Probleme virus pc
Fermé
peinxy
Messages postés
54
Date d'inscription
jeudi 31 juillet 2008
Statut
Membre
Dernière intervention
6 novembre 2011
-
6 mai 2011 à 23:17
peinxy Messages postés 54 Date d'inscription jeudi 31 juillet 2008 Statut Membre Dernière intervention 6 novembre 2011 - 7 mai 2011 à 08:30
peinxy Messages postés 54 Date d'inscription jeudi 31 juillet 2008 Statut Membre Dernière intervention 6 novembre 2011 - 7 mai 2011 à 08:30
Bonjour, Mon pc plante sans arret voici un rapport effectué par ZHPDiag:
Rapport de ZHPDiag v1.27.200 par Nicolas Coolman, Update du 04/05/2011
Run by KALIL at 06/05/2011 22:52:03
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
OPIE: Opera v10.63
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 15 Model 2 Stepping 4, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 703 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 2 GB (11%) free of 15 GB
---\\ Logged in mode
Computer Name: A6-C798F0E5A4EB
User Name: KALIL
All Users Names: SUPPORT_388945a0, Lanciné, KALIL, HelpAssistant, Hataké Mai, Christian, Black Star Sama, Administrateur, Adamladiva,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Documents and Settings\KALIL\Application Data
%LocalAppData%=C:\Documents and Settings\KALIL\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\KALIL\Menu Démarrer
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 15 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 24 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08/03/2009 04:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 12:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Processus lancés
[MD5.018857EAD9A077A56AEDFC0E5EF7A24A] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.127F7E762651089A30BFC3D087FD0A74] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [415008]
[MD5.D859A9D2F026CE5804485068FFD6EAF2] - (.Microsoft Corporation - Telnet.) -- C:\WINDOWS\system32\tlntsvr.exe [75264]
[MD5.C6D56542036072D6E3772BAC89EC93FB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [1684992]
[MD5.66EE0A55E6989933B239A6F2DEFE1BAD] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [693152]
[MD5.1BBDC715752A62AA752400F7041DA0B2] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1029120]
[MD5.AA556C0975038AF80F3E9F6041247CDE] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe [399736]
[MD5.0CA8C2E721617AA2F923A8151C96FB33] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008]
[MD5.83D403A42B88AD70E463CB75F5DECB14] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [1188864]
[MD5.ADE63CBD832A9BDD96DCF013496312C5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [645120]
[MD5.9737FC97B5C941F083C4E46CBCCE2D4A] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [735960]
---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation (written by Digital R - Npdsplay dll.) -- C:\Program Files\Opera\Program\Plugins\npdsplay.dll
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation - DRM Store Netscape Plugin.) -- C:\Program Files\Opera\Program\Plugins\npwmsdrm.dll
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\avg_igeared.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 1.0.30401.0.) -- c:\Program Files\Microsoft Silverlight\npctrl.1.0.30401.0.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.5] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll (.not file.)
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.fr/?gws_rd=ssl
R1 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = google
R1 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/?gws_rd=ssl
R1 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (.not file.)
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [windll] C:\WINDOWS\system32\windotnetsrv.exe (.not file.)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\cdloader2.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\cdloader2.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk . (...) -- C:\Program Files\MsOff2003\OFFICE11\ONENOTEM.EXE (.not file.)
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA0000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Opera.lnk . (.Opera Software.) -- C:\Program Files\Opera\opera.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\magicJack.lnk . (.magicJack L.P..) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\magicJackLoader.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: Console Java (Sun) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MSOFF2~1\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MSOFF2~1\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D51E5446-64BB-4104-8495-274ED1152AA6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D51E5446-64BB-4104-8495-274ED1152AA6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D51E5446-64BB-4104-8495-274ED1152AA6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\wpdshserviceobj.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (WMPNetworkSvc) - Clé orpheline
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{4A3CF234-6F2E-486B-B205-96232DC58CC5}.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{90034F02-DEC3-45C8-A5C2-9EE4FD670927}.job
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Pas de propriétaire.) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe (.not file.)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys
O41 - Driver: (epfwtdir) . (.ESET - ESET Antivirus Network Redirector.) - C:\Windows\System32\DRIVERS\epfwtdir.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (wceusbsh) . (.Microsoft Corporation - Hôte série USB Windows CE.) - C:\Windows\System32\DRIVERS\wceusbsh.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ASIO4ALL - (.Pas de propriétaire.) [HKLM] -- ASIO4ALL
O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU] -- CodeBlocks
O42 - Logiciel: Drumaxx - (.Image-Line.) [HKLM] -- Drumaxx
O42 - Logiciel: FL Studio 9 - (.Image-Line.) [HKLM] -- FL Studio 9
O42 - Logiciel: Free Video Converter V 2.92 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1
O42 - Logiciel: Hardcore - (.Image-Line.) [HKLM] -- Hardcore
O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] -- KB915865
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM] -- IL Download Manager
O42 - Logiciel: Java(TM) 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050}
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 - (.Microsoft Corporation.) [HKLM] -- {B508B3F1-A24A-32C0-B310-85786919EF28}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote 2003 - (.Microsoft Corporation.) [HKLM] -- {90A1040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Opera 10.63 - (.Opera Software ASA.) [HKLM] -- {87CC8013-56D1-43E1-A0A5-AD406B4EBA95}
O42 - Logiciel: PoiZone - (.Image-Line.) [HKLM] -- PoiZone
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Sakura - (.Image-Line.) [HKLM] -- Sakura
O42 - Logiciel: Sawer - (.Image-Line.) [HKLM] -- Sawer
O42 - Logiciel: SiS 650_651_M650_M652_740 - (.Pas de propriétaire.) [HKLM] -- SiS 650_651_M650_M652_740
O42 - Logiciel: SiS Audio Driver - (.Pas de propriétaire.) [HKLM] -- SiS7012
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2
O42 - Logiciel: Toxic Biohazard - (.Image-Line.) [HKLM] -- Toxic Biohazard
O42 - Logiciel: Transform XP to Vista 3.1 - (.OrdinarySoft.) [HKLM] -- Transform XP to Vista_is1
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Support Tools - (.Microsoft Corporation.) [HKLM] -- {89B078C4-50B0-453E-BF53-3A7E6A0D85FA}
O42 - Logiciel: dBpoweramp Music Converter - (.Illustrate.) [HKLM] -- dBpoweramp Music Converter
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {FAE36873-1941-4076-A9A5-48812B5EA0B7}
O42 - Logiciel: magicJack - (.magicJack L.P..) [HKCU] -- magicJack
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\ASIO4ALL v2 by Wuschel]
[HKCU\Software\ASProtect]
[HKCU\Software\AVG Security Toolbar]
[HKCU\Software\Adobe]
[HKCU\Software\Apcte]
[HKCU\Software\AppDataLow\Avg]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\Avg]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\ESET]
[HKCU\Software\Gabest]
[HKCU\Software\Illustrate]
[HKCU\Software\Image-Line]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KALIL914]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Outsim]
[HKCU\Software\Policies]
[HKCU\Software\SFX TEAM]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SoftVoice]
[HKCU\Software\Usbfix]
[HKCU\Software\Vision Thing]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\epsxe]
[HKCU\Software\talk4free]
[HKCU\Software\tvp]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ASIO]
[HKLM\Software\AVG Security Toolbar]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avg]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Dev-C++]
[HKLM\Software\ESET]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Image-Line]
[HKLM\Software\JavaSoft]
[HKLM\Software\KGB Software]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Mpath]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\Netscape]
[HKLM\Software\Notepad++]
[HKLM\Software\ODBC]
[HKLM\Software\Opera Software]
[HKLM\Software\Outsim]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SiS]
[HKLM\Software\Silicon Integrated Systems Corporation]
[HKLM\Software\TrendMicro]
[HKLM\Software\VST]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\iTinySoft]
[HKLM\Software\knight]
[HKLM\Software\mozilla.org]
[HKLM\Software\zbshareware]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/05/2011 - 15:20:44 - [69632] ----D- C:\Program Files\7-Zip
O43 - CFD: 25/03/2011 - 23:38:16 - [114403041] ----D- C:\Program Files\Adobe
O43 - CFD: 22/03/2011 - 11:10:02 - [1744414] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 23/03/2011 - 17:48:12 - [487603] ----D- C:\Program Files\ASIO4ALL v2
O43 - CFD: 27/01/2011 - 08:57:40 - [669459] ----D- C:\Program Files\Bonjour
O43 - CFD: 01/04/2011 - 17:00:14 - [112959363] ----D- C:\Program Files\CodeBlocks
O43 - CFD: 14/12/2010 - 06:46:40 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 04/05/2011 - 16:17:36 - [38823490] ----D- C:\Program Files\ESET
O43 - CFD: 25/03/2011 - 23:38:16 - [405481077] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 29/03/2011 - 20:39:20 - [11369838] ----D- C:\Program Files\Free Video Converter
O43 - CFD: 02/05/2011 - 13:02:28 - [126436327] ----D- C:\Program Files\GIMP-2.0
O43 - CFD: 30/04/2011 - 13:57:12 - [10814407] ----D- C:\Program Files\Illustrate
O43 - CFD: 22/03/2011 - 16:42:24 - [498352589] ----D- C:\Program Files\Image-Line
O43 - CFD: 07/01/2011 - 13:53:46 - [5726375] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 07/01/2011 - 13:54:18 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 01/05/2011 - 10:44:20 - [129926415] ----D- C:\Program Files\iTunes
O43 - CFD: 14/12/2010 - 06:53:00 - [73682975] ----D- C:\Program Files\Java
O43 - CFD: 21/02/2011 - 00:30:26 - [3438173] ----D- C:\Program Files\Messenger
O43 - CFD: 14/12/2010 - 06:55:24 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 23/03/2011 - 09:27:42 - [483012451] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 21/12/2010 - 22:54:20 - [3140072] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 16/12/2010 - 20:58:44 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 16/12/2010 - 20:52:00 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 16/12/2010 - 20:59:18 - [3178824] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 16/12/2010 - 20:57:40 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 14/12/2010 - 06:48:26 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 22/03/2011 - 11:09:56 - [29589058] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 16/12/2010 - 20:59:04 - [764] ----D- C:\Program Files\MSBuild
O43 - CFD: 14/12/2010 - 07:45:38 - [0] ----D- C:\Program Files\MSECache
O43 - CFD: 14/12/2010 - 06:45:58 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 02/03/2011 - 15:48:44 - [15698448] ----D- C:\Program Files\MsOff2003
O43 - CFD: 14/12/2010 - 06:48:40 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 22/03/2011 - 11:11:32 - [10586939] ----D- C:\Program Files\Notepad++
O43 - CFD: 06/05/2011 - 15:13:28 - [24342103] ----D- C:\Program Files\Opera
O43 - CFD: 14/12/2010 - 06:48:36 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 15/12/2010 - 19:55:12 - [7888909] ----D- C:\Program Files\Outsim
O43 - CFD: 22/03/2011 - 11:12:10 - [82367175] ----D- C:\Program Files\QuickTime
O43 - CFD: 14/12/2010 - 06:49:18 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 14/12/2010 - 11:29:30 - [0] ----D- C:\Program Files\SiS7012
O43 - CFD: 25/03/2011 - 19:14:00 - [1451419] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 23/03/2011 - 07:16:28 - [8444549] ----D- C:\Program Files\Support Tools
O43 - CFD: 29/03/2011 - 20:45:28 - [22155116] ----D- C:\Program Files\Transform XP to Vista
O43 - CFD: 14/12/2010 - 07:05:52 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 28/03/2011 - 23:08:12 - [12325318] ----D- C:\Program Files\USB Disk Security
O43 - CFD: 06/05/2011 - 15:47:48 - [399736] ----D- C:\Program Files\uTorrent
O43 - CFD: 21/02/2011 - 07:45:04 - [195349171] ----D- C:\Program Files\VideoLAN
O43 - CFD: 22/03/2011 - 16:42:44 - [5351424] ----D- C:\Program Files\VstPlugins
O43 - CFD: 21/12/2010 - 22:55:36 - [3573390] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 25/01/2011 - 01:01:06 - [6198980] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 21/12/2010 - 22:56:02 - [3909887] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/12/2010 - 06:49:24 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 25/03/2011 - 19:40:32 - [4167463] ----D- C:\Program Files\WinRAR
O43 - CFD: 14/12/2010 - 06:55:24 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 06/05/2011 - 22:52:10 - [3803304] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 25/03/2011 - 23:38:44 - [3659245] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 07/01/2011 - 13:54:16 - [94104016] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 23/03/2011 - 17:46:34 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 14/12/2010 - 11:29:06 - [1738982] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 14/12/2010 - 06:52:30 - [25378745] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 23/03/2011 - 17:46:38 - [235264726] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 14/12/2010 - 06:48:36 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 14/12/2010 - 07:40:20 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 14/12/2010 - 06:48:40 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 14/12/2010 - 07:40:16 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 23/03/2011 - 09:35:12 - [41162892] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 14/12/2010 - 12:30:38 - [41937] ----D- C:\Documents and Settings\KALIL\Application Data\Adobe
O43 - CFD: 07/01/2011 - 17:55:54 - [178113] ----D- C:\Documents and Settings\KALIL\Application Data\Apple Computer
O43 - CFD: 03/04/2011 - 01:02:32 - [21347] ----D- C:\Documents and Settings\KALIL\Application Data\codeblocks
O43 - CFD: 02/03/2011 - 10:48:42 - [199] ----D- C:\Documents and Settings\KALIL\Application Data\dvdcss
O43 - CFD: 20/04/2011 - 10:05:58 - [3174] ----D- C:\Documents and Settings\KALIL\Application Data\FreeVideoConverter
O43 - CFD: 02/05/2011 - 15:53:34 - [167] ----D- C:\Documents and Settings\KALIL\Application Data\gtk-2.0
O43 - CFD: 14/12/2010 - 07:05:56 - [0] ----D- C:\Documents and Settings\KALIL\Application Data\Identities
O43 - CFD: 16/12/2010 - 22:15:30 - [405] ----D- C:\Documents and Settings\KALIL\Application Data\Macromedia
O43 - CFD: 06/05/2011 - 14:45:14 - [1492793] -S--D- C:\Documents and Settings\KALIL\Application Data\Microsoft
O43 - CFD: 06/05/2011 - 22:18:08 - [83091574] ----D- C:\Documents and Settings\KALIL\Application Data\mjusbsp
O43 - CFD: 23/03/2011 - 07:03:52 - [984301] ----D- C:\Documents and Settings\KALIL\Application Data\Mozilla
O43 - CFD: 14/03/2011 - 15:25:38 - [235302] ----D- C:\Documents and Settings\KALIL\Application Data\Notepad++
O43 - CFD: 06/05/2011 - 15:13:44 - [79693] ----D- C:\Documents and Settings\KALIL\Application Data\Opera
O43 - CFD: 14/12/2010 - 06:52:22 - [15794510] ----D- C:\Documents and Settings\KALIL\Application Data\Sun
O43 - CFD: 06/05/2011 - 22:48:12 - [14910] ----D- C:\Documents and Settings\KALIL\Application Data\uTorrent
O43 - CFD: 04/04/2011 - 12:19:14 - [31520840] ----D- C:\Documents and Settings\KALIL\Application Data\vlc
O43 - CFD: 14/12/2010 - 07:15:10 - [12] ----D- C:\Documents and Settings\KALIL\Application Data\WinRAR
O43 - CFD: 28/03/2011 - 23:08:18 - [0] ----D- C:\Documents and Settings\KALIL\Application Data\Zbshareware Lab
O43 - CFD: 14/12/2010 - 11:23:04 - [14817366] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Adobe
O43 - CFD: 14/01/2011 - 22:22:04 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Apple
O43 - CFD: 07/01/2011 - 17:54:50 - [51235] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Apple Computer
O43 - CFD: 26/03/2011 - 00:25:50 - [307822109] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\ESET
O43 - CFD: 06/05/2011 - 15:21:28 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\magicJack
O43 - CFD: 19/04/2011 - 00:39:54 - [12716266] -S--D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Microsoft
O43 - CFD: 16/12/2010 - 20:50:56 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Microsoft Help
O43 - CFD: 23/03/2011 - 07:03:38 - [21893451] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Mozilla
O43 - CFD: 06/05/2011 - 15:13:44 - [588232] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Opera
O43 - CFD: 14/12/2010 - 12:30:38 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Temp
O43 - CFD: 06/05/2011 - 20:23:34 - [152] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\tjnet
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 21:39:03 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [425904]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/05/2011 - 21:38:15 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 21:38:14 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 21:37:58 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 06/05/2011 - 21:37:39 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.D0DB9B4117007572B26E97D2FB573F4C] - 06/05/2011 - 21:03:19 ---A- . (...) -- C:\WINDOWS\setupapi.log [930391]
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 10:58:41 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32604]
O44 - LFC:[MD5.26B136431E1DB1FDCDDE630923E89DAF] - 04/05/2011 - 15:23:48 ---A- . (...) -- C:\UsbFix.txt [3708]
O44 - LFC:[MD5.78967D6E1070AEDA3A6335600492A76D] - 04/05/2011 - 15:23:37 ---A- . (...) -- C:\UsbFix_Upload_Me_A6-C798F0E5A4EB.zip [83309247]
O44 - LFC:[MD5.E8B829D1C03F0D9E9D393CDD8933CF54] - 01/05/2011 - 21:47:39 ---A- . (...) -- C:\WINDOWS\win.ini [782]
O44 - LFC:[MD5.AE92EE7B5545D269BC152475F4EFE80E] - 30/04/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.dat [15341]
O44 - LFC:[MD5.D6922010290421259122B09CA64D7E02] - 30/04/2011 - 12:56:53 ---A- . (...) -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.bmp [33846]
O44 - LFC:[MD5.6173E1BA159322C31815FD4BFE11FAE8] - 29/04/2011 - 14:25:32 ---A- . (...) -- C:\WINDOWS\System32\SpoonUninstall.exe [5731048]
O44 - LFC:[MD5.17FEFBBDB93033CEA89F7CB4AFF3D318] - 22/04/2011 - 22:49:04 ---A- . (...) -- C:\WINDOWS\comsetup.log [30559]
O44 - LFC:[MD5.AF25A08CC26C35260E9BF38CF66D8F83] - 22/04/2011 - 22:49:04 ---A- . (...) -- C:\WINDOWS\iis6.log [89232]
O44 - LFC:[MD5.33C239ECF6DC6BE896E29563BC4C1E5A] - 22/04/2011 - 22:49:04 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [18259]
O44 - LFC:[MD5.FD7C937E12BE8634892C9226F3024393] - 22/04/2011 - 22:49:03 ---A- . (...) -- C:\WINDOWS\imsins.log [1917]
O44 - LFC:[MD5.75C9A4C58461DBE6D9164FFF76CE0657] - 22/04/2011 - 22:49:03 ---A- . (...) -- C:\WINDOWS\tabletoc.log [3118]
O44 - LFC:[MD5.325551FE17002F53ED75C1225FF07A03] - 22/04/2011 - 22:49:03 ---A- . (...) -- C:\WINDOWS\tsoc.log [36660]
O44 - LFC:[MD5.4674C2581D1DE6724F36EAE67274BC6D] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [5507]
O44 - LFC:[MD5.CC50A990E9EAAC8423DA8BDB10127549] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\msgsocm.log [3575]
O44 - LFC:[MD5.A78DA50520ECDDAAF4A635C431FA9389] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\netfxocm.log [11833]
O44 - LFC:[MD5.AD98E8DDE3C24C3A57816A36089BB467] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\ocgen.log [74079]
O44 - LFC:[MD5.138E3D8EDA0C29CC5CE1E8039C9EDF23] - 22/04/2011 - 22:49:00 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [51565]
O44 - LFC:[MD5.A2FC287381FC0454FE09B58D2D3331C2] - 22/04/2011 - 22:47:57 ---A- . (...) -- C:\WINDOWS\msmqinst.log [21738]
O44 - LFC:[MD5.80BC5ABD41CE47900DC0B1E4D510A80F] - 09/04/2011 - 05:08:37 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1891]
O44 - LFC:[MD5.D7164A356033F64FF80D21E8129B8BC8] - 08/04/2011 - 13:58:50 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2206]
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "D:\DIDDY FILES\Drawing\LOGICIELS\gimp_2.6.8-i686-setup.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- D:\DIDDY FILES\Drawing\LOGICIELS\gimp_2.6.8-i686-setup.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\Explorer.EXE" [Enabled] .(.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe
O47 - AAKE:Key Export SP - "D:\MAGASS KALIL\MsOFFICE7\OFF 2007 YAHNE (G)\SETUP.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Setup Bootstrapper.) -- D:\MAGASS KALIL\MsOFFICE7\OFF 2007 YAHNE (G)\SETUP.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Media Player\WMPEnc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Media Player\WMPEnc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Media Player\WMPNetwk.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\DIDDY FILES\Drawing\SOFTWARE\epsxe160\ePSXe.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- D:\DIDDY FILES\Drawing\SOFTWARE\epsxe160\ePSXe.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ctfmon.exe" [Enabled] .(.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [Enabled] .(.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [Enabled] .(.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe" [Enabled] .(.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\vlc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Media Player\wmplayer.exe" [Enabled] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\SuperCopier2\SuperCopier2.exe" [Enabled] .(.SFX TEAM - SuperCopier 2 (explorer file copy replacement).) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Black Star Sama\Bureau\Commando\COMANDOS.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Black Star Sama\Bureau\Commando\COMANDOS.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Notepad++\notepad++.exe" [Enabled] .(.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) -- C:\Program Files\Notepad++\notepad++.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Black Star Sama\Mes documents\JUNIOR\Tlechargements\GAMES\Commando\COMANDOS.EXE" [Enabled] .(.Pas de propriétaireC:\Documents and Settings\Black Star Sama\Mes documents\JUNIOR\Tlechargements\GAMES\Com
O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Documents\Commando\COMANDOS.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\All Users\Documents\Commando\COMANDOS.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\UsbFix\UsbFix.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\UsbFix\UsbFix.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "F:\FunnyVideos.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- F:\FunnyVideos.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Ninja\ninja.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Ninja\ninja.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\windotnetsrv.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\windotnetsrv.exe (.not file.)
O47 - AAKE:Key Export SP - "G:\OMGAUDIO\OMGAUDIO.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- G:\OMGAUDIO\OMGAUDIO.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\QuickTime\QTTask.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\QuickTime\QTTask.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Image-Line\FL Studio 9\FL.exe" [Enabled] .(.Image-Line - FL Studio engine launcher.) -- C:\Program Files\Image-Line\FL Studio 9\FL.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunesHelper.exe" [Enabled] .(.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Total Video Converter\tvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Total Video Converter\tvc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\winmine.exe" [Enabled] .(.Microsoft Corporation - Jeu Démineur du pack Entertainment.) -- C:\WINDOWS\system32\winmine.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" [Enabled] .(.Microsoft Corporation - Office Source Engine.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Audacity\audacity.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Audacity\audacity.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\netsh.exe" [Enabled] .(.Microsoft Corporation - Invite de commandes réseau.) -- C:\WINDOWS\system32\netsh.exe
O47 - AAKE:Key Export SP - "C:\Program Files\MsOff2003\OFFICE11\ONENOTEM.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\MsOff2003\OFFICE11\ONENOTEM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\WINWORD.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files\Microsoft Office\Office12\WINWORD.exe
O47 - AAKE:Key Export SP - "C:\PROGRA~1\AVG\AVG9\avgtray.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\AVG\AVG9\avgtray.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\MPK\MPK.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\MPK\MPK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG9\avgcmgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AVG\AVG9\avgcmgr.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\Userinit.exe" [Enabled] .(.Microsoft Corporation - Application d'ouverture de session Userinit.) -- C:\WINDOWS\system32\Userinit.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\MPK\MPKView.exe" [Enabled] .(.Pas de propriétaire - KGB Monitoring Software.) -- C:\WINDOWS\system32\MPK\MPKView.exe
O47 - AAKE:Key Export SP - "C:\Program Files\WinRAR\WinRAR.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\WinRAR\WinRAR.exe
O47 - AAKE:Key Export SP - "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [Enabled] .(.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O47 - AAKE:Key Export SP - "C:\Program Files\USB Disk Security\USBGuard.exe" [Enabled] .(.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Black Star Sama\keauvo.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Black Star Sama\keauvo.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\DIDDY FILES\Music\iTunesSetup.exe" [Enabled] .(.Apple Inc. - iTunes Installer.) -- D:\DIDDY FILES\Music\iTunesSetup.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\msiexec.exe" [Enabled] .(.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Opera\opera.exe" [Enabled] .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winhgfuxk.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\TEMP\winhgfuxk.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\KALIL\Application Data\mjusbsp\magicJack.exe" [Enabled] .(.magicJack L.P. - magicJack.) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\magicJack.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System3
Rapport de ZHPDiag v1.27.200 par Nicolas Coolman, Update du 04/05/2011
Run by KALIL at 06/05/2011 22:52:03
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
OPIE: Opera v10.63
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 15 Model 2 Stepping 4, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 703 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 2 GB (11%) free of 15 GB
---\\ Logged in mode
Computer Name: A6-C798F0E5A4EB
User Name: KALIL
All Users Names: SUPPORT_388945a0, Lanciné, KALIL, HelpAssistant, Hataké Mai, Christian, Black Star Sama, Administrateur, Adamladiva,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Documents and Settings\KALIL\Application Data
%LocalAppData%=C:\Documents and Settings\KALIL\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\KALIL\Menu Démarrer
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 15 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 24 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08/03/2009 04:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 12:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Processus lancés
[MD5.018857EAD9A077A56AEDFC0E5EF7A24A] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.127F7E762651089A30BFC3D087FD0A74] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [415008]
[MD5.D859A9D2F026CE5804485068FFD6EAF2] - (.Microsoft Corporation - Telnet.) -- C:\WINDOWS\system32\tlntsvr.exe [75264]
[MD5.C6D56542036072D6E3772BAC89EC93FB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [1684992]
[MD5.66EE0A55E6989933B239A6F2DEFE1BAD] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [693152]
[MD5.1BBDC715752A62AA752400F7041DA0B2] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1029120]
[MD5.AA556C0975038AF80F3E9F6041247CDE] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe [399736]
[MD5.0CA8C2E721617AA2F923A8151C96FB33] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008]
[MD5.83D403A42B88AD70E463CB75F5DECB14] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [1188864]
[MD5.ADE63CBD832A9BDD96DCF013496312C5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [645120]
[MD5.9737FC97B5C941F083C4E46CBCCE2D4A] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [735960]
---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation (written by Digital R - Npdsplay dll.) -- C:\Program Files\Opera\Program\Plugins\npdsplay.dll
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation - DRM Store Netscape Plugin.) -- C:\Program Files\Opera\Program\Plugins\npwmsdrm.dll
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\avg_igeared.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [KALIL] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 1.0.30401.0.) -- c:\Program Files\Microsoft Silverlight\npctrl.1.0.30401.0.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.5] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll (.not file.)
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.fr/?gws_rd=ssl
R1 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = google
R1 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/?gws_rd=ssl
R1 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (.not file.)
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [windll] C:\WINDOWS\system32\windotnetsrv.exe (.not file.)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\cdloader2.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\cdloader2.exe
O4 - HKUS\S-1-5-21-515967899-117609710-1606980848-1003\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk . (...) -- C:\Program Files\MsOff2003\OFFICE11\ONENOTEM.EXE (.not file.)
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA0000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Opera.lnk . (.Opera Software.) -- C:\Program Files\Opera\opera.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\magicJack.lnk . (.magicJack L.P..) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\magicJackLoader.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\KALIL\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: Console Java (Sun) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MSOFF2~1\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MSOFF2~1\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D51E5446-64BB-4104-8495-274ED1152AA6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D51E5446-64BB-4104-8495-274ED1152AA6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D51E5446-64BB-4104-8495-274ED1152AA6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\wpdshserviceobj.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (WMPNetworkSvc) - Clé orpheline
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{4A3CF234-6F2E-486B-B205-96232DC58CC5}.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{90034F02-DEC3-45C8-A5C2-9EE4FD670927}.job
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Pas de propriétaire.) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe (.not file.)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys
O41 - Driver: (epfwtdir) . (.ESET - ESET Antivirus Network Redirector.) - C:\Windows\System32\DRIVERS\epfwtdir.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (wceusbsh) . (.Microsoft Corporation - Hôte série USB Windows CE.) - C:\Windows\System32\DRIVERS\wceusbsh.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ASIO4ALL - (.Pas de propriétaire.) [HKLM] -- ASIO4ALL
O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU] -- CodeBlocks
O42 - Logiciel: Drumaxx - (.Image-Line.) [HKLM] -- Drumaxx
O42 - Logiciel: FL Studio 9 - (.Image-Line.) [HKLM] -- FL Studio 9
O42 - Logiciel: Free Video Converter V 2.92 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1
O42 - Logiciel: Hardcore - (.Image-Line.) [HKLM] -- Hardcore
O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] -- KB915865
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM] -- IL Download Manager
O42 - Logiciel: Java(TM) 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050}
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 - (.Microsoft Corporation.) [HKLM] -- {B508B3F1-A24A-32C0-B310-85786919EF28}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote 2003 - (.Microsoft Corporation.) [HKLM] -- {90A1040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Opera 10.63 - (.Opera Software ASA.) [HKLM] -- {87CC8013-56D1-43E1-A0A5-AD406B4EBA95}
O42 - Logiciel: PoiZone - (.Image-Line.) [HKLM] -- PoiZone
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Sakura - (.Image-Line.) [HKLM] -- Sakura
O42 - Logiciel: Sawer - (.Image-Line.) [HKLM] -- Sawer
O42 - Logiciel: SiS 650_651_M650_M652_740 - (.Pas de propriétaire.) [HKLM] -- SiS 650_651_M650_M652_740
O42 - Logiciel: SiS Audio Driver - (.Pas de propriétaire.) [HKLM] -- SiS7012
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2
O42 - Logiciel: Toxic Biohazard - (.Image-Line.) [HKLM] -- Toxic Biohazard
O42 - Logiciel: Transform XP to Vista 3.1 - (.OrdinarySoft.) [HKLM] -- Transform XP to Vista_is1
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Support Tools - (.Microsoft Corporation.) [HKLM] -- {89B078C4-50B0-453E-BF53-3A7E6A0D85FA}
O42 - Logiciel: dBpoweramp Music Converter - (.Illustrate.) [HKLM] -- dBpoweramp Music Converter
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {FAE36873-1941-4076-A9A5-48812B5EA0B7}
O42 - Logiciel: magicJack - (.magicJack L.P..) [HKCU] -- magicJack
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\ASIO4ALL v2 by Wuschel]
[HKCU\Software\ASProtect]
[HKCU\Software\AVG Security Toolbar]
[HKCU\Software\Adobe]
[HKCU\Software\Apcte]
[HKCU\Software\AppDataLow\Avg]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\Avg]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\ESET]
[HKCU\Software\Gabest]
[HKCU\Software\Illustrate]
[HKCU\Software\Image-Line]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KALIL914]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Outsim]
[HKCU\Software\Policies]
[HKCU\Software\SFX TEAM]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SoftVoice]
[HKCU\Software\Usbfix]
[HKCU\Software\Vision Thing]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\epsxe]
[HKCU\Software\talk4free]
[HKCU\Software\tvp]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ASIO]
[HKLM\Software\AVG Security Toolbar]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avg]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Dev-C++]
[HKLM\Software\ESET]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Image-Line]
[HKLM\Software\JavaSoft]
[HKLM\Software\KGB Software]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Mpath]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\Netscape]
[HKLM\Software\Notepad++]
[HKLM\Software\ODBC]
[HKLM\Software\Opera Software]
[HKLM\Software\Outsim]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SiS]
[HKLM\Software\Silicon Integrated Systems Corporation]
[HKLM\Software\TrendMicro]
[HKLM\Software\VST]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\iTinySoft]
[HKLM\Software\knight]
[HKLM\Software\mozilla.org]
[HKLM\Software\zbshareware]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/05/2011 - 15:20:44 - [69632] ----D- C:\Program Files\7-Zip
O43 - CFD: 25/03/2011 - 23:38:16 - [114403041] ----D- C:\Program Files\Adobe
O43 - CFD: 22/03/2011 - 11:10:02 - [1744414] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 23/03/2011 - 17:48:12 - [487603] ----D- C:\Program Files\ASIO4ALL v2
O43 - CFD: 27/01/2011 - 08:57:40 - [669459] ----D- C:\Program Files\Bonjour
O43 - CFD: 01/04/2011 - 17:00:14 - [112959363] ----D- C:\Program Files\CodeBlocks
O43 - CFD: 14/12/2010 - 06:46:40 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 04/05/2011 - 16:17:36 - [38823490] ----D- C:\Program Files\ESET
O43 - CFD: 25/03/2011 - 23:38:16 - [405481077] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 29/03/2011 - 20:39:20 - [11369838] ----D- C:\Program Files\Free Video Converter
O43 - CFD: 02/05/2011 - 13:02:28 - [126436327] ----D- C:\Program Files\GIMP-2.0
O43 - CFD: 30/04/2011 - 13:57:12 - [10814407] ----D- C:\Program Files\Illustrate
O43 - CFD: 22/03/2011 - 16:42:24 - [498352589] ----D- C:\Program Files\Image-Line
O43 - CFD: 07/01/2011 - 13:53:46 - [5726375] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 07/01/2011 - 13:54:18 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 01/05/2011 - 10:44:20 - [129926415] ----D- C:\Program Files\iTunes
O43 - CFD: 14/12/2010 - 06:53:00 - [73682975] ----D- C:\Program Files\Java
O43 - CFD: 21/02/2011 - 00:30:26 - [3438173] ----D- C:\Program Files\Messenger
O43 - CFD: 14/12/2010 - 06:55:24 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 23/03/2011 - 09:27:42 - [483012451] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 21/12/2010 - 22:54:20 - [3140072] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 16/12/2010 - 20:58:44 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 16/12/2010 - 20:52:00 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 16/12/2010 - 20:59:18 - [3178824] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 16/12/2010 - 20:57:40 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 14/12/2010 - 06:48:26 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 22/03/2011 - 11:09:56 - [29589058] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 16/12/2010 - 20:59:04 - [764] ----D- C:\Program Files\MSBuild
O43 - CFD: 14/12/2010 - 07:45:38 - [0] ----D- C:\Program Files\MSECache
O43 - CFD: 14/12/2010 - 06:45:58 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 02/03/2011 - 15:48:44 - [15698448] ----D- C:\Program Files\MsOff2003
O43 - CFD: 14/12/2010 - 06:48:40 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 22/03/2011 - 11:11:32 - [10586939] ----D- C:\Program Files\Notepad++
O43 - CFD: 06/05/2011 - 15:13:28 - [24342103] ----D- C:\Program Files\Opera
O43 - CFD: 14/12/2010 - 06:48:36 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 15/12/2010 - 19:55:12 - [7888909] ----D- C:\Program Files\Outsim
O43 - CFD: 22/03/2011 - 11:12:10 - [82367175] ----D- C:\Program Files\QuickTime
O43 - CFD: 14/12/2010 - 06:49:18 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 14/12/2010 - 11:29:30 - [0] ----D- C:\Program Files\SiS7012
O43 - CFD: 25/03/2011 - 19:14:00 - [1451419] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 23/03/2011 - 07:16:28 - [8444549] ----D- C:\Program Files\Support Tools
O43 - CFD: 29/03/2011 - 20:45:28 - [22155116] ----D- C:\Program Files\Transform XP to Vista
O43 - CFD: 14/12/2010 - 07:05:52 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 28/03/2011 - 23:08:12 - [12325318] ----D- C:\Program Files\USB Disk Security
O43 - CFD: 06/05/2011 - 15:47:48 - [399736] ----D- C:\Program Files\uTorrent
O43 - CFD: 21/02/2011 - 07:45:04 - [195349171] ----D- C:\Program Files\VideoLAN
O43 - CFD: 22/03/2011 - 16:42:44 - [5351424] ----D- C:\Program Files\VstPlugins
O43 - CFD: 21/12/2010 - 22:55:36 - [3573390] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 25/01/2011 - 01:01:06 - [6198980] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 21/12/2010 - 22:56:02 - [3909887] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/12/2010 - 06:49:24 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 25/03/2011 - 19:40:32 - [4167463] ----D- C:\Program Files\WinRAR
O43 - CFD: 14/12/2010 - 06:55:24 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 06/05/2011 - 22:52:10 - [3803304] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 25/03/2011 - 23:38:44 - [3659245] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 07/01/2011 - 13:54:16 - [94104016] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 23/03/2011 - 17:46:34 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 14/12/2010 - 11:29:06 - [1738982] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 14/12/2010 - 06:52:30 - [25378745] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 23/03/2011 - 17:46:38 - [235264726] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 14/12/2010 - 06:48:36 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 14/12/2010 - 07:40:20 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 14/12/2010 - 06:48:40 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 14/12/2010 - 07:40:16 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 23/03/2011 - 09:35:12 - [41162892] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 14/12/2010 - 12:30:38 - [41937] ----D- C:\Documents and Settings\KALIL\Application Data\Adobe
O43 - CFD: 07/01/2011 - 17:55:54 - [178113] ----D- C:\Documents and Settings\KALIL\Application Data\Apple Computer
O43 - CFD: 03/04/2011 - 01:02:32 - [21347] ----D- C:\Documents and Settings\KALIL\Application Data\codeblocks
O43 - CFD: 02/03/2011 - 10:48:42 - [199] ----D- C:\Documents and Settings\KALIL\Application Data\dvdcss
O43 - CFD: 20/04/2011 - 10:05:58 - [3174] ----D- C:\Documents and Settings\KALIL\Application Data\FreeVideoConverter
O43 - CFD: 02/05/2011 - 15:53:34 - [167] ----D- C:\Documents and Settings\KALIL\Application Data\gtk-2.0
O43 - CFD: 14/12/2010 - 07:05:56 - [0] ----D- C:\Documents and Settings\KALIL\Application Data\Identities
O43 - CFD: 16/12/2010 - 22:15:30 - [405] ----D- C:\Documents and Settings\KALIL\Application Data\Macromedia
O43 - CFD: 06/05/2011 - 14:45:14 - [1492793] -S--D- C:\Documents and Settings\KALIL\Application Data\Microsoft
O43 - CFD: 06/05/2011 - 22:18:08 - [83091574] ----D- C:\Documents and Settings\KALIL\Application Data\mjusbsp
O43 - CFD: 23/03/2011 - 07:03:52 - [984301] ----D- C:\Documents and Settings\KALIL\Application Data\Mozilla
O43 - CFD: 14/03/2011 - 15:25:38 - [235302] ----D- C:\Documents and Settings\KALIL\Application Data\Notepad++
O43 - CFD: 06/05/2011 - 15:13:44 - [79693] ----D- C:\Documents and Settings\KALIL\Application Data\Opera
O43 - CFD: 14/12/2010 - 06:52:22 - [15794510] ----D- C:\Documents and Settings\KALIL\Application Data\Sun
O43 - CFD: 06/05/2011 - 22:48:12 - [14910] ----D- C:\Documents and Settings\KALIL\Application Data\uTorrent
O43 - CFD: 04/04/2011 - 12:19:14 - [31520840] ----D- C:\Documents and Settings\KALIL\Application Data\vlc
O43 - CFD: 14/12/2010 - 07:15:10 - [12] ----D- C:\Documents and Settings\KALIL\Application Data\WinRAR
O43 - CFD: 28/03/2011 - 23:08:18 - [0] ----D- C:\Documents and Settings\KALIL\Application Data\Zbshareware Lab
O43 - CFD: 14/12/2010 - 11:23:04 - [14817366] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Adobe
O43 - CFD: 14/01/2011 - 22:22:04 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Apple
O43 - CFD: 07/01/2011 - 17:54:50 - [51235] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Apple Computer
O43 - CFD: 26/03/2011 - 00:25:50 - [307822109] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\ESET
O43 - CFD: 06/05/2011 - 15:21:28 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\magicJack
O43 - CFD: 19/04/2011 - 00:39:54 - [12716266] -S--D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Microsoft
O43 - CFD: 16/12/2010 - 20:50:56 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Microsoft Help
O43 - CFD: 23/03/2011 - 07:03:38 - [21893451] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Mozilla
O43 - CFD: 06/05/2011 - 15:13:44 - [588232] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Opera
O43 - CFD: 14/12/2010 - 12:30:38 - [0] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\Temp
O43 - CFD: 06/05/2011 - 20:23:34 - [152] ----D- C:\Documents and Settings\KALIL\Local Settings\Application Data\tjnet
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 21:39:03 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [425904]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/05/2011 - 21:38:15 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 21:38:14 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 21:37:58 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 06/05/2011 - 21:37:39 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.D0DB9B4117007572B26E97D2FB573F4C] - 06/05/2011 - 21:03:19 ---A- . (...) -- C:\WINDOWS\setupapi.log [930391]
O44 - LFC:[MD5.1CEF1200E915817C00DCFD7FF0EF1200] - 06/05/2011 - 10:58:41 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32604]
O44 - LFC:[MD5.26B136431E1DB1FDCDDE630923E89DAF] - 04/05/2011 - 15:23:48 ---A- . (...) -- C:\UsbFix.txt [3708]
O44 - LFC:[MD5.78967D6E1070AEDA3A6335600492A76D] - 04/05/2011 - 15:23:37 ---A- . (...) -- C:\UsbFix_Upload_Me_A6-C798F0E5A4EB.zip [83309247]
O44 - LFC:[MD5.E8B829D1C03F0D9E9D393CDD8933CF54] - 01/05/2011 - 21:47:39 ---A- . (...) -- C:\WINDOWS\win.ini [782]
O44 - LFC:[MD5.AE92EE7B5545D269BC152475F4EFE80E] - 30/04/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.dat [15341]
O44 - LFC:[MD5.D6922010290421259122B09CA64D7E02] - 30/04/2011 - 12:56:53 ---A- . (...) -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.bmp [33846]
O44 - LFC:[MD5.6173E1BA159322C31815FD4BFE11FAE8] - 29/04/2011 - 14:25:32 ---A- . (...) -- C:\WINDOWS\System32\SpoonUninstall.exe [5731048]
O44 - LFC:[MD5.17FEFBBDB93033CEA89F7CB4AFF3D318] - 22/04/2011 - 22:49:04 ---A- . (...) -- C:\WINDOWS\comsetup.log [30559]
O44 - LFC:[MD5.AF25A08CC26C35260E9BF38CF66D8F83] - 22/04/2011 - 22:49:04 ---A- . (...) -- C:\WINDOWS\iis6.log [89232]
O44 - LFC:[MD5.33C239ECF6DC6BE896E29563BC4C1E5A] - 22/04/2011 - 22:49:04 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [18259]
O44 - LFC:[MD5.FD7C937E12BE8634892C9226F3024393] - 22/04/2011 - 22:49:03 ---A- . (...) -- C:\WINDOWS\imsins.log [1917]
O44 - LFC:[MD5.75C9A4C58461DBE6D9164FFF76CE0657] - 22/04/2011 - 22:49:03 ---A- . (...) -- C:\WINDOWS\tabletoc.log [3118]
O44 - LFC:[MD5.325551FE17002F53ED75C1225FF07A03] - 22/04/2011 - 22:49:03 ---A- . (...) -- C:\WINDOWS\tsoc.log [36660]
O44 - LFC:[MD5.4674C2581D1DE6724F36EAE67274BC6D] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [5507]
O44 - LFC:[MD5.CC50A990E9EAAC8423DA8BDB10127549] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\msgsocm.log [3575]
O44 - LFC:[MD5.A78DA50520ECDDAAF4A635C431FA9389] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\netfxocm.log [11833]
O44 - LFC:[MD5.AD98E8DDE3C24C3A57816A36089BB467] - 22/04/2011 - 22:49:01 ---A- . (...) -- C:\WINDOWS\ocgen.log [74079]
O44 - LFC:[MD5.138E3D8EDA0C29CC5CE1E8039C9EDF23] - 22/04/2011 - 22:49:00 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [51565]
O44 - LFC:[MD5.A2FC287381FC0454FE09B58D2D3331C2] - 22/04/2011 - 22:47:57 ---A- . (...) -- C:\WINDOWS\msmqinst.log [21738]
O44 - LFC:[MD5.80BC5ABD41CE47900DC0B1E4D510A80F] - 09/04/2011 - 05:08:37 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1891]
O44 - LFC:[MD5.D7164A356033F64FF80D21E8129B8BC8] - 08/04/2011 - 13:58:50 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2206]
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "D:\DIDDY FILES\Drawing\LOGICIELS\gimp_2.6.8-i686-setup.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- D:\DIDDY FILES\Drawing\LOGICIELS\gimp_2.6.8-i686-setup.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\Explorer.EXE" [Enabled] .(.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe
O47 - AAKE:Key Export SP - "D:\MAGASS KALIL\MsOFFICE7\OFF 2007 YAHNE (G)\SETUP.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Setup Bootstrapper.) -- D:\MAGASS KALIL\MsOFFICE7\OFF 2007 YAHNE (G)\SETUP.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Media Player\WMPEnc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Media Player\WMPEnc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Media Player\WMPNetwk.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\DIDDY FILES\Drawing\SOFTWARE\epsxe160\ePSXe.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- D:\DIDDY FILES\Drawing\SOFTWARE\epsxe160\ePSXe.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ctfmon.exe" [Enabled] .(.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [Enabled] .(.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [Enabled] .(.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe" [Enabled] .(.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\vlc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Media Player\wmplayer.exe" [Enabled] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\SuperCopier2\SuperCopier2.exe" [Enabled] .(.SFX TEAM - SuperCopier 2 (explorer file copy replacement).) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Black Star Sama\Bureau\Commando\COMANDOS.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Black Star Sama\Bureau\Commando\COMANDOS.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Notepad++\notepad++.exe" [Enabled] .(.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) -- C:\Program Files\Notepad++\notepad++.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Black Star Sama\Mes documents\JUNIOR\Tlechargements\GAMES\Commando\COMANDOS.EXE" [Enabled] .(.Pas de propriétaireC:\Documents and Settings\Black Star Sama\Mes documents\JUNIOR\Tlechargements\GAMES\Com
O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Documents\Commando\COMANDOS.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\All Users\Documents\Commando\COMANDOS.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\UsbFix\UsbFix.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\UsbFix\UsbFix.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "F:\FunnyVideos.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- F:\FunnyVideos.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Ninja\ninja.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Ninja\ninja.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\windotnetsrv.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\windotnetsrv.exe (.not file.)
O47 - AAKE:Key Export SP - "G:\OMGAUDIO\OMGAUDIO.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- G:\OMGAUDIO\OMGAUDIO.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\QuickTime\QTTask.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\QuickTime\QTTask.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Image-Line\FL Studio 9\FL.exe" [Enabled] .(.Image-Line - FL Studio engine launcher.) -- C:\Program Files\Image-Line\FL Studio 9\FL.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunesHelper.exe" [Enabled] .(.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Total Video Converter\tvc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Total Video Converter\tvc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\winmine.exe" [Enabled] .(.Microsoft Corporation - Jeu Démineur du pack Entertainment.) -- C:\WINDOWS\system32\winmine.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" [Enabled] .(.Microsoft Corporation - Office Source Engine.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Audacity\audacity.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Audacity\audacity.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\netsh.exe" [Enabled] .(.Microsoft Corporation - Invite de commandes réseau.) -- C:\WINDOWS\system32\netsh.exe
O47 - AAKE:Key Export SP - "C:\Program Files\MsOff2003\OFFICE11\ONENOTEM.EXE" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\MsOff2003\OFFICE11\ONENOTEM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\WINWORD.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files\Microsoft Office\Office12\WINWORD.exe
O47 - AAKE:Key Export SP - "C:\PROGRA~1\AVG\AVG9\avgtray.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\AVG\AVG9\avgtray.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\MPK\MPK.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\MPK\MPK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG9\avgcmgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AVG\AVG9\avgcmgr.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\Userinit.exe" [Enabled] .(.Microsoft Corporation - Application d'ouverture de session Userinit.) -- C:\WINDOWS\system32\Userinit.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\MPK\MPKView.exe" [Enabled] .(.Pas de propriétaire - KGB Monitoring Software.) -- C:\WINDOWS\system32\MPK\MPKView.exe
O47 - AAKE:Key Export SP - "C:\Program Files\WinRAR\WinRAR.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\WinRAR\WinRAR.exe
O47 - AAKE:Key Export SP - "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [Enabled] .(.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O47 - AAKE:Key Export SP - "C:\Program Files\USB Disk Security\USBGuard.exe" [Enabled] .(.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Black Star Sama\keauvo.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Black Star Sama\keauvo.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\DIDDY FILES\Music\iTunesSetup.exe" [Enabled] .(.Apple Inc. - iTunes Installer.) -- D:\DIDDY FILES\Music\iTunesSetup.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\msiexec.exe" [Enabled] .(.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Opera\opera.exe" [Enabled] .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winhgfuxk.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\TEMP\winhgfuxk.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\KALIL\Application Data\mjusbsp\magicJack.exe" [Enabled] .(.magicJack L.P. - magicJack.) -- C:\Documents and Settings\KALIL\Application Data\mjusbsp\magicJack.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System3
A voir également:
- Probleme virus pc
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Whatsapp pc - Télécharger - Messagerie
- Double ecran pc - Guide
3 réponses
ayinko
Messages postés
2
Date d'inscription
vendredi 6 mai 2011
Statut
Membre
Dernière intervention
6 mai 2011
6 mai 2011 à 23:29
6 mai 2011 à 23:29
Si ce n'est un virus, une surcharge de ton disque dur, alors ce dernier est foutu.
peinxy
Messages postés
54
Date d'inscription
jeudi 31 juillet 2008
Statut
Membre
Dernière intervention
6 novembre 2011
3
7 mai 2011 à 08:30
7 mai 2011 à 08:30
bonjour Clz j'arrive pas à telecharger ce antivirus