
    FilePath : C:\WINDOWS\system32\ZoneLabs\
    ProcessID : 180
    ThreadCreationTime : 07-04-2006 10:23:00
    BasePriority : Normal
    FileVersion : Version 10.67.0.0
    ProductVersion : Version 10.67.0.0
    ProductName : ISafe
    CompanyName : Computer Associates International, Inc.
    FileDescription : ISafe Service
    InternalName : ISafe
    LegalCopyright : © 2003 Computer Associates International, Inc.
    LegalTrademarks : Vet is a trademark of Computer Associates International, Inc.
    OriginalFilename : ISafe.exe
    Comments : ISafe

    #:24 [mantispm.exe]
    FilePath : C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\
    ProcessID : 1020
    ThreadCreationTime : 07-04-2006 10:23:04
    BasePriority : Normal
    FileVersion : 4, 8, 0, 6787
    ProductVersion : 4, 8, 0, 6787
    FileDescription : Spam Filter
    InternalName : mantispm.exe
    LegalCopyright : (c) 2002-2004
    OriginalFilename : mantispm.exe

    #:25 [espacewanadoo.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 2188
    ThreadCreationTime : 07-04-2006 10:24:11
    BasePriority : Normal
    FileVersion : 5.9 (3)
    ProductVersion : 5.9 (3)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Espace Client
    InternalName : EspaceClient
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
    OriginalFilename : EspaceClient.exe

    #:26 [comcomp.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 2200
    ThreadCreationTime : 07-04-2006 10:24:11
    BasePriority : Normal
    FileVersion : 11.0 (9)
    ProductVersion : 11.0 (9)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Module de communication
    InternalName : ComComp
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
    OriginalFilename : ComComp.exe

    #:27 [toaster.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 2220
    ThreadCreationTime : 07-04-2006 10:24:11
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application Toaster
    CompanyName : France Telecom R&D
    FileDescription : Application MFC Toaster
    InternalName : Toaster
    LegalCopyright : Copyright France Telecom R&D (C) 2004
    OriginalFilename : Toaster.EXE

    #:28 [inactivity.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 2228
    ThreadCreationTime : 07-04-2006 10:24:12
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application Inactivity
    FileDescription : Application MFC Inactivity
    InternalName : Inactivity
    LegalCopyright : Copyright France Telecom R&D (C) 2004
    OriginalFilename : Inactivity.EXE

    #:29 [pollingmodule.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 2236
    ThreadCreationTime : 07-04-2006 10:24:12
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application PollingModule
    FileDescription : Application PollingModule
    InternalName : PollingModule
    LegalCopyright : Copyright France Telecom R&D (C) 2004
    OriginalFilename : PollingModule.EXE

    #:30 [alertm~1.exe]
    FilePath : C:\WINDOWS\System32\ALERTM~1\
    ProcessID : 2260
    ThreadCreationTime : 07-04-2006 10:24:12
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application AlertModule
    FileDescription : Application MFC AlertModule
    InternalName : AlertModule
    LegalCopyright : Copyright (C) 2003
    OriginalFilename : AlertModule.EXE

    #:31 [watch.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 2428
    ThreadCreationTime : 07-04-2006 10:24:16
    BasePriority : Normal
    FileVersion : 11.0 (2)
    ProductVersion : 11.0 (2)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Surveillance des modifications
    InternalName : Watch
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
    OriginalFilename : Watch.exe

    #:32 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ProcessID : 416
    ThreadCreationTime : 07-04-2006 10:25:05
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : IEXPLORE.EXE

    #:33 [cleanup.exe]
    FilePath : C:\PROGRA~1\CleanUp!\
    ProcessID : 3212
    ThreadCreationTime : 07-04-2006 10:44:10
    BasePriority : Normal
    FileVersion : 4.0
    ProductVersion : 4.0
    ProductName : Windows CleanUp!
    CompanyName : Steven R. Gould
    FileDescription : Removes temporary files. Frees disk space and helps protect privacy! :-)
    InternalName : CleanUp!
    LegalCopyright : Copyright 1998-2005 Steven R. Gould
    OriginalFilename : cleanup.exe
    Comments : For updates visit http://www.stevengould.org/index.php?option=com_content&task=view&id=15&Itemid=69

    #:34 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 3680
    ThreadCreationTime : 07-04-2006 10:47:31
    BasePriority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8

    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8

    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8

    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8

    Deep scanning and examining files (C:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for C:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8

    Deep scanning and examining files (D:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for D:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8

    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8

    12:57:22 Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:09:15.78
    Objects scanned:113558
    Objects identified:0
    Objects ignored:0
    New critical objects:0
    0
  20. benjamin66 Messages postés 22 Statut Membre
     
    perso c est pas pour embeter mais je pense que spybot nous a trouvé la totale

    voila le rapport de spybot

    --- Search result list ---
    Winsoftware.WinAntiVirusPro2006: Réglages (Clé du registre, nothing done)
    HKEY_USERS\S-1-5-21-929223880-4112191661-3305533965-1003\Software\WinAntiVirus Pro 2006

    Winsoftware.WinAntiVirusPro2006: Root class (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\AntiVirusCOM.AVOfficeProtect

    Winsoftware.WinAntiVirusPro2006: Class ID (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D}

    Winsoftware.WinAntiVirusPro2006: Root class (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\AntiVirusCOM.AVOfficeProtect.1

    Winsoftware.WinAntiVirusPro2006: ID Application (Clé du registre, nothing done)
    HKEY_CLASSES_ROOT\AppID\{367A86A5-D048-4785-86BE-4E2706AAFDD9}

    Winsoftware.WinAntiVirusPro2006: ID Application (Clé du registre, nothing done)
    HKEY_CLASSES_ROOT\AppID\WinPGI.DLL

    Winsoftware.WinAntiVirusPro2006: Class ID (Clé du registre, nothing done)
    HKEY_CLASSES_ROOT\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E}

    Winsoftware.WinAntiVirusPro2006: Class ID (Clé du registre, nothing done)
    HKEY_CLASSES_ROOT\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D}

    Winsoftware.WinAntiVirusPro2006: Interface (Clé du registre, nothing done)
    HKEY_CLASSES_ROOT\Interface\{0B9A27EB-125F-4F3E-A35C-2769C47A1442}

    Winsoftware.WinAntiVirusPro2006: Type library (Clé du registre, nothing done)
    HKEY_CLASSES_ROOT\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}

    Winsoftware.WinAntiVirusPro2006: Type library (Clé du registre, nothing done)
    HKEY_CLASSES_ROOT\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9}

    Winsoftware.WinAntiVirusPro2006: Root class (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\WinPGIntegrator.IEIntegrator

    Winsoftware.WinAntiVirusPro2006: Root class (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\WinPGIntegrator.IEIntegrator.1

    Winsoftware.WinAntiVirusPro2006: Réglages désinstallation (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1

    Winsoftware.WinAntiVirusPro2006: Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006

    Winsoftware.WinAntiVirusPro2006: Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN

    Winsoftware.WinAntiVirusPro2006: Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN

    Winsoftware.WinAntiVirusPro2006: Groupe de programmes (Répertoire, nothing done)
    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006\

    Winsoftware.WinAntiVirusPro2006: Groupe de programmes (Répertoire, nothing done)
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinAntiVirus Pro 2006\

    Winsoftware.WinAntiVirusPro2006: Dossier Programme (Répertoire, nothing done)
    C:\Documents and Settings\Propriétaire\Application Data\WinAntiVirus Pro 2006\

    Winsoftware.WinAntiVirusPro2006: Dossier Application data (Répertoire, nothing done)
    C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\

    Winsoftware.WinAntiVirusPro2006: Dossier Programme (Répertoire, nothing done)
    C:\Documents and Settings\Propriétaire\Application Data\WinAntiVirus Pro 2006\Logs\

    Winsoftware.WinAntiVirusPro2006: Dossier Programme (Répertoire, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\

    Winsoftware.WinAntiVirusPro2006: Dossier Programme (Répertoire, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\AWBase\

    Winsoftware.WinAntiVirusPro2006: Dossier Programme (Répertoire, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\Download\

    Winsoftware.WinAntiVirusPro2006: Dossier Programme (Répertoire, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\img\

    Winsoftware.WinAntiVirusPro2006: Dossier Programme (Répertoire, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\plugins\

    Winsoftware.WinAntiVirusPro2006: Exécutable (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\pv.exe

    Winsoftware.WinAntiVirusPro2006: Exécutable (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\VAExt.exe

    Winsoftware.WinAntiVirusPro2006: Bibliothèque (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\bdcore.dll

    Winsoftware.WinAntiVirusPro2006: Bibliothèque (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\sqlite3.dll

    Winsoftware.WinAntiVirusPro2006: Bibliothèque (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\libfn.dll

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\Activate.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\ASupdater.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\bpdlink.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\bpupdater.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\bpv.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\lapv.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\PGupdater.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\prc.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\ps.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\pv.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\st.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\unins000.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\unins001.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\up.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\updater.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\vbpv.dat

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\uninstall.ico

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\kb.url

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\online.url

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\Activate.log

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\avcom.log

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\sr.log

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\update.log

    Winsoftware.WinAntiVirusPro2006: Donnée (Fichier, nothing done)
    C:\Program Files\WinAntiVirus Pro 2006\worldmap.swf

    Windows Security Center.AntiVirusOverride: Réglages (Modification du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride!=dword:0

    Windows Security Center.FirewallOverride: Réglages (Modification du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride!=dword:0

    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-03-30 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2006-02-06 advcheck.dll (1.0.2.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2006-02-20 Tools.dll (2.0.0.2)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2006-04-07 Includes\Cookies.sbi (*)
    2006-04-07 Includes\Dialer.sbi (*)
    2006-04-07 Includes\Hijackers.sbi (*)
    2006-04-07 Includes\Keyloggers.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2006-04-07 Includes\Malware.sbi (*)
    2006-04-07 Includes\PUPS.sbi (*)
    2006-04-07 Includes\Revision.sbi (*)
    2006-04-07 Includes\Security.sbi (*)
    2006-04-07 Includes\Spybots.sbi (*)
    2005-02-17 Includes\Tracks.uti
    2006-04-07 Includes\Trojans.sbi (*)

    --- System information ---
    Windows XP (Build: 2600) Service Pack 2
    / Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
    / Windows XP / SP2: Windows XP Service Pack 2
    / Windows XP / SP3: Correctif Windows XP - KB873339
    / Windows XP / SP3: Correctif Windows XP - KB885250
    / Windows XP / SP3: Correctif Windows XP - KB885835
    / Windows XP / SP3: Correctif Windows XP - KB885836
    / Windows XP / SP3: Correctif Windows XP - KB886185
    / Windows XP / SP3: Correctif Windows XP - KB887472
    / Windows XP / SP3: Correctif Windows XP - KB887742
    / Windows XP / SP3: Correctif Windows XP - KB888113
    / Windows XP / SP3: Correctif Windows XP - KB888302
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
    / Windows XP / SP3: Correctif Windows XP - KB890859
    / Windows XP / SP3: Correctif Windows XP - KB891781
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913446)

    --- Startup entries list ---
    Located: HK_LM:Run, WOOTASKBARICON
    command: C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    file: C:\PROGRA~1\Wanadoo\GestMaj.exe
    size: 32768
    MD5: 8d6f2c724cfc608872ede3cc4a7b49b9

    Located: HK_LM:Run, WOOWATCH
    command: C:\PROGRA~1\Wanadoo\Watch.exe
    file: C:\PROGRA~1\Wanadoo\Watch.exe
    size: 20480
    MD5: 9a29592cd135f6262c429152f7a8dd4a

    Located: HK_LM:Run, Zone Labs Client
    command: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    file: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    size: 755480
    MD5: b4e843ded6daf99aec3fbfe395e643c7

    Located: HK_CU:Run, msnmsgr
    command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    file: C:\Program Files\MSN Messenger\msnmsgr.exe
    size: 7094272
    MD5: d491eb642758e6161345da99d495c4d9

    Located: HK_CU:RunOnce, CleanUp!
    command: C:\PROGRA~1\CleanUp!\cleanup.exe /WindowsRestart
    file: C:\PROGRA~1\CleanUp!\cleanup.exe
    size: 409600
    MD5: f0026a45afd9d89e332ab642054ca6e1

    --- Browser helper object list ---

    --- ActiveX list ---

    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 392 ( 4) \SystemRoot\System32\smss.exe
    PID: 448 ( 392) \??\C:\WINDOWS\system32\csrss.exe
    PID: 472 ( 392) \??\C:\WINDOWS\SYSTEM32\winlogon.exe
    PID: 516 ( 472) C:\WINDOWS\system32\services.exe
    size: 108544
    MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
    PID: 528 ( 472) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 9F3744A5C6F49291A7A685040A013399
    PID: 672 ( 516) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 728 ( 516) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 792 ( 516) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 868 ( 516) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 924 ( 516) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 1000 ( 988) C:\WINDOWS\Explorer.EXE
    size: 1036288
    MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA
    PID: 1124 ( 516) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
    PID: 1220 ( 516) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
    size: 32768
    MD5: A986FCFDAC587E68478DB51547B90800
    PID: 1248 ( 516) C:\Program Files\ewido anti-malware\ewidoctrl.exe
    size: 13888
    MD5: 26830B750372AB1BF29C95DEEBEB802F
    PID: 1384 ( 516) C:\WINDOWS\system32\spupdsvc.exe
    size: 22752
    MD5: 72EB21DC82132064065CFFC1417AD9FF
    PID: 1436 ( 516) C:\WINDOWS\system32\wdfmgr.exe
    size: 38912
    MD5: AB0A7CA90D9E3D6A193905DC1715DED0
    PID: 1508 ( 516) C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    size: 1693464
    MD5: 8E435AA1E7BF468ACAFE36C67BCC0AF6
    PID: 1724 (1384) C:\WINDOWS\system32\spnpinst.exe
    size: 11776
    MD5: 28F13F7C2EF3EE21FBAC255314A43F56
    PID: 1756 (1724) C:\WINDOWS\system32\Sysocmgr.exe
    size: 107520
    MD5: 526A6EC239D4DEF7E22DBAAC2745E0C3
    PID: 1824 (1000) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    size: 755480
    MD5: B4E843DED6DAF99AEC3FBFE395E643C7
    PID: 1840 (1000) C:\Program Files\MSN Messenger\msnmsgr.exe
    size: 7094272
    MD5: D491EB642758E6161345DA99D495C4D9
    PID: 1884 (1816) C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    size: 61440
    MD5: F9710A77123CC3FD09D062F2AF33E473
    PID: 1020 (1824) C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
    size: 894544
    MD5: DDFD384AFF23E8220CB187F9BDE1D6F8
    PID: 2188 (2180) C:\Program Files\Wanadoo\EspaceWanadoo.exe
    size: 802816
    MD5: 3413F188DDC03149E02EC683CC8CF72B
    PID: 2200 (2188) C:\Program Files\Wanadoo\ComComp.exe
    size: 245760
    MD5: B61E01BE313E30D37AC2D74C86D9E719
    PID: 2220 (2188) C:\PROGRA~1\Wanadoo\Toaster.exe
    size: 69632
    MD5: C2D1BD2B433571ECEC29924ACE5D7C62
    PID: 2228 (2188) C:\PROGRA~1\Wanadoo\Inactivity.exe
    size: 32768
    MD5: 5F6DBF75D05462EED92B42376E89D9FE
    PID: 2236 (2188) C:\PROGRA~1\Wanadoo\PollingModule.exe
    size: 69632
    MD5: EDF02F58940FD56C12357D150F5397C0
    PID: 2260 ( 672) C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    size: 45056
    MD5: 68E404DB5525373FE0554ED2607F0C82
    PID: 2428 (2200) C:\Program Files\Wanadoo\Watch.exe
    size: 20480
    MD5: 9A29592CD135F6262C429152F7A8DD4A
    PID: 3212 ( 420) C:\PROGRA~1\CleanUp!\cleanup.exe
    size: 409600
    MD5: F0026A45AFD9D89E332AB642054CA6E1
    PID: 2584 (1000) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4393096
    MD5: 09CA174A605B480318731E691DC98539
    PID: 580 (1000) C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe
    size: 4509696
    MD5: 6E873CD0C69212C8130DB1F6E74D0520
    PID: 932 ( 516) C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
    size: 86016
    MD5: 72CAD90C9BD525A125AED87E6029F61B
    PID: 3128 ( 672) C:\Program Files\Internet Explorer\iexplore.exe
    size: 93184
    MD5: 833E2B3F0E2484C0F2B804AE871B4381
    PID: 2960 (1000) C:\Program Files\ewido anti-malware\SecuritySuite.exe
    size: 528448
    MD5: 87DE2E52B80DDBE0673A20512588DA3C
    PID: 4 ( 0) System

    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 07/04/2006 13:15:00

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    \blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.msn.com/access/allinone.asp
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    about:blank
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://home.microsoft.com/access/autosearch.asp?p=%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    \blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.msn.com/access/allinone.asp
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

    --- Winsock Layered Service Provider list ---
    Protocol 0: WA6 over [imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [TCP/IP]]]]
    GUID: {074BBAA8-B718-4C89-A574-0B1072FF22A5}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 1: WA6 over [imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [UDP/IP]]]]
    GUID: {074BBAA8-B718-4C89-A574-0B1072FF22A5}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 2: WA6 over [imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [RAW/IP]]]]
    GUID: {074BBAA8-B718-4C89-A574-0B1072FF22A5}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 3: WA6 over [imslsp/1144400931 over [MSAFD Tcpip [TCP/IP]]]
    GUID: {074BBAA8-B718-4C89-A574-0B1072FF22A5}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 4: WA6 over [imslsp/1144400931 over [MSAFD Tcpip [UDP/IP]]]
    GUID: {074BBAA8-B718-4C89-A574-0B1072FF22A5}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 5: WA6 over [imslsp/1144400931 over [MSAFD Tcpip [RAW/IP]]]
    GUID: {074BBAA8-B718-4C89-A574-0B1072FF22A5}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 6: WA6 over [CA ISafe LSP over [MSAFD Tcpip [TCP/IP]]]
    GUID: {C207161B-72C0-4401-8C54-589CCC082B00}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 7: WA6 over [CA ISafe LSP over [MSAFD Tcpip [UDP/IP]]]
    GUID: {C207161B-72C0-4401-8C54-589CCC082B00}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 8: WA6 over [CA ISafe LSP over [MSAFD Tcpip [RAW/IP]]]
    GUID: {C207161B-72C0-4401-8C54-589CCC082B00}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 9: WA6 over [MSAFD Tcpip [TCP/IP]]
    GUID: {11B92D1F-8D68-4F40-ACA4-6F0057CFD3AA}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 10: WA6 over [MSAFD Tcpip [UDP/IP]]
    GUID: {11B92D1F-8D68-4F40-ACA4-6F0057CFD3AA}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 11: WA6 over [MSAFD Tcpip [RAW/IP]]
    GUID: {11B92D1F-8D68-4F40-ACA4-6F0057CFD3AA}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 12: WA6 over [RSVP UDP Service Provider]
    GUID: {8C7BB5EB-6F93-452D-8326-759F39BFFADC}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 13: WA6 over [RSVP TCP Service Provider]
    GUID: {8C7BB5EB-6F93-452D-8326-759F39BFFADC}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    Protocol 14: imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [TCP/IP]]]
    GUID: {A485BD5F-9154-4832-B9A8-1A160704FDA8}
    Filename: C:\WINDOWS\system32\imslsp.dll

    Protocol 15: imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [UDP/IP]]]
    GUID: {A485BD5F-9154-4832-B9A8-1A160704FDA8}
    Filename: C:\WINDOWS\system32\imslsp.dll

    Protocol 16: imslsp/1144400931 over [CA ISafe LSP over [MSAFD Tcpip [RAW/IP]]]
    GUID: {A485BD5F-9154-4832-B9A8-1A160704FDA8}
    Filename: C:\WINDOWS\system32\imslsp.dll

    Protocol 17: imslsp/1144400931 over [MSAFD Tcpip [TCP/IP]]
    GUID: {A485BD5F-9154-4832-B9A8-1A160704FDA8}
    Filename: C:\WINDOWS\system32\imslsp.dll

    Protocol 18: imslsp/1144400931 over [MSAFD Tcpip [UDP/IP]]
    GUID: {A485BD5F-9154-4832-B9A8-1A160704FDA8}
    Filename: C:\WINDOWS\system32\imslsp.dll

    Protocol 19: imslsp/1144400931 over [MSAFD Tcpip [RAW/IP]]
    GUID: {A485BD5F-9154-4832-B9A8-1A160704FDA8}
    Filename: C:\WINDOWS\system32\imslsp.dll

    Protocol 20: CA ISafe LSP over [MSAFD Tcpip [TCP/IP]]
    GUID: {1ECE7C2B-7CDB-4C9F-9701-4C452A6F38EE}
    Filename: C:\WINDOWS\system32\ZoneLabs\vetredir.dll

    Protocol 21: CA ISafe LSP over [MSAFD Tcpip [UDP/IP]]
    GUID: {1ECE7C2B-7CDB-4C9F-9701-4C452A6F38EE}
    Filename: C:\WINDOWS\system32\ZoneLabs\vetredir.dll

    Protocol 22: CA ISafe LSP over [MSAFD Tcpip [RAW/IP]]
    GUID: {1ECE7C2B-7CDB-4C9F-9701-4C452A6F38EE}
    Filename: C:\WINDOWS\system32\ZoneLabs\vetredir.dll

    Protocol 41: CA ISafe LSP
    GUID: {AE2578B4-F478-4313-9A3E-1B83F7A643DF}
    Filename: C:\WINDOWS\system32\ZoneLabs\vetredir.dll

    Protocol 42: imslsp/1144400931
    GUID: {62830337-B09A-427B-91EF-F8DFEE85AF63}
    Filename: C:\WINDOWS\system32\imslsp.dll

    Protocol 43: WA6
    GUID: {554B976C-E5E1-4003-8AB0-9810CA0E1163}
    Filename: C:\Program Files\WinAntiVirus Pro 2006\MailScan.dll

    --- Uninstall list ---
    a-squared Free 1.6.5 1.6 (a-squared Free_is1)
    install location: C:\Program Files\a-squared\
    uninstall cmd: "C:\Program Files\a-squared\unins000.exe"
    publisher: Emsi Software GmbH
    comments: a-squared
    help link: https://support.emsisoft.com/

    Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
    uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    publisher: Lavasoft
    help link: https://www.adaware.com/

    CleanUp! (CleanUp!)
    uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe

    Outil de connexion Wanadoo (EspaceWanadoo.exe)
    uninstall cmd: C:\PROGRA~1\Wanadoo\MessageDesinstallation.exe Wanadoo

    ewido anti-malware (ewidoantimalware)
    install location: C:\Program Files\ewido anti-malware
    uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
    publisher: ewido networks
    help link: https://www.avg.com/en-us/free-antivirus-download

    Navigateur Wanadoo (FranceTelecomUninstall_FTBrowser)
    install location: C:\PROGRA~1\Wanadoo\WOOBrowser
    uninstall cmd: C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl

    HijackThis 1.99.1 1.99.1 (HijackThis)
    uninstall cmd: C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe /uninstall
    publisher: Soeperman Enterprises Ltd.

    (KB905915)

    Language pack for Ad-Aware SE (Language pack for Ad-Aware SE)
    uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
    publisher: Lavasoft
    help link: http://www.lavasoft.de

    4.8.0.6787 (MailFrontier Desktop)
    publisher: MailFrontier

    WinAntiVirus Pro 2006 2.0.175.0 (WA6P_is1)
    install location: C:\Program Files\WinAntiVirus Pro 2006\
    uninstall cmd: "C:\Program Files\WinAntiVirus Pro 2006\pv.exe"
    publisher: WinSoftware, Ltd.
    help link: http://fr.winsoftware.com

    WinAntiVirus Pro 2006 Bonus Pack 1.0.11.0 (WinAntiVirus Pro 2006 Bonus Pack_is1)
    install location: C:\Program Files\WinAntiVirus Pro 2006\
    uninstall cmd: "C:\Program Files\WinAntiVirus Pro 2006\unins001.exe"
    publisher: WinSoftware, Ltd.

    ZoneAlarm Security Suite 6.1.744.001 (ZoneAlarm Security Suite)
    uninstall cmd: C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
    publisher: Zone Labs, Inc
    help link: C:\Program Files\Zone Labs\ZoneAlarm\Aide\zaclients.chm

    --- System Services ---
    Service (registry key): .NET CLR Data
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NET CLR Networking
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NETFramework
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): Abiosdsk
    Start: 4
    Type: 1
    Error Control: 0

    Service (registry key): abp480n5
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ACPI
    Display name: Pilote ACPI Microsoft
    Image path: System32\DRIVERS\ACPI.sys
    Image size: 180224
    Image MD5: FFDEF54A7A4519CF7117536D43DEEFAB
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): ACPIEC
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): adpu160m
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): aec
    Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
    Image path: system32\drivers\aec.sys
    Image size: 142208
    Image MD5: FF773FEDA15E8BD97FD54FE87A0ACDBE
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): AFD
    Display name: Environnement de prise en charge de réseau AFD
    Description: Environnement de prise en charge de réseau AFD
    Image path: \SystemRoot\System32\drivers\afd.sys
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): AFS2K
    Display name: AFS2k
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): agp440
    Display name: Filtre de bus AGP Intel
    Image path: System32\DRIVERS\agp440.sys
    Image size: 42368
    Image MD5: 2C428FA0C3E3A01ED93C9B2A27D8D4BB
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): Aha154x
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): aic78u2
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): aic78xx
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ALCXWDM
    Display name: Service for Realtek AC97 Audio (WDM)
    Image path: system32\drivers\ALCXWDM.SYS
    Image size: 756444
    Image MD5: B0720CB5306B7FBB01F9F6FC343FE676
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): Alerter
    Display name: Avertissement
    Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
    Object name: NT AUTHORITY\LocalService
    Image path: %SystemRoot%\System32\svchost.exe -k LocalService
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 4
    Type: 32
    Error Control: 1
    Depends On services: LanmanWorkstation

    Service (registry key): ALG
    Display name: Service de la passerelle de la couche Application
    Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows.
    Object name: NT AUTHORITY\LocalService
    Image path: %SystemRoot%\System32\alg.exe
    Image size: 44544
    Image MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
    Start: 3
    Type: 16
    Error Control: 1

    Service (registry key): AliIde
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): AmdK7
    Display name: Pilote de processeur AMD K7
    Image path: System32\DRIVERS\amdk7.sys
    Image size: 41600
    Image MD5: C0F59933070392E662B3C2BB2BE77955
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): amsint
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): AppMgmt
    Display name: Gestion d'applications
    Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer.
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 3
    Type: 32
    Error Control: 1

    Service (registry key): Arp1394
    Display name: Protocole client ARP 1394
    Description: Protocole client ARP 1394
    Image path: System32\DRIVERS\arp1394.sys
    Image size: 57344
    Image MD5: E47AE30589D7195BB044847FBB63A06E
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): asc
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): asc3350p
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): asc3550
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ASP.NET
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): ASP.NET_1.1.4322
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): Aspi32
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): aspnet_state
    Display name: ASP.NET State Service
    Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
    Object name: NT AUTHORITY\NetworkService
    Image path: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
    Image size: 32768
    Image MD5: A986FCFDAC587E68478DB51547B90800
    Start: 2
    Type: 16
    Error Control: 1

    Service (registry key): AsyncMac
    Display name: Pilote de média asynchrone RAS
    Description: Pilote de média asynchrone RAS
    Image path: System32\DRIVERS\asyncmac.sys
    Image size: 14336
    Image MD5: 02000ABF34AF4C218C35D257024807D6
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): atapi
    Display name: Contrôleur de disque dur IDE/ESDI standard
    Image path: System32\DRIVERS\atapi.sys
    Image size: 87040
    Image MD5: F1D915C3870E741D83B5142F3B358761
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): Atdisk
    Start: 4
    Type: 1
    Error Control: 0

    Service (registry key): ati2mtag
    Image path: System32\DRIVERS\ati2mtag.sys
    Image size: 600064
    Image MD5: 59A5283CCC889FB41CB72BFC58E82B7D
    Start: 3
    Type: 1
    Error Control: 0

    Service (registry key): Atmarpc
    Display name: Protocole client ATM ARP
    Description: Protocole client ATM ARP
    Image path: System32\DRIVERS\atmarpc.sys
    Image size: 59904
    Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): AudioSrv
    Display name: Audio Windows
    Description: Gère les périphériques audio pour les programmes basés sur Windows. Si ce service est arrêté, les périphériques et les effets audio ne fonctionneront pas correctement. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1
    Depends On services: PlugPlay,RpcSs

    Service (registry key): audstub
    Display name: Pilote audio Stub
    Image path: System32\DRIVERS\audstub.sys
    Image size: 3072
    Image MD5: D9F724AA26C010A217C97606B160ED68
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): BattC
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): Beep
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): BITS
    Display name: Service de transfert intelligent en arrière-plan
    Description: Transfère des fichiers en tâche de fond en utilisant la bande passante du réseau lors de ses périodes d'inactivité. Si le service est arrêté, des fonctionnalités telles que Windows Update et MSN Explorer ne pourront plus télécharger automatiquement des programmes et d'autres informations. Si ce service est désactivé, tous les services qui en dépendent explicitement peuvent présenter des problèmes de transfert de fichiers s'ils ne disposent pas d'un mécanisme sûr de remplacement pour transférer les fichier
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1
    Depends On services: Rpcss

    Service (registry key): Browser
    Display name: Explorateur d'ordinateur
    Description: Tient à jour une liste des ordinateurs présents sur le réseau et fournit cette liste aux ordinateurs désignés comme navigateurs. Si ce service est arrêté, la liste ne sera pas mise ou tenue à jour. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1
    Depends On services: LanmanWorkstation,LanmanServer

    Service (registry key): CAISafe
    Display name: CA ISafe
    Object name: LocalSystem
    Image path: C:\WINDOWS\system32\ZoneLabs\isafe.exe
    Image size: 188416
    Image MD5: F2AA32E37D59A5480A9C98B3C1D6A9B2
    Start: 3
    Type: 16
    Error Control: 1

    Service (registry key): cbidf2k
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): cd20xrnt
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): Cdaudio
    Start: 1
    Type: 1
    Error Control: 0

    Service (registry key): Cdfs
    Start: 4
    Type: 2
    Error Control: 1
    Depends On group: "SCSI CDROM Class"

    Service (registry key): Cdrom
    Display name: Pilote de CD-ROM
    Image path: System32\DRIVERS\cdrom.sys
    Image size: 47488
    Image MD5: 6506E033AD04CFEC9EE56DBEFD1083DD
    Start: 1
    Type: 1
    Error Control: 1
    Depends On group: "SCSI miniport"

    Service (registry key): Changer
    Start: 1
    Type: 1
    Error Control: 0

    Service (registry key): CiSvc
    Display name: Service d'indexation
    Description: Construit un index des contenus et des propriétés des fichiers sur les ordinateurs locaux et distants ; fournit un accès rapide aux fichiers par le biais d'un langage d'interrogation flexible.
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\cisvc.exe
    Image size: 5632
    Image MD5: D24F6382F5171B07705364812E9459E2
    Start: 3
    Type: 288
    Error Control: 1
    Depends On services: RPCSS

    Service (registry key): ClipSrv
    Display name: Gestionnaire de l'Album
    Description: Active le Gestionnaire de l'Album afin de stocker les informations et les partager avec des ordinateurs à distance. Si le service est arrêté, le Gestionnaire de l'Album ne pourra pas partager les informations avec des ordinateurs à distance. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\clipsrv.exe
    Image size: 33280
    Image MD5: 711DB3A49EFDE3E2640CDB782D478628
    Start: 4
    Type: 16
    Error Control: 1
    Depends On services: NetDDE

    Service (registry key): CmdIde
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): COMSysApp
    Display name: Application système COM+
    Description: Gère la configuration et le suivi des composants de base COM+ (Component Object Model) . Si le service est arrêté, la plupart des composants de base COM+ ne fonctionneront pas correctement. Si ce service est désactivé, les services qui en dépendent de manière explicite ne pourront pas démarrer.
    Object name: LocalSystem
    Image path: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
    Image size: 5120
    Image MD5: D66259C3BCEFC9CAEB481ED52A4EAC74
    Start: 3
    Type: 16
    Error Control: 1
    Depends On services: rpcss

    Service (registry key): ContentFilter
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): ContentIndex
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): Cpqarray
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): CryptSvc
    Display name: Services de cryptographie
    Description: Fournit trois services de gestion : le service de base de données de catalogue, qui confirme la signature des fichiers Windows; le service de racine protégée, qui ajoute et supprime des certificats d'autorité de certification de racine approuvés et le service Clé, qui fournit une aide dans l'inscription de cet ordinateur pour les certificats. Si ce service est arrêté, ces services de gestion ne fonctionneront pas correctement. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1
    Depends On services: RpcSs

    Service (registry key): dac2w2k
    Start: 4
    Type: 1
    Error Control: 0

    Service (registry key): dac960nt
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): DcomLaunch
    Display name: Lanceur de processus serveur DCOM
    Description: Fournit la fonctionnalité de lancement des services DCOM.
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\svchost -k DcomLaunch
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1

    Service (registry key): Dhcp
    Display name: Client DHCP
    Description: Gère la configuration réseau en inscrivant et en mettant à jour les adresses IP et les noms DNS.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1
    Depends On services: Tcpip,Afd,NetBT

    Service (registry key): Disk
    Display name: Pilote de disque
    Image path: System32\DRIVERS\disk.sys
    Image size: 33792
    Image MD5: D1B16340CEACEECBF52340A0CBDF43E1
    Start: 0
    Type: 1
    Error Control: 1
    Depends On group: "SCSI miniport"

    Service (registry key): dmadmin
    Display name: Service d'administration du Gestionnaire de disque logique
    Description: Configure les lecteurs de disque durs et les volumes. Le service ne s'exécute que pour les processus de configurations puis s'arrête.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\dmadmin.exe /com
    Image size: 225280
    Image MD5: 6FCCA7A00B32681EC9928AA730BBDB75
    Start: 3
    Type: 32
    Error Control: 1
    Depends On services: RpcSs,PlugPlay,DmServer

    Service (registry key): dmboot
    Image path: System32\drivers\dmboot.sys
    Image size: 800256
    Image MD5: E2D3B7620310FE56685F9B15A6B404B3
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): dmio
    Image path: System32\drivers\dmio.sys
    Image size: 154496
    Image MD5: C77F5C20AA70197A69AA84BAA9DE43C8
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): dmload
    Image path: System32\drivers\dmload.sys
    Image size: 5888
    Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): dmserver
    Display name: Gestionnaire de disque logique
    Description: Détecte et analyse de nouveaux lecteurs de disque durs et envoie les informations de volume de disque au service gestionnaire administratif de disque logique pour la configuration. Si ce service est arrêté, l'état des disques dynamiques et les informations de configuration peuvent devenir obsolètes. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 3
    Type: 32
    Error Control: 1
    Depends On services: RpcSs,PlugPlay

    Service (registry key): DMusic
    Display name: Synthétiseur DLS du noyau Microsoft
    Image path: system32\drivers\DMusic.sys
    Image size: 50048
    Image MD5: EF05974D47D56FA8387F170F05BAE5E7
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): Dnscache
    Display name: Client DNS
    Description: Résout et met en cache les noms DNS pour cet ordinateur. Si ce service est arrêté, l'ordinateur ne pourra pas résoudre les noms DNS et trouver les contrôleurs de domaine Active Directory. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
    Object name: NT AUTHORITY\NetworkService
    Image path: %SystemRoot%\System32\svchost.exe -k NetworkService
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): dpti2o
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): drmkaud
    Display name: Filtre de décodeur DRM (Noyau Microsoft)
    Image path: system32\drivers\drmkaud.sys
    Image size: 2816
    Image MD5: FD859E517FA2ABB53654AFA7EC9E3A94
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): ERSvc
    Display name: Service de rapport d'erreurs
    Description: Active le rapport d'erreurs pour les services et les applications s'exécutant sur des environnements non standard.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 0
    Depends On services: RpcSs

    Service (registry key): Eventlog
    Display name: Journal des événements
    Description: Active les messages d'événements émis par les programmes fonctionnant sous Windows et les composants devant être affichés dans l'observateur d'événements. Ce service ne peut être arrêté.
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\services.exe
    Image size: 108544
    Image MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
    Start: 2
    Type: 32
    Error Control: 1

    Service (registry key): EventSystem
    Display name: Système d'événements de COM+
    Description: Prend en charge le service de notification d'événements système (SENS, System Event Notification Service), qui fournit une distribution automatique d'événements aux composants COM (Component Object Model) abonnés. Si le service est arrêté, SENS sera fermé et ne pourra fournir des informations d'ouverture et de fermeture de session. Si ce service est désactivé, le démarrage de tout service qui en dépend explicitement échouera.
    Object name: LocalSystem
    Image path: C:\WINDOWS\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 3
    Type: 32
    Error Control: 1
    Depends On services: RPCSS

    Service (registry key): ewido security suite control
    Display name: ewido security suite control
    Object name: LocalSystem
    Image path: C:\Program Files\ewido anti-malware\ewidoctrl.exe
    Image size: 13888
    Image MD5: 26830B750372AB1BF29C95DEEBEB802F
    Start: 2
    Type: 272
    Error Control: 0

    Service (registry key): Fastfat
    Start: 4
    Type: 2
    Error Control: 1

    Service (registry key): FastUserSwitchingCompatibility
    Display name: Compatibilité avec le Changement rapide d'utilisateur
    Description: Fournit un système de gestion à des applications qui nécessitent de l'Assistance dans un environnement d'utilisateurs multiples.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 3
    Type: 32
    Error Control: 1
    Depends On services: TermService

    Service (registry key): Fax
    Display name: Fax
    Description: Vous permet d'envoyer et de recevoir des télécopies, d'utiliser les ressources de télécopie disponibles sur cet ordinateur ou le réseau.
    Object name: LocalSystem
    Image path: %systemroot%\system32\fxssvc.exe
    Image size: 268800
    Image MD5: 312AD40E462BD61763B1166D6D8C1642
    Start: 3
    Type: 16
    Error Control: 1
    Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler

    Service (registry key): Fdc
    Display name: Pilote de contrôleur de lecteur de disquettes
    Image path: System32\DRIVERS\fdc.sys
    Image size: 26240
    Image MD5: 19C5C7EAC0190A42522290BF002F64EA
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): Fips
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): Flpydisk
    Display name: Pilote de lecteur de disquettes
    Image path: System32\DRIVERS\flpydisk.sys
    Image size: 19712
    Image MD5: 8F70D1F7606F7442E2F7383F3701D728
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): FltMgr
    Display name: FltMgr
    Description: File System Filter Manager Driver
    Image path: system32\drivers\fltmgr.sys
    Image size: 124800
    Image MD5: 157754F0DF355A9E0A6F54721914F9C6
    Start: 0
    Type: 2
    Error Control: 1

    Service (registry key): FOPN
    Display name: FOPN
    Image path: System32\Drivers\FOPN.sys
    Image size: 35840
    Image MD5: 7ADFD55CDC05CF09B6CC51F6516C6FE4
    Start: 0
    Type: 2
    Error Control: 1

    Service (registry key): FSAA
    Start: 0
    Type: 0
    Error Control: 0
    Depends On services: RPCSS

    Service (registry key): FSMA
    Start: 0
    Type: 0
    Error Control: 0
    Depends On services: RPCSS

    Service (registry key): Fs_Rec
    Start: 1
    Type: 8
    Error Control: 0

    Service (registry key): Ftdisk
    Display name: Pilote du Gestionnaire de volume
    Image path: System32\DRIVERS\ftdisk.sys
    Image size: 126080
    Image MD5: A86859B77B908C18C2657F284AA29FE3
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): FTRTSVC
    Display name: France Telecom Routing Table Service
    Description: Allow protected access to routing table
    Object name: LocalSystem
    Image path: C:\WINDOWS\System32\FTRTSVC.exe
    Image size: 40960
    Image MD5: D1261099E03EEE90976EA19002995B89
    Start: 2
    Type: 16
    Error Control: 0

    Service (registry key): FWSvc
    Display name: Firewall service
    Description: Firewall service of WinAntiVirus Pro 2006 checks all incoming and outgoing traffic on your system to prevent unauthorized access to your PC. If no threats are detected, this service will allow data to pass through.
    Object name: LocalSystem
    Image path: C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe /service
    Start: 3
    Type: 272
    Error Control: 1

    Service (registry key): Gpc
    Display name: Classificateur de paquets générique
    Description: Classificateur de paquets générique
    Image path: System32\DRIVERS\msgpc.sys
    Image size: 35072
    Image MD5: C0F1D4A21DE5A415DF8170616703DEBF
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): helpsvc
    Display name: Aide et support
    Description: Permet à l'application Aide et support de fonctionner sur cet ordinateur. Si ce service est arrêté, la fonctionnalité Aide et support ne sera pas disponible. S'il est désactivé, tous les services dépendant explicitement de ce service ne pourront pas démarrer.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1
    Depends On services: RPCSS

    Service (registry key): HidServ
    Display name: Accès du périphérique d'interface utilisateur
    Description: Permet l'accès entrant générique aux périphériques d'interface utilisateur, qui activent et maintiennent l'utilisation des boutons actifs prédéfinis sur le clavier, les contrôles à distance, et d'autres périphériques multimédia. Si ce service est arrêté, les boutons actifs contrôlés par ce service ne fonctionneront pas. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 4
    Type: 32
    Error Control: 1
    Depends On services: RpcSs

    Service (registry key): HidUsb
    Display name: Pilote de classe HID Microsoft
    Image path: System32\DRIVERS\hidusb.sys
    Image size: 9600
    Image MD5: 1DE6783B918F540149AA69943BDFEBA8
    Start: 3
    Type: 1
    Error Control: 0

    Service (registry key): hpn
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): HSFHWBS2
    Image path: System32\DRIVERS\HSFHWBS2.sys
    Image size: 196352
    Image MD5: 3D3F3AE5BDE2BE80DFB8A03F121B3849
    Start: 3
    Type: 1
    Error Control: 0

    Service (registry key): HSF_DP
    Image path: System32\DRIVERS\HSF_DP.sys
    Image size: 1063040
    Image MD5: 9B731969BA86D9A3CA55638264603E12
    Start: 3
    Type: 1
    Error Control: 0

    Service (registry key): HTTP
    Display name: HTTP
    Description: Ce service implémente le protocole HTTP (HyperText Transfer Protocol). Si ce service est désactivé, tous les services qui en dépendent de manière explicite échoueront au démarrage.
    Image path: System32\Drivers\HTTP.sys
    Image size: 262400
    Image MD5: BFB7B73C942E816C4FB4A5A7BAE87136
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): HTTPFilter
    Display name: HTTP SSL
    Description: Ce service implémente le protocole sécurisé HTTPS (Secure HyperText Transfer Protocol) pour le service HTTP, en utilisant la couche SSL (Secure Socket Layer). Si ce service est désactivé, tous les services qui en dépendent de manière explicite échoueront au démarrage.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 3
    Type: 32
    Error Control: 1
    Depends On services: HTTP

    Service (registry key): i2omgmt
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): i2omp
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): i8042prt
    Display name: Pilote pour clavier i8042 et souris sur port PS/2
    Image path: System32\DRIVERS\i8042prt.sys
    Image size: 52736
    Image MD5: 62DF7F3C91015D236353956995D02E80
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): ialm
    Image path: System32\DRIVERS\ialmnt5.sys
    Image size: 90907
    Image MD5: 1406D6EF4436AEE970EFE13193123965
    Start: 3
    Type: 1
    Error Control: 0

    Service (registry key): IDriverT
    Display name: InstallDriver Table Manager
    Description: Provides support for the Running Object Table for InstallShield Drivers
    Object name: LocalSystem
    Image path: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"
    Image size: 69632
    Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C
    Start: 3
    Type: 16
    Error Control: 0

    Service (registry key): ids00026
    Display name: ids00026
    Image path: \??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): Imapi
    Display name: Pilote de filtre de gravure CD
    Image path: System32\DRIVERS\imapi.sys
    Image size: 39808
    Image MD5: 3CB4410747F2330D97B10B656D5BB2AC
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): ImapiService
    Display name: Service COM de gravage de CD IMAPI
    Description: Gère le gravage des CD via l'interface série IMAPI (Image Mastering Applications Programming Interface). Si ce service est arrêté, cet ordinateur ne pourra plus enregistrer de CD. Si ce service est désactivé, les services qui en dépendent ne vont pas pouvoir démarrer.
    Object name: LocalSystem
    Image path: C:\WINDOWS\System32\imapi.exe
    Image size: 150016
    Image MD5: 40432437BBA5CD10B76A2D3B3CD5AD2D
    Start: 3
    Type: 16
    Error Control: 1

    Service (registry key): inetaccs
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): ini910u
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): Inport
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): IntelIde
    Display name: IntelIde
    Image path: \SystemRoot\System32\DRIVERS\intelide.sys
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ip6fw
    Display name: Pilote du pare-feu Windows IPv6
    Description: Fournit un service de prévention d'intrusion pour un réseau domestique ou de petite entreprise.
    Image path: system32\drivers\ip6fw.sys
    Image size: 29056
    Image MD5: 4448006B6BC60E6C027932CFC38D6855
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): IpFilterDriver
    Display name: Pilote de filtre de trafic IP
    Description: Pilote de filtre de trafic IP
    Image path: System32\DRIVERS\ipfltdrv.sys
    Image size: 32896
    Image MD5: 731F22BA402EE4B62748ADAF6363C182
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): IpInIp
    Display name: Pilote de tunnelage IP dans IP
    Description: Pilote de tunnelage IP dans IP
    Image path: System32\DRIVERS\ipinip.sys
    Image size: 20992
    Image MD5: E1EC7F5DA720B640CD8FB8424F1B14BB
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): IpNat
    Display name: Traducteur d'adresses réseau IP
    Description: Traducteur d'adresses réseau IP
    Image path: System32\DRIVERS\ipnat.sys
    Image size: 134912
    Image MD5: E2168CBC7098FFE963C6F23F472A3593
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): IPSec
    Display name: Pilote IPSEC
    Description: Pilote IPSEC
    Image path: System32\DRIVERS\ipsec.sys
    Image size: 74752
    Image MD5: 64537AA5C003A6AFEEE1DF819062D0D1
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): IRENUM
    Display name: Service énumérateur IR
    Image path: System32\DRIVERS\irenum.sys
    Image size: 11264
    Image MD5: 50708DAA1B1CBB7D6AC1CF8F56A24410
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): ISAPISearch
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): isapnp
    Display name: Pilote de bus Plug-and-Play ISA/EISA
    Image path: System32\DRIVERS\isapnp.sys
    Image size: 36224
    Image MD5: 54632F1A7DE61DC3615D756F2A90FA72
    Start: 0
    Type: 1
    Error Control: 3

    Service (registry key): Kbdclass
    Display name: Pilote de la classe Clavier
    Image path: System32\DRIVERS\kbdclass.sys
    Image size: 24064
    Image MD5: 9BB4976AACD2C9DF788AFCC53ABB790C
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): kmixer
    Display name: Mélangeur audio Wave de noyau Microsoft
    Image path: system32\drivers\kmixer.sys
    Image size: 159360
    Image MD5: 10E0FEB086D8C1419B958C9034E4668A
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): KSecDD
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): lanmanserver
    Display name: Serveur
    Description: Prend en charge le partage de fichiers, d'impression et des canaux nommés via le réseau pour cet ordinateur. Si ce service est arrêté, ces fonctions ne seront pas disponibles. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1

    Service (registry key): lanmanworkstation
    Display name: Station de travail
    Description: Crée et maintient des connexions de réseau client à des serveurs distants. Si ce service est arrêté, ces connexions ne seront pas disponibles. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
    Object name: LocalSystem
    Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    Start: 2
    Type: 32
    Error Control: 1

    Service (registry key): lbrtfdc
    Start: 1
    Type: 1
    Error Control: 0

    Service (registry key): ldap
    Start: 0
    Type: 0
    Error Control: 0

    0
  • 1
  • 2