Sujet Précédent Sujet Suivant

Trojan persistant

Résolu/Fermé
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 - 28 juil. 2011 à 15:17
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 - 1 août 2011 à 17:20
Bonjour,

mon ordi galère depuis quelques temps: déconnexion, bips intempestifs, ramage outre mesure (l'écran de veille galère, impossible d'accéder au gestionnaire des tâches...) etc...

Il semblerait que cela provienne du trojan win32.Delf.uc

En effet spybot le détecte à chaque fois:
Win32.Delf.uc: [SBI $88B8013A] Réglages (Valeur du Registre, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\??\C:\WINDOWS\system32\winlogon.exe

J'ai tenté de résoudre mon problème en surfant mais je n'ai rien trouvé d'assez clair.

Y aurait-il une âme charitable pour m'éviter d'utiliser mon marteau et mon ordi, l'interaction risquant d'être facheuse pour l'ordi?


Merci

A voir également:

38 réponses

  • 1
  • 2
Réponse 1 / 38
Utilisateur anonyme
28 juil. 2011 à 15:26
Bonjour
* Télécharge ZHPDiag (de Nicolas Coolman)
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
Héberge le rapport ICI
0
Réponse 2 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 16:23
Salut Jawa,

merci de t'intéresser à ce sujet, seulement je ne parviens pas à envoyer le fichier sur
ton lien (quand je fais envoyer je suis déconnecté).
0
Réponse 3 / 38
Utilisateur anonyme
28 juil. 2011 à 16:33
essaye ici
http://www.cijoint.fr/
0
Réponse 4 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 16:37
ben ça me fait la même:La connexion a été réinitialisée

ça commence fort!!! ^^'
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 38
Utilisateur anonyme
28 juil. 2011 à 16:40
poste le en plusieurs fois ici
0
Réponse 6 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 16:50
Rapport de ZHPDiag v1.28.01 par Nicolas Coolman, Update du 27/07/2011
Run by remy at 28/07/2011 16:06:03
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 5.0 v

---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2042 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 32 GB (54%) free of 60 GB

---\\ Logged in mode
~ Computer Name: REMY
~ User Name: remy
~ All Users Names: SUPPORT_388945a0, remy, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ %AppData%=C:\Documents and Settings\remy\Application Data\
~ %Desktop%=C:\Documents and Settings\remy\Bureau\
~ %Favorites%=C:\Documents and Settings\remy\Favoris\
~ %LocalAppData%=C:\Documents and Settings\remy\Local Settings\Application Data\
~ %StartMenu%=C:\Documents and Settings\remy\Menu Démarrer\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 60 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 90 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.28/07/2011 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.28/07/2011 - 18:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.28/07/2011 - 03:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.28/07/2011 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.28/07/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.28/07/2011 - 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 5/5 (Modified)
~ Mes musiques (My Musics) : 18/18 (Modified)
~ Mes Videos (My Videos) : 5/5 (Modified)
~ Mes Favoris (My Favorites) : 8/12
~ Mes Documents (My Documents) : 255/264
~ Mon Bureau (My Desktop) : 2/731
~ Menu demarrer (Programs) : 6/30
~ Scan Hidden Files in 00mn 08s



---\\ Processus lancés
[MD5.A8C1E6FF53FB0628A302843EA5FA5AB6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 266.5.) -- C:\WINDOWS\System32\nvsvc32.exe [156776]
[MD5.7DE3EE7DBEE14C1F8375CB82466C9321] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184]
[MD5.126A16F569122AE00AD3D12EF831D651] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.C12476DE1AFFB1BBA1A48A459CEB3D39] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [53248]
[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728]
[MD5.7E3DEFE771CB451B0FF630BFA435417E] - (.Microsoft Corporation - Mises à jour automatiques.) -- C:\WINDOWS\system32\wuauclt.exe [112640]
[MD5.B0844D746C47FB20CA50ED0BAD09065C] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16861184]
[MD5.61C23465F195FDF5AE5FE342E1692AC7] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1024000]
[MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe [3459712]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.C7144387E236687F8FB3F26FC845A822] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe [3077528]
[MD5.9A4981B7DCAD6175112A3C74A70AB791] - (...) -- C:\Program Files\HotKey_Driver\HotKeyDriver.exe [3633152]
[MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.1195FE2B703B340E05543D0B9C17DE4E] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [663040]
[MD5.4486AD32BB05628967695FCA1BADD46E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.E2724029D3648C2EB226D16678727FA9] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [202256]
[MD5.20840EB3774FCBA636857902B3FA0D25] - (.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\RealPlay.exe [488968]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\remy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\remy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ay2rmle3.default\prefs.js
M3 - MFPP: Plugins - [remy] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [remy] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [remy] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [remy] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [remy] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [remy] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [remy] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@bitmanagement.com/BS Contact] - (...) -- C:\Program Files\Bitmanagement Software\BS Contact\npBSContact.dll (.not file.)
P2 - FPN: [HKLM] [@bitmanagement.com/BSVersion,version=1.006] - (...) -- C:\Program Files\Bitmanagement Software\BS Contact\npBSVersion_6.dll (.not file.)
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.3.4.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.4] - (.the VideoLAN Team - Version 1.1.4, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@bitmanagement.com/BS Contact] - (...) -- C:\Program Files\Bitmanagement Software\BS Contact\npBSContact.dll (.not file.)
P2 - FPN: [HKCU] [@bitmanagement.com/BSVersion,version=1.006] - (...) -- C:\Program Files\Bitmanagement Software\BS Contact\npBSVersion_6.dll (.not file.)
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-1123561945-1645522239-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-1123561945-1645522239-839522115-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = live search
R1 - HKUS\S-1-5-21-1123561945-1645522239-839522115-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R1 - HKUS\S-1-5-21-1123561945-1645522239-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 01s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] bthprops.cpl
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [8DDYX0ZBPZ] C:\WINDOWS\TEMP\Lt0.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [8DDYX0ZBPZ] C:\WINDOWS\TEMP\Lt0.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-1123561945-1645522239-839522115-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1123561945-1645522239-839522115-1003\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{9211040C-6000-11D3-8CFE-0050048383C9}\accicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Publisher 2003.lnk . (...) -- C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Word Viewer 2003.lnk . (...) -- C:\WINDOWS\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{9211040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\remy\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\remy\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\remy\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\remy\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
~ Scan Global Startup in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.Microsoft Corporation - Microsoft® VM.) -- C:\WINDOWS\System32\msjava.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\OUTILS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\OUTILS~2\Office12\REFBARH.ICO
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\OUTILS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\OUTILS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Service client pour le fournisseur NetWare et DLL d'authentification.) -- C:\WINDOWS\system32\nwprovau.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: DirectAnimation Java Classes - (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1308335364562
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{362C1219-A795-459D-B53B-DB5DEDFCBA06}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E88FAA10-EC68-4C11-B110-7FFF16C43A39}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{362C1219-A795-459D-B53B-DB5DEDFCBA06}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E88FAA10-EC68-4C11-B110-7FFF16C43A39}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E88FAA10-EC68-4C11-B110-7FFF16C43A39}: DhcpNameServer = 192.168.2.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} . (.Microsoft Corporation - Microsoft SharePoint Portal Server Object M.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\System32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\System32\itss.dll
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: mehioto . (...) -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\mehioto.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 266.5.) - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
~ Scan Services in 00mn 01s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1645522239-839522115-1003.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1645522239-839522115-1003.job
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeLogonTaskS-1-5-21-1123561945-1645522239-839522115-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe
[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeScheduledTaskS-1-5-21-1123561945-1645522239-839522115-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe
~ Scan Scheduled Task in 00mn 01s
0
Réponse 7 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 16:51
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\System32\DRIVERS\tcpip6.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\System32\DRIVERS\wmiacpi.sys
~ Scan Drivers in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: HP Imaging Device Functions 7.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {6994491D-D491-48F1-AE1F-E179C1FFFC2F}
O42 - Logiciel: HP Photosmart, Officejet and Deskjet 7.0.A - (.HP.) [HKLM] -- {BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}
O42 - Logiciel: HP Software Update - (.Hewlett-Packard.) [HKLM] -- {BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
O42 - Logiciel: HP Solution Center 7.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Hercules Wireless N Router Wizard - (.Hercules.) [HKLM] -- {5A0F691A-2066-4041-AB01-418287622596}
O42 - Logiciel: HotKey_Driver - (.Pas de propriétaire.) [HKLM] -- {63F8286A-601D-4B06-BB21-DB863AF17BFA}
O42 - Logiciel: ISI ResearchSoft - Export Helper - (.Pas de propriétaire.) [HKLM] -- ISI ResearchSoft - Export Helper
O42 - Logiciel: JMicron 1394 Filter Driver - (.JMicron Technology Corp..) [HKLM] -- {13C96625-28E4-4c58-ADE0-CDAFC64752EB}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: Java(TM) 6 Update 21 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {918A9082-6287-4D25-9002-5E5D5E4971CB}
O42 - Logiciel: MSXML 6.0 Parser (KB925673) - (.Microsoft Corporation.) [HKLM] -- {FE9126DB-5F84-495A-BB46-3C724F1C2D08}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.0
O42 - Logiciel: Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] -- {15095BF3-A3D7-4DDF-B193-3A496881E003}
O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {FD052FB9-FE90-4438-B355-15EDC89D8FB1}
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.1 - (.Microsoft Corporation.) [HKLM] -- Wdf01001
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9085040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Office XP Professional - (.Microsoft Corporation.) [HKLM] -- {9211040C-6000-11D3-8CFE-0050048383C9}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Xbox 360 Accessories 1.1 - (.Microsoft.) [HKLM] -- {9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F}
O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)
O42 - Logiciel: Mumble 1.2.3 - (.Thorvald Natvig.) [HKLM] -- {E1019541-10A2-464F-A23E-A4F23DA65160}
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
O42 - Logiciel: NVIDIA Pilote audio HD : 1.1.13.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote graphique 266.58 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA nView 135.50 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView
O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager
O42 - Logiciel: Nero Suite - (.Pas de propriétaire.) [HKLM] -- NeroMultiInstaller!UninstallKey
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525}
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2005 Runtime - (.RealNetworks.) [HKLM] -- {026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Skype(TM) 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Communication Foundation - (.Microsoft Corporation.) [HKLM] -- {491DD792-AD81-429C-9EB4-86DD3D22E333}
O42 - Logiciel: Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) - (.Advanced Micro Devices.) [HKLM] -- 53F13DB4D9611FD63BE580F06F0729BF236ABE68
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840}
O42 - Logiciel: Windows Workflow Foundation - (.Microsoft Corporation.) [HKLM] -- {7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Applications WinDev]
[HKCU\Software\Battle.net]
[HKCU\Software\Bitmanagement Software]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Brother]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Code Sector]
[HKCU\Software\DT Soft]
[HKCU\Software\Deneba]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\EPSON]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\INCAInternet]
[HKCU\Software\ISI ResearchSoft]
[HKCU\Software\Intel]
[HKCU\Software\Interplay Entertainment Corp.]
[HKCU\Software\JavaSoft]
[HKCU\Software\KONICA MINOLTA]
[HKCU\Software\LeaderTech]
[HKCU\Software\LoLBase]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MapInfo]
[HKCU\Software\MediaChance]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Mumble]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\OfferBox]
[HKCU\Software\Official-eMule]
[HKCU\Software\Opendisc]
[HKCU\Software\PDFCreator]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Rapid Eye Entertainment]
[HKCU\Software\Razer]
[HKCU\Software\RealNetworks]
[HKCU\Software\RealVNC]
[HKCU\Software\Realtek]
[HKCU\Software\SHARP]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zattoo Inc.]
[HKCU\Software\Zattoo]
[HKCU\Software\keyhole.com]
[HKCU\Software\roxio]
[HKCU\Software\settings]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alcohol Soft]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Aureal]
[HKLM\Software\BCL Technologies]
[HKLM\Software\Battle.net]
[HKLM\Software\Bethesda Softworks]
[HKLM\Software\Bitmanagement Software]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CA561B]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DT Soft]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EPSON]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hercules]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\HotKey_Disp]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JMicron Technology Corp.]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MicroQuill]
[HKLM\Software\Mindscape]
[HKLM\Software\Monte Cristo]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OfferBox]
[HKLM\Software\Official-eMule]
[HKLM\Software\PDFCreator]
[HKLM\Software\Pando Networks]
[HKLM\Software\Piriform]
[HKLM\Software\PocketSoft]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RTLSetup]
[HKLM\Software\Rapid Eye Entertainment, Inc.]
[HKLM\Software\RealNetworks]
[HKLM\Software\RealVNC]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\Riot Games]
[HKLM\Software\SHARP]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Online Entertainment]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TrendMicro]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Westwood]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
0
Utilisateur anonyme
28 juil. 2011 à 16:59
Il me faudrait la suite du rapport
0
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:05
il y a écrit "syntax error" au dessus de la bulle de text quand je met la suite
0
Réponse 8 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:07
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/08/2010 - 13:46:30 - [202262297] ----D- C:\Program Files\Adobe
O43 - CFD: 21/01/2009 - 16:58:02 - [207924575] ----D- C:\Program Files\Ahead
O43 - CFD: 22/01/2009 - 12:16:40 - [2314004] ----D- C:\Program Files\Alcohol Soft
O43 - CFD: 18/09/2010 - 17:14:06 - [168617465] ----D- C:\Program Files\Alwil Software
O43 - CFD: 13/04/2010 - 17:38:06 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 02/11/2010 - 20:11:26 - [0] ----D- C:\Program Files\Bitmanagement Software
O43 - CFD: 25/02/2010 - 16:58:20 - [98222395] ----D- C:\Program Files\BlackIsle
O43 - CFD: 17/06/2011 - 12:43:58 - [3753504] ----D- C:\Program Files\CCleaner
O43 - CFD: 29/10/2009 - 17:40:00 - [24619886] ----D- C:\Program Files\Common Files
O43 - CFD: 09/01/2009 - 19:26:42 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 04/06/2010 - 14:38:24 - [10308220] ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 27/10/2009 - 12:53:46 - [521128] ----D- C:\Program Files\DIFX
O43 - CFD: 23/04/2011 - 09:45:18 - [97024665] ----D- C:\Program Files\DivX
O43 - CFD: 12/07/2010 - 18:06:44 - [18060048] ----D- C:\Program Files\EndNote
O43 - CFD: 28/07/2011 - 12:11:46 - [584450012] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 20/06/2011 - 20:28:24 - [0] ----D- C:\Program Files\Google
O43 - CFD: 10/08/2010 - 13:46:06 - [17393708] ----D- C:\Program Files\Hercules
O43 - CFD: 06/04/2010 - 22:30:32 - [1731312] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 09/01/2009 - 19:48:20 - [3633152] ----D- C:\Program Files\HotKey_Driver
O43 - CFD: 06/04/2010 - 22:32:58 - [139578688] ----D- C:\Program Files\HP
O43 - CFD: 29/06/2011 - 19:34:28 - [34897439] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 28/07/2011 - 11:17:26 - [40188051] ----D- C:\Program Files\Intel
O43 - CFD: 17/07/2011 - 14:52:32 - [5209345] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 18/01/2011 - 16:22:50 - [155040622] ----D- C:\Program Files\Java
O43 - CFD: 29/06/2011 - 15:24:56 - [4961967093] ----D- C:\Program Files\Jeux
O43 - CFD: 28/07/2011 - 12:31:26 - [3567992] ----D- C:\Program Files\JMicron
O43 - CFD: 28/07/2011 - 10:35:02 - [107101] ----D- C:\Program Files\ma-config.com
O43 - CFD: 28/07/2011 - 10:35:42 - [7576162] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 13/07/2011 - 13:15:12 - [2222183] ----D- C:\Program Files\Messenger
O43 - CFD: 09/01/2009 - 19:29:12 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 15/01/2009 - 20:57:30 - [15517627] ----D- C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 01/12/2009 - 13:09:14 - [90915300] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 11/04/2010 - 11:41:36 - [3178824] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 12/09/2009 - 19:11:48 - [7334344] ----D- C:\Program Files\Microsoft Xbox 360 Accessories
O43 - CFD: 08/04/2009 - 15:17:12 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 13/07/2011 - 13:14:34 - [11350823] ----D- C:\Program Files\Movie Maker
O43 - CFD: 29/06/2011 - 14:30:10 - [35079289] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 12/01/2009 - 23:02:48 - [12167] ----D- C:\Program Files\MSBuild
O43 - CFD: 01/12/2009 - 13:08:56 - [26904610] ----D- C:\Program Files\MSECache
O43 - CFD: 09/01/2009 - 19:26:38 - [31683656] ----D- C:\Program Files\MSN
O43 - CFD: 09/01/2009 - 19:26:30 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 25/05/2011 - 20:08:54 - [32550585] ----D- C:\Program Files\Mumble
O43 - CFD: 13/07/2011 - 13:10:32 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 27/10/2009 - 17:55:40 - [116] ----D- C:\Program Files\nLite
O43 - CFD: 16/01/2009 - 15:48:18 - [0] ----D- C:\Program Files\NRJ
O43 - CFD: 28/07/2011 - 12:41:40 - [429170053] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 27/10/2010 - 14:56:32 - [96600] ----D- C:\Program Files\OfferBox
O43 - CFD: 20/07/2010 - 19:42:20 - [0] ----D- C:\Program Files\OpenOffice.org 2.0
O43 - CFD: 18/01/2011 - 16:33:28 - [6401970] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 13/07/2011 - 13:10:26 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 28/06/2011 - 21:53:42 - [7466286] ----D- C:\Program Files\Pando Networks
0
Réponse 9 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:09
O43 - CFD: 07/09/2009 - 05:57:06 - [21265159] ----D- C:\Program Files\PDFCreator
O43 - CFD: 25/05/2011 - 10:50:16 - [28610] ----D- C:\Program Files\PokerStars.FR
O43 - CFD: 06/11/2010 - 15:04:06 - [11873] ----D- C:\Program Files\PokerStars.NET
O43 - CFD: 28/03/2010 - 19:03:08 - [120098190] ----D- C:\Program Files\Real
O43 - CFD: 09/01/2009 - 19:40:42 - [51548720] ----D- C:\Program Files\Realtek
O43 - CFD: 10/02/2010 - 18:03:18 - [481103] ----D- C:\Program Files\Red Orb Entertainment
O43 - CFD: 12/01/2009 - 23:00:22 - [24296362] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 09/01/2009 - 19:26:38 - [2679] ----D- C:\Program Files\Services en ligne
0
Réponse 10 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:10
O43 - CFD: 25/05/2011 - 10:53:06 - [0] ----D- C:\Program Files\SimpleOCR
O43 - CFD: 19/06/2011 - 22:31:06 - [19051375] R---D- C:\Program Files\Skype
O43 - CFD: 22/05/2011 - 22:48:34 - [71383829] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 09/01/2009 - 19:46:58 - [32229475] ----D- C:\Program Files\Synaptics
O43 - CFD: 01/11/2009 - 20:50:58 - [1117297] ----D- C:\Program Files\SystemRequirementsLab
O43 - CFD: 30/01/2009 - 19:28:52 - [1211100] ----D- C:\Program Files\Ubi Soft
O43 - CFD: 09/01/2009 - 19:32:48 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 16/01/2009 - 15:23:08 - [83529108] ----D- C:\Program Files\VideoLAN
O43 - CFD: 29/06/2011 - 14:37:32 - [6812742] ----D- C:\Program Files\VS Revo Group
O43 - CFD: 13/07/2011 - 13:15:06 - [6563765] ----D- C:\Program Files\Windows Media Player
0
Réponse 11 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:13
O43 - CFD: 13/07/2011 - 13:10:26 - [3938047] ----D- C:\Program Files\Windows NT
0
Réponse 12 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:15
là il y a une ligne avec windows update que je peux pas coller ici (syntax error)
0
Réponse 13 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:16
O43 - CFD: 20/02/2009 - 15:20:38 - [3525705] ----D- C:\Program Files\WinRAR
O43 - CFD: 09/01/2009 - 19:29:12 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 27/04/2009 - 11:29:20 - [0] ----D- C:\Program Files\Xper2_1.92
O43 - CFD: 31/01/2011 - 20:17:48 - [1760428] ----D- C:\Program Files\Zattoo4
O43 - CFD: 28/07/2011 - 16:06:20 - [4085726] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 29/10/2009 - 17:40:00 - [24619886] ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 03/11/2010 - 20:06:12 - [6247934] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 10/08/2010 - 13:46:30 - [29774735] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 21/01/2009 - 16:54:36 - [29663083] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 13/04/2010 - 17:38:16 - [54774793] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 03/03/2011 - 09:34:34 - [0] ----D- C:\Program Files\Fichiers Communs\Blizzard Entertainment
O43 - CFD: 28/01/2009 - 12:32:32 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD: 11/01/2009 - 00:19:24 - [3145] ----D- C:\Program Files\Fichiers Communs\DirectX
O43 - CFD: 19/07/2010 - 12:29:52 - [24006656] ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD: 06/04/2010 - 22:30:06 - [457237] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 06/04/2010 - 22:33:02 - [2374144] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 18/04/2009 - 20:44:50 - [10708087] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 28/07/2011 - 12:11:46 - [2885904] ----D- C:\Program Files\Fichiers Communs\Intel(2)
O43 - CFD: 18/01/2011 - 16:22:10 - [32336616] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 21/01/2009 - 16:58:56 - [4148573] ----D- C:\Program Files\Fichiers Communs\LightScribe
O43 - CFD: 20/07/2010 - 19:48:22 - [0] ----D- C:\Program Files\Fichiers Communs\Logitech
O43 - CFD: 11/04/2010 - 11:44:14 - [309523934] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 09/01/2009 - 19:27:18 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 21/01/2009 - 16:57:26 - [2252377] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 09/01/2009 - 19:21:02 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 28/03/2010 - 19:03:22 - [21486540] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 05/03/2009 - 18:07:12 - [617720] ----D- C:\Program Files\Fichiers Communs\Risxtd
O43 - CFD: 09/01/2009 - 19:27:26 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 14/05/2011 - 22:23:40 - [2254216] ----D- C:\Program Files\Fichiers Communs\Skype
O43 - CFD: 09/01/2009 - 19:21:00 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 14/07/2009 - 17:11:06 - [139264] ----D- C:\Program Files\Fichiers Communs\SWF Studio
O43 - CFD: 13/07/2011 - 13:10:22 - [46268595] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 28/03/2010 - 19:03:00 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 08/03/2009 - 15:37:44 - [8692] ----D- C:\Program Files\Fichiers Communs\XpressUpdate
O43 - CFD: 13/02/2010 - 13:22:58 - [118749] ----D- C:\Documents and Settings\remy\Application Data\.ABC
O43 - CFD: 22/05/2011 - 21:20:32 - [18318992] --H-D- C:\Documents and Settings\remy\Application Data\Adobe
O43 - CFD: 20/01/2009 - 13:01:42 - [0] --H-D- C:\Documents and Settings\remy\Application Data\AdobeUM
O43 - CFD: 09/04/2010 - 10:32:18 - [1145924] --H-D- C:\Documents and Settings\remy\Application Data\Ahead
O43 - CFD: 19/07/2010 - 12:28:06 - [2378] --H-D- C:\Documents and Settings\remy\Application Data\Apple Computer
O43 - CFD: 15/02/2010 - 18:03:52 - [105236] --H-D- C:\Documents and Settings\remy\Application Data\Bioshock
O43 - CFD: 02/12/2009 - 16:09:46 - [0] R-H-D- C:\Documents and Settings\remy\Application Data\Brother
O43 - CFD: 04/06/2010 - 14:42:12 - [2087] --H-D- C:\Documents and Settings\remy\Application Data\DAEMON Tools Lite
O43 - CFD: 04/06/2010 - 14:27:54 - [1277] --H-D- C:\Documents and Settings\remy\Application Data\DAEMON Tools Pro
O43 - CFD: 24/01/2011 - 21:38:06 - [21386] --H-D- C:\Documents and Settings\remy\Application Data\DarkBls
O43 - CFD: 19/07/2010 - 13:26:04 - [186368] --H-D- C:\Documents and Settings\remy\Application Data\DivX
O43 - CFD: 17/10/2010 - 19:15:30 - [199] --H-D- C:\Documents and Settings\remy\Application Data\dvdcss
O43 - CFD: 19/10/2009 - 13:48:12 - [207769] --H-D- C:\Documents and Settings\remy\Application Data\EndNote
O43 - CFD: 09/03/2009 - 13:22:06 - [25118] --H-D- C:\Documents and Settings\remy\Application Data\Google
O43 - CFD: 08/10/2009 - 15:54:02 - [168] --H-D- C:\Documents and Settings\remy\Application Data\gtk-2.0
O43 - CFD: 22/02/2009 - 20:59:22 - [0] --H-D- C:\Documents and Settings\remy\Application Data\Help
O43 - CFD: 06/04/2010 - 22:34:12 - [34188] --H-D- C:\Documents and Settings\remy\Application Data\HP
O43 - CFD: 09/01/2009 - 19:32:50 - [0] --H-D- C:\Documents and Settings\remy\Application Data\Identities
O43 - CFD: 12/08/2010 - 12:50:40 - [921864] --H-D- C:\Documents and Settings\remy\Application Data\Image Zone Express
O43 - CFD: 09/01/2009 - 19:45:50 - [0] --H-D- C:\Documents and Settings\remy\Application Data\InstallShield
O43 - CFD: 28/07/2011 - 12:11:40 - [0] ----D- C:\Documents and Settings\remy\Application Data\Intel
O43 - CFD: 28/07/2011 - 12:11:40 - [31818] ----D- C:\Documents and Settings\remy\Application Data\Intel(2)
O43 - CFD: 28/07/2011 - 12:11:40 - [0] ----D- C:\Documents and Settings\remy\Application Data\Intel.sav
O43 - CFD: 29/01/2011 - 12:16:08 - [0] --H-D- C:\Documents and Settings\remy\Application Data\LolClient
O43 - CFD: 10/01/2009 - 13:11:42 - [64837] --H-D- C:\Documents and Settings\remy\Application Data\Macromedia
O43 - CFD: 27/06/2011 - 14:13:42 - [187206] ----D- C:\Documents and Settings\remy\Application Data\Malwarebytes
O43 - CFD: 04/08/2009 - 14:12:20 - [271531] --H-D- C:\Documents and Settings\remy\Application Data\MapInfo
O43 - CFD: 26/01/2009 - 19:27:28 - [872] --H-D- C:\Documents and Settings\remy\Application Data\Megaupload
O43 - CFD: 25/05/2011 - 20:16:26 - [73961217] -S--D- C:\Documents and Settings\remy\Application Data\Microsoft
O43 - CFD: 27/01/2009 - 16:34:34 - [22292553] --H-D- C:\Documents and Settings\remy\Application Data\Mozilla
O43 - CFD: 01/07/2009 - 14:22:18 - [3096] --H-D- C:\Documents and Settings\remy\Application Data\MSN6
O43 - CFD: 07/07/2011 - 19:33:10 - [201404] ----D- C:\Documents and Settings\remy\Application Data\Mumble
O43 - CFD: 27/10/2010 - 14:56:34 - [122] --H-D- C:\Documents and Settings\remy\Application Data\OfferBox
O43 - CFD: 30/01/2010 - 15:43:54 - [711566] --H-D- C:\Documents and Settings\remy\Application Data\OpenArena
O43 - CFD: 18/01/2011 - 16:25:58 - [2282562] --H-D- C:\Documents and Settings\remy\Application Data\OpenOffice.org
O43 - CFD: 31/03/2010 - 08:43:14 - [2555139] --H-D- C:\Documents and Settings\remy\Application Data\OpenOffice.org2
O43 - CFD: 08/03/2009 - 15:35:06 - [2337] --H-D- C:\Documents and Settings\remy\Application Data\PixelPlanet
O43 - CFD: 18/02/2009 - 10:20:32 - [758] --H-D- C:\Documents and Settings\remy\Application Data\QuosaDDM
O43 - CFD: 12/12/2010 - 20:31:48 - [40960485] --H-D- C:\Documents and Settings\remy\Application Data\Real
O43 - CFD: 04/06/2011 - 11:22:00 - [0] ----D- C:\Documents and Settings\remy\Application Data\RegistryKeys
O43 - CFD: 10/10/2009 - 21:42:08 - [10599] R-H-D- C:\Documents and Settings\remy\Application Data\SecuROM
O43 - CFD: 13/07/2011 - 13:42:02 - [5213821] --H-D- C:\Documents and Settings\remy\Application Data\Skype
O43 - CFD: 13/07/2011 - 13:32:30 - [2568] --H-D- C:\Documents and Settings\remy\Application Data\skypePM
O43 - CFD: 21/01/2009 - 16:02:50 - [107097754] --H-D- C:\Documents and Settings\remy\Application Data\Sun
O43 - CFD: 01/11/2009 - 20:50:56 - [1235016] --H-D- C:\Documents and Settings\remy\Application Data\SystemRequirementsLab
O43 - CFD: 15/03/2011 - 11:37:46 - [7425] --H-D- C:\Documents and Settings\remy\Application Data\teamspeak2
O43 - CFD: 22/05/2011 - 21:31:32 - [651] --H-D- C:\Documents and Settings\remy\Application Data\TeraCopy
O43 - CFD: 17/06/2011 - 14:06:40 - [25770] --H-D- C:\Documents and Settings\remy\Application Data\TS3Client
O43 - CFD: 25/07/2011 - 22:00:28 - [1017990] --H-D- C:\Documents and Settings\remy\Application Data\vlc
O43 - CFD: 20/02/2009 - 15:23:18 - [0] --H-D- C:\Documents and Settings\remy\Application Data\WinRAR
O43 - CFD: 20/09/2009 - 13:19:30 - [8448675] --H-D- C:\Documents and Settings\remy\Application Data\XRay Engine
O43 - CFD: 03/11/2010 - 20:05:36 - [600057] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Adobe
O43 - CFD: 22/01/2009 - 11:45:04 - [1950597] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Ahead
O43 - CFD: 13/04/2010 - 17:38:08 - [0] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Apple
O43 - CFD: 13/04/2010 - 17:37:58 - [16484] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Apple Computer
O43 - CFD: 18/09/2010 - 10:33:26 - [53471140] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Bitmanagement Software
O43 - CFD: 20/07/2010 - 19:47:32 - [0] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Deployment
O43 - CFD: 08/03/2009 - 15:34:40 - [10106880] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 12/09/2009 - 19:23:24 - [181] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Fallout3
O43 - CFD: 03/03/2011 - 12:35:16 - [0] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\FalloutNV
O43 - CFD: 20/07/2010 - 21:13:10 - [739543354] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Gas Powered Games
O43 - CFD: 26/04/2011 - 20:56:12 - [18404489] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Google
O43 - CFD: 22/02/2009 - 20:59:22 - [0] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Help
O43 - CFD: 10/01/2009 - 11:58:50 - [48252508] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Identities
O43 - CFD: 28/07/2011 - 00:53:16 - [39733078] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Microsoft
O43 - CFD: 11/04/2010 - 11:38:08 - [0] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Microsoft Help
O43 - CFD: 10/01/2009 - 12:24:36 - [79953882] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Mozilla
O43 - CFD: 26/05/2011 - 15:25:02 - [0] ----D- C:\Documents and Settings\remy\Local Settings\Application Data\Mumble
O43 - CFD: 11/10/2009 - 17:12:40 - [318] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Oblivion
O43 - CFD: 28/07/2011 - 16:08:40 - [302075] ----D- C:\Documents and Settings\remy\Local Settings\Application Data\PMB Files
O43 - CFD: 30/04/2011 - 11:16:22 - [0] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Temp
O43 - CFD: 31/01/2011 - 20:14:32 - [1847517] --H-D- C:\Documents and Settings\remy\Local Settings\Application Data\Zattoo
~ Scan Program Folder in 02mn 29s
0
Réponse 14 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:18
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9653F9357A8A2394754BD07D7F1374F6] - 28/07/2011 - 15:04:27 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.TMP [1084298]
O44 - LFC:[MD5.121DD49A00180330A85AB6A599126594] - 28/07/2011 - 15:04:22 ---A- . (...) -- C:\WINDOWS\Windows Update.log [397699]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2011 - 15:04:10 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.57CC3588F7351538EC9B0E8820B80E1F] - 28/07/2011 - 15:04:00 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.05F7EFE3003CBC020468BBE18C8D6ED0] - 28/07/2011 - 15:03:59 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 28/07/2011 - 15:03:33 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.9B28CEF5B0A555EF335A260095766208] - 28/07/2011 - 15:02:31 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32222]
O44 - LFC:[MD5.DBB01C603654CBC63B800449A6DFCF99] - 28/07/2011 - 14:52:20 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.97D827300E66610FCED5CFC93FBF15F4] - 28/07/2011 - 12:27:47 ---A- . (...) -- C:\WINDOWS\setupapi.log [368422]
O44 - LFC:[MD5.F40AEF3294CDB553E3A1C698B3F68BE2] - 28/07/2011 - 11:39:31 ---A- . (...) -- C:\WINDOWS\System32\nvdrsdb0.bin [252080]
O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 28/07/2011 - 11:39:31 ---A- . (...) -- C:\WINDOWS\System32\nvdrssel.bin [1]
O44 - LFC:[MD5.CB9E58D840542EC45A9153D91DB75CBD] - 28/07/2011 - 11:39:25 ---A- . (...) -- C:\WINDOWS\System32\nvdrsdb1.bin [252080]
O44 - LFC:[MD5.238BAFC11B1F98DFE1D15208A824D504] - 28/07/2011 - 11:33:19 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\WINDOWS\System32\nvgenco32hda.dll [837224]
O44 - LFC:[MD5.4F74154048623BFC43200FE5F41CB652] - 28/07/2011 - 11:33:16 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\WINDOWS\System32\nvdispco322090.dll [941160]
O44 - LFC:[MD5.56DC34D2BE4E540D38209BF13A6333BA] - 28/07/2011 - 11:33:16 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\WINDOWS\System32\nvgenco322040.dll [837736]
O44 - LFC:[MD5.289BD7053FE907BD5059AEF4694D334C] - 28/07/2011 - 11:31:08 ---A- . (.JMicron Technology Corporation - JMCR ICON DLL.) -- C:\WINDOWS\System32\jmcricon.dll [203352]
O44 - LFC:[MD5.07712CEF42A89B76ADB2FC8124FCCD14] - 28/07/2011 - 11:30:32 ---A- . (.JMicron Technology Corp. - OHCI1394 upper filter driver.) -- C:\WINDOWS\System32\drivers\johci.sys [23640]
O44 - LFC:[MD5.2B6ADCC0DD48CD9B1E0FA4F00F312A51] - 28/07/2011 - 10:18:00 ---A- . (...) -- C:\WINDOWS\DPINST.LOG [28858]
O44 - LFC:[MD5.DD4FCDBAE1675410891913074302298A] - 27/07/2011 - 23:59:47 --HA- . (...) -- C:\WINDOWS\System32\wpa.dbl [2206]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/07/2011 - 23:21:56 ---A- . (...) -- C:\WINDOWS\System32\nvdrswr.lk [0]
O44 - LFC:[MD5.71BAB93A233DB5282B5A21BB8D3338C4] - 17/07/2011 - 13:53:19 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [6910]
O44 - LFC:[MD5.BBCBAEE6BFF2D8BF8D945A28127DA91D] - 17/07/2011 - 13:51:31 ---A- . (...) -- C:\WINDOWS\ie8_main.log [36965]
O44 - LFC:[MD5.B802C9A2AD3A4B860CD160F4244CEA19] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\comsetup.log [2063]
O44 - LFC:[MD5.C0C3CCBB207699838C2B8229E455B030] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\ie8.log [42314]
O44 - LFC:[MD5.A456B05D9DD66CADAF99A2E268DC0E06] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\iis6.log [6704]
O44 - LFC:[MD5.D941A467102033C322D2B64299677D07] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.36B74EBE1DBB34014859A998B1B39E0E] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [1247]
O44 - LFC:[MD5.92832CCE32EF6A2DBF4785C8AB575E95] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\ocmsn.log [342]
O44 - LFC:[MD5.D0E42457EC23DD8940D8B33D317AA248] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\tabletoc.log [311]
O44 - LFC:[MD5.C397CEF0C0C3496529C9EFE26FB469DB] - 17/07/2011 - 13:50:40 ---A- . (...) -- C:\WINDOWS\tsoc.log [2821]
O44 - LFC:[MD5.A2A199FE663C36C04545D5A444E70C60] - 17/07/2011 - 13:50:37 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [425]
O44 - LFC:[MD5.F62B0FEA22637492F1C27D164FAE27DA] - 17/07/2011 - 13:50:37 ---A- . (...) -- C:\WINDOWS\msgsocm.log [309]
O44 - LFC:[MD5.071955B4ADB65D14EA11AF9AF430FCBE] - 17/07/2011 - 13:50:37 ---A- . (...) -- C:\WINDOWS\netfxocm.log [1083]
O44 - LFC:[MD5.2EF3BFEC689D8948AE36DE8FF1957A80] - 17/07/2011 - 13:50:37 ---A- . (...) -- C:\WINDOWS\ocgen.log [2956]
O44 - LFC:[MD5.93E260DC2A61724D61D3303CEF40C026] - 17/07/2011 - 13:50:33 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [6183]
O44 - LFC:[MD5.EFB4EC14D22778535FC6747838030206] - 17/07/2011 - 13:50:28 ---A- . (...) -- C:\WINDOWS\msmqinst.log [1926]
O44 - LFC:[MD5.AC37B6C7FBBE7534286F3F1BBF7F606D] - 17/07/2011 - 13:50:08 ---A- . (...) -- C:\WINDOWS\updspapi.log [16816]
O44 - LFC:[MD5.7E98298BC73D7AB3092716761E237536] - 17/07/2011 - 13:44:31 ---A- . (...) -- C:\WINDOWS\IE9_main.log [1513]
O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 17/07/2011 - 08:45:42 ---A- . (...) -- C:\WINDOWS\setupact.log [60]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/07/2011 - 08:45:42 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 13/07/2011 - 12:27:23 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.E1B29A81106F1339BA82F5379FF571DC] - 13/07/2011 - 12:23:43 --HA- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [249496]
O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 13/07/2011 - 12:06:39 ---A- . (...) -- C:\ntldr [252240]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 13/07/2011 - 11:49:21 ---A- . (...) -- C:\WINDOWS\System32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 13/07/2011 - 11:49:20 ---A- . (...) -- C:\WINDOWS\System32\nscompat.tlb [23392]
O44 - LFC:[MD5.E6EE29152D46FE655268C25C24E0B92C] - 13/07/2011 - 11:42:43 ---A- . (...) -- C:\WINDOWS\System32\spdwnwxp.log [160]
O44 - LFC:[MD5.B40D8F20AB3A6A55AD5D79C0B01F62D7] - 13/07/2011 - 11:09:53 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\System32\slcoinst.dll [73832]
O44 - LFC:[MD5.7C6AD00DCC2074752FBC9DA1611A91D5] - 13/07/2011 - 11:09:52 ---A- . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax [199680]
O44 - LFC:[MD5.21E4FBC5CF171D22B9D132A6E2AE8528] - 13/07/2011 - 11:09:52 ---A- . (.Intel Corporation - Intel Indeo® video IVF Source Filter 5.10.) -- C:\WINDOWS\System32\ivfsrc.ax [154624]
O44 - LFC:[MD5.65B71FF096378B40906D3A6FCC27B6FD] - 13/07/2011 - 11:09:52 ---A- . (.Intel Corporation. - Intel Indeo® Video Interactive Quick Compre.) -- C:\WINDOWS\System32\ir41_qc.dll [120320]
O44 - LFC:[MD5.0C28BCC9A8A9E8CAC62A348D93DE8A46] - 13/07/2011 - 11:09:52 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\System32\slserv.exe [73796]
O44 - LFC:[MD5.2F6D654D679771274A0EC516A9224F00] - 13/07/2011 - 11:09:51 ---A- . (.ATI Technologies Inc. - Central Memory Manager / Queue Server Modul.) -- C:\WINDOWS\System32\ati2cqag.dll [229376]
O44 - LFC:[MD5.836D5968B2F52CB7F5D5ACD7FA982B9F] - 13/07/2011 - 11:09:45 ---A- . (.ATI Technologies Inc. - ATI RAGE 128 WindowsNT Display Driver.) -- C:\WINDOWS\System32\ati2dvaa.dll [377984]
O44 - LFC:[MD5.8CC6AC1A652DE0FF13119D1D218918F3] - 13/07/2011 - 11:09:45 ---A- . (.Intel Corporation. - Intel Indeo® Video Interactive Quick Compre.) -- C:\WINDOWS\System32\ir41_qcx.dll [338432]
O44 - LFC:[MD5.BF844BF9AC3A53C5254F7F09397D3A06] - 13/07/2011 - 11:09:45 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\System32\slgen.dll [188508]
O44 - LFC:[MD5.7E138538B1AD7D5B314BB3B74A822CB2] - 13/07/2011 - 11:09:44 ---A- . (.ATI Technologies Inc. - DA Interface Handler.) -- C:\WINDOWS\System32\ativdaxx.ax [9728]
O44 - LFC:[MD5.0A00EB77B146AF317CC34417BFB5FE39] - 13/07/2011 - 11:09:44 ---A- . (.Intel Corporation. - Intel Indeo® video 5.10 Quick Compressor.) -- C:\WINDOWS\System32\ir50_qcx.dll [183808]
O44 - LFC:[MD5.C47BAC4DDBB10D8CFEA03D8AA16794A3] - 13/07/2011 - 11:09:44 ---A- . (.Smart Link - SLRunDll.) -- C:\WINDOWS\System32\slrundll.exe [32866]
O44 - LFC:[MD5.C47BAC4DDBB10D8CFEA03D8AA16794A3] - 13/07/2011 - 11:09:44 ---A- . (.Smart Link - SLRunDll.) -- C:\WINDOWS\slrundll.exe [32866]
O44 - LFC:[MD5.458E009425505E8E056575CE136B0827] - 13/07/2011 - 11:09:43 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Display Driver.) -- C:\WINDOWS\System32\s3gnb.dll [397056]
O44 - LFC:[MD5.6569EF9A210565C567DBEAC743B5AC05] - 13/07/2011 - 11:09:42 ---A- . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll [755200]
O44 - LFC:[MD5.3098C4767EEA89DA46C13794346C8CF9] - 13/07/2011 - 11:09:40 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Display Driver.) -- C:\WINDOWS\System32\ati2dvag.dll [201728]
O44 - LFC:[MD5.44DFA910D7BA4BFC80E3DD1961F3DF1B] - 13/07/2011 - 11:09:39 ---A- . (.ATI Technologies Inc. - ati3d1ag.dll.) -- C:\WINDOWS\System32\ati3d1ag.dll [870784]
O44 - LFC:[MD5.4AFD4C69DD82EF1265CCF704813C30CC] - 13/07/2011 - 11:09:39 ---A- . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax [848384]
O44 - LFC:[MD5.8C12F9F4F5E294C9E71D638F72409065] - 13/07/2011 - 11:09:39 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Display Driver.) -- C:\WINDOWS\System32\mtxparhd.dll [1737856]
O44 - LFC:[MD5.345E41210A896F43547D7695BEF54136] - 13/07/2011 - 11:09:33 ---A- . (.ATI Technologies Inc. - ati3duag.dll.) -- C:\WINDOWS\System32\ati3duag.dll [1888992]
O44 - LFC:[MD5.00FB054710A6CE8066D5998123F022FE] - 13/07/2011 - 11:09:33 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\System32\slextspk.dll [286792]
O44 - LFC:[MD5.0EC6EE8545D71747DDA4FD38EC44B98C] - 13/07/2011 - 11:09:28 ---A- . (.ATI Technologies Inc. - ATIVmvxx.) -- C:\WINDOWS\System32\ativmvxx.ax [23040]
O44 - LFC:[MD5.0A14EF93631ED1C2C0E567EF3EAAF1D0] - 13/07/2011 - 11:09:27 ---A- . (.ATI Technologies Inc. - ATI Overlay Theater Mode Provider.) -- C:\WINDOWS\System32\ativtmxx.dll [32768]
O44 - LFC:[MD5.3479C3108073A519F88A16C92BBB4B05] - 13/07/2011 - 11:09:27 ---A- . (.Conexant - Diagnostic Interface DLL.) -- C:\WINDOWS\System32\mdmxsdk.dll [86016]
O44 - LFC:[MD5.EFFB71F969A41060087CE219ED5EEA72] - 13/07/2011 - 11:09:27 ---A- . (.Conexant Systems, Inc. - CoInstaller for HSF on W2K.) -- C:\WINDOWS\System32\hsfcisp2.dll [32285]
O44 - LFC:[MD5.E53085E738552D2530CA1164E49E786D] - 13/07/2011 - 11:09:27 ---A- . (.Intel Corporation. - Intel Indeo® video 5.10 Quick Compressor.) -- C:\WINDOWS\System32\ir50_qc.dll [200192]
O44 - LFC:[MD5.6636CBAEE3FED58425288062F2E91D73] - 13/07/2011 - 11:09:26 ---A- . (.ATI Technologies Inc. - Radeon Video Acceleration Universal Driver.) -- C:\WINDOWS\System32\ativvaxx.dll [516768]
O44 - LFC:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/07/2011 - 11:09:25 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\System32\drivers\amdagp.sys [43008]
O44 - LFC:[MD5.EE7E0588072D196FC95486C23B8C6599] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [4255]
O44 - LFC:[MD5.7043187713DBF552D749C6ACCBB23C4E] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [3967]
O44 - LFC:[MD5.F37BBF29CF0EC8C53FA14EAC14679E1A] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [3615]
O44 - LFC:[MD5.4C2D5029D8BD503C6A3A8061782FC69D] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [3647]
O44 - LFC:[MD5.41E0F54F896AC2E891B87736D5778F3C] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [3135]
O44 - LFC:[MD5.26DB5E53D36407180B60C66D96658E2B] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [3711]
O44 - LFC:[MD5.2A1106A5CC3D8F874158E19507634DDB] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [3775]
O44 - LFC:[MD5.11B0477E16133F8754EFA21249387A02] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [21183]
O44 - LFC:[MD5.1039128F6CE28DDDC9B4DD3908B43AFB] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [11359]
O44 - LFC:[MD5.40699BFF6B6B0EB0DBBC9AF5102EEF0F] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [25471]
O44 - LFC:[MD5.A3059BFA93952C2404B555E2476EB52C] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [14143]
O44 - LFC:[MD5.F5DCC193D3C900723487B55581D20D8D] - 13/07/2011 - 11:09:25 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [17279]
O44 - LFC:[MD5.1961E1E4006EAD9E56AAA6A5FA44682D] - 13/07/2011 - 11:09:22 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [15423]
O44 - LFC:[MD5.8FA17AB5A444501179049C7625C6E284] - 13/07/2011 - 11:09:22 ---A- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\siint5.dll [3901]
O44 - LFC:[MD5.370AA6BA1633350C90779E4E9D29BAC6] - 13/07/2011 - 11:09:22 ---A- . (.Intel(R) Corporation - Local Flat Panel Display Minidriver for Int.) -- C:\WINDOWS\System32\drivers\vchnt5.dll [11325]
O44 - LFC:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/07/2011 - 11:09:22 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\System32\drivers\sisagp.sys [40960]
O44 - LFC:[MD5.283EBE4C81D52F2913FAD2AB8F3E467A] - 13/07/2011 - 11:08:49 ---A- . (.Groupe de travail Twain - Gestionnaire de sources Twain_32 (Image Acq.) -- C:\WINDOWS\twain_32.dll [50688]
O44 - LFC:[MD5.9C2A88C08EACA6259154FF1EAD488BF7] - 13/07/2011 - 11:08:45 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\WINDOWS\System32\atmlib.dll [30208]
O44 - LFC:[MD5.6BF0B81D7918B31A6D5B8050D975F889] - 13/07/2011 - 11:08:45 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\WINDOWS\System32\atmfd.dll [285696]
O44 - LFC:[MD5.13130D7F9E908AC3D1CFED36DF50C42C] - 13/07/2011 - 11:08:44 ---A- . (.Pas de propriétaire - Module CompatUI.) -- C:\WINDOWS\System32\compatui.dll [253440]
O44 - LFC:[MD5.7545241123C06AC2162923BEDE6BA3EA] - 13/07/2011 - 11:08:43 ---A- . (.Microsoft - Module Dgnet.) -- C:\WINDOWS\System32\dgnet.dll [115200]
O44 - LFC:[MD5.E6C0D7FF9BA3C54324ED204D9C195618] - 13/07/2011 - 11:08:43 ---A- . (.Microsoft Corp. and Executive Software Inte - Disk Defragmenter Module.) -- C:\WINDOWS\System32\defrag.exe [25088]
O44 - LFC:[MD5.C779611D5AEF1DBA4F77BC6CDB11F2A8] - 13/07/2011 - 11:08:43 ---A- . (.Microsoft Corp. and Executive Software Inte - Disk Defragmenter UI Module.) -- C:\WINDOWS\System32\dfrgui.dll [124416]
O44 - LFC:[MD5.B688CC50AC171058708030D72959B9A0] - 13/07/2011 - 11:08:43 ---A- . (.Microsoft Corp. et Executive Software Inter - Module NTFS du défragmenteur de disque.) -- C:\WINDOWS\System32\dfrgntfs.exe [105472]
O44 - LFC:[MD5.15C66A1FC236C73CA0B9E7521B3C3DF7] - 13/07/2011 - 11:08:43 ---A- . (.Microsoft Corp. et Executive Software Inter - Module Système de fichiers FAT du défragmen.) -- C:\WINDOWS\System32\dfrgfat.exe [82944]
O44 - LFC:[MD5.4EF547A28793FE83870316FFDFF7ACA7] - 13/07/2011 - 11:08:43 ---A- . (.Microsoft Corp. et Executive Software Inter - Module du composant logiciel enfichable de.) -- C:\WINDOWS\System32\dfrgsnap.dll [39936]
O44 - LFC:[MD5.7014AB747CB25E62C5A43CA1D80C8226] - 13/07/2011 - 11:08:41 ---A- . (.Microsoft Corp. - Bibliothèque de l'utilitaire Gestionnaire d.) -- C:\WINDOWS\System32\dmutil.dll [58880]
O44 - LFC:[MD5.6797C23D6B79935482D7F0E8CA5E5B67] - 13/07/2011 - 11:08:41 ---A- . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]
O44 - LFC:[MD5.8698215CEAD786DFD93F3D99CC1D6D09] - 13/07/2011 - 11:08:41 ---A- . (.Microsoft Corp. - Disk Management Snap-in Dialogs.) -- C:\WINDOWS\System32\dmdlgs.dll [285184]
O44 - LFC:[MD5.8EE09E64605430DC9BE76F4134CA39A1] - 13/07/2011 - 11:08:41 ---A- . (.Microsoft Corp. - Disk Management Snap-in Support Library.) -- C:\WINDOWS\System32\dmdskmgr.dll [200704]
O44 - LFC:[MD5.EF3642EC81461FD5997767507FEE39C6] - 13/07/2011 - 11:08:41 ---A- . (.Microsoft Corp. - Logical Disk Manager component.) -- C:\WINDOWS\System32\dmremote.exe [15872]
O44 - LFC:[MD5.EAD2B8AAEB16E538106D295CD7BD7A48] - 13/07/2011 - 11:08:41 ---A- . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) -- C:\WINDOWS\System32\dmadmin.exe [225280]
O44 - LFC:[MD5.6A1D9675F87094A7FAB33A67A4C25F1C] - 13/07/2011 - 11:08:34 ---A- . (.Hilgraeve, Inc. - Bibliothèque d'applications HyperTerminal.) -- C:\WINDOWS\System32\hypertrm.dll [354304]
O44 - LFC:[MD5.71ECBA795A063026843F70F31EF02689] - 13/07/2011 - 11:08:34 ---A- . (.Intel Corporation - ISR Debug 32-bit Engine.) -- C:\WINDOWS\System32\isrdbg32.dll [32768]
O44 - LFC:[MD5.764D61D210C7701A1E56268E705D3DAB] - 13/07/2011 - 11:08:34 ---A- . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll [80384]
O44 - LFC:[MD5.38C52500EF0A6967E2BF85920A3F6426] - 13/07/2011 - 11:08:33 ---A- . (.America Online - JG ART DLL.) -- C:\WINDOWS\System32\jgdw400.dll [163840]
O44 - LFC:[MD5.76E2043E76BD9663B40636873C4E8430] - 13/07/2011 - 11:08:33 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm [290816]
O44 - LFC:[MD5.6AB24F08D2C1DB2631BB020CDCACAB7E] - 13/07/2011 - 11:08:33 ---A- . (.Johnson-Grace Company - JG ART Player DLL.) -- C:\WINDOWS\System32\jgpl400.dll [27648]
O44 - LFC:[MD5.AB980BCDC7145FE8BBFA86A008D30CDF] - 13/07/2011 - 11:08:15 ---A- . (.Intel Corporation - Intel Procedural Textures.) -- C:\WINDOWS\System32\proctexe.ocx [81920]
O44 - LFC:[MD5.BE2D801792146013BCC9CC85AAE6A8EC] - 13/07/2011 - 11:08:13 ---A- . (.Microsoft - Module RegWizCtrl.) -- C:\WINDOWS\System32\regwizc.dll [405504]
O44 - LFC:[MD5.8F0251D9889B2DD54A752A0E03DCA7EB] - 13/07/2011 - 11:08:07 ---A- . (.Schlumberger Technology Corporation - Schlumberger Smart Card Interoperability Li.) -- C:\WINDOWS\System32\slbiop.dll [98304]
O44 - LFC:[MD5.E04D872804A010782B066B3B7B422AD1] - 13/07/2011 - 11:08:07 ---A- . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm [86016]
O44 - LFC:[MD5.5A7C47C9B3F9FB92A66410A7509F0C71] - 13/07/2011 - 11:07:50 ---A- . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496]
O44 - LFC:[MD5.F5DEADD42335FB33EDCA74ECB2F36CBA] - 13/07/2011 - 11:07:50 ---A- . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256]
O44 - LFC:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2011 - 11:07:45 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480]
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 12/07/2011 - 11:08:40 --HA- . (...) -- C:\WINDOWS\NeroDigital.ini [116]
O44 - LFC:[MD5.29C88800C90B2ACF113CBB0C0D0191A0] - 08/01/2011 - 04:27:00 ---A- . (...) -- C:\WINDOWS\System32\nvdata.bin [2292678]
O44 - LFC:[MD5.F6CF34A6513131525242D835542DF1D1] - 08/01/2011 - 04:27:00 ---A- . (...) -- C:\WINDOWS\System32\nvinfo.pb [3630]
O44 - LFC:[MD5.ED7976E65F4A871890C3C9F29614A93E] - 13/04/2008 - 18:50:22 ---A- . (...) -- C:\WINDOWS\System32\dcache.bin [1804]
O44 - LFC:[MD5.C0C641371193A3460604D4A2A2A735B6] - 13/04/2008 - 18:34:32 ---A- . (...) -- C:\WINDOWS\System32\mpeg2data.ax [118272]
O44 - LFC:[MD5.2A5176480B79E542B79D579F94C40C93] - 13/04/2008 - 18:34:32 ---A- . (...) -- C:\WINDOWS\System32\mpg2splt.ax [148992]
O44 - LFC:[MD5.C967434B3D083F9F17F9DB8A1EA0215C] - 13/04/2008 - 18:34:32 ---A- . (...) -- C:\WINDOWS\System32\vbicodec.ax [53248]
O44 - LFC:[MD5.E5973B107FBA818CD99553DBFF2B74BF] - 13/04/2008 - 18:34:32 ---A- . (...) -- C:\WINDOWS\System32\wstpager.ax [164352]
O44 - LFC:[MD5.548E442C489947F1AA62A5A90FDE49D3] - 13/04/2008 - 18:34:32 ---A- . (...) -- C:\WINDOWS\System32\wstrenderer.ax [239616]
O44 - LFC:[MD5.93AD0B78C7357A05F50E594EC7C22300] - 13/04/2008 - 18:34:22 ---A- . (...) -- C:\WINDOWS\System32\rundll32.exe [33792]
O44 - LFC:[MD5.9E243ECD2DE787DE5033F80BF14DF17F] - 13/04/2008 - 18:34:20 ---A- . (...) -- C:\WINDOWS\System32\regsvr32.exe [12288]
O44 - LFC:[MD5.BF6FDA54E1BC0C803736FBA3338CFEC9] - 13/04/2008 - 18:33:40 ---A- . (...) -- C:\WINDOWS\System32\sbe.dll [270848]
O44 - LFC:[MD5.7E6F832605CB5D91D9FE5E20FE6095A4] - 13/04/2008 - 18:33:32 ---A- . (...) -- C:\WINDOWS\System32\msdmo.dll [14336]
O44 - LFC:[MD5.F488C8AB373881E3840D019BB8E9BD7A] - 13/04/2008 - 18:33:24 ---A- . (...) -- C:\WINDOWS\System32\encdec.dll [186880]
O44 - LFC:[MD5.642134EBF688B03F01A20B85780125C5] - 13/04/2008 - 18:33:20 ---A- . (...) -- C:\WINDOWS\System32\amstream.dll [70656]
O44 - LFC:[MD5.0B698BC91749B56C561283519F9EE272] - 13/04/2008 - 09:26:10 ---A- . (...) -- C:\WINDOWS\System32\odbcconf.rsp [4310]
O44 - LFC:[MD5.922DF04AC61B975D90706F7724B03B45] - 13/04/2008 - 09:21:34 ---A- . (...) -- C:\WINDOWS\System32\qedwipes.dll [733696]
O44 - LFC:[MD5.56941A0B61F0488BD4ADA26D8294CB9E] - 29/02/2008 - 01:10:00 ---A- . (...) -- C:\WINDOWS\System32\locale.nls [265948]
O44 - LFC:[MD5.077F067C69073D1EBC84984E7FE5BA44] - 02/04/2007 - 04:49:22 ---A- . (...) -- C:\WINDOWS\System32\msjetoledb40.dll [355112]
O44 - LFC:[MD5.56B8519463F1067AB96FB123B395F948] - 29/12/2006 - 10:08:32 ---A- . (...) -- C:\WINDOWS\System32\sorttbls.nls [23044]
O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 28/12/2006 - 11:01:32 ---A- . (...) -- C:\WINDOWS\003261_.tmp [19569]
O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 28/12/2006 - 11:01:32 ---A- . (...) -- C:\WINDOWS\005432_.tmp [19569]
~ Scan Files in 00mn 45s
0
Réponse 15 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:19
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ Scan ShellExecuteHooks in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\fALLOUT3\Fallout3.exe" [Enabled] .(...) -- C:\Program Files\Jeux\fALLOUT3\Fallout3.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Fallout 3\Fallout3.exe" [Enabled] .(...) -- C:\Program Files\Jeux\Fallout 3\Fallout3.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\java.exe" [Enabled] .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\java.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Silverfall\Silverfall.exe" [Enabled] .(...) -- C:\Program Files\Jeux\Silverfall\Silverfall.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\XpressUpdate\XPressUpdate.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\XpressUpdate\XPressUpdate.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Command and Conquer Generals\patchget.dat" [Enabled] .(...) -- C:\Program Files\Jeux\Command and Conquer Generals\patchget.dat (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Age of Empires\EMPIRESX.EXE" [Enabled] .(...) -- C:\Program Files\Jeux\Age of Empires\EMPIRESX.exe (.not file.)
O47 - AAKE:Key Export SP - "E:\DWizard624.exe" [Enabled] .(...) -- E:\DWizard624.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\S.T.A.L.K.E.R\bin\xrEngine.exe" [Enabled] .(...) -- C:\Program Files\Jeux\S.T.A.L.K.E.R\bin\xrEngine.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\S.T.A.L.K.E.R\bin\dedicated\xrEngine.exe" [Enabled] .(...) -- C:\Program Files\Jeux\S.T.A.L.K.E.R\bin\dedicated\xrEngine.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Warcraft III\Warcraft III.exe" [Enabled] .(...) -- C:\Program Files\Jeux\Warcraft III\Warcraft III.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\remy\Bureau\openarena-0.8.1\openarena.exe" [Enabled] .(...) -- C:\Documents and Settings\remy\Bureau\openarena-0.8.1\openarena.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\ABC\abc.exe" [Enabled] .(...) -- C:\Program Files\ABC\abc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard - HP Scanjet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P. - HP Network Device Rediscovery Service.) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils Microsoft O
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\B&W\runblack.exe" [Enabled] .(...) -- C:\Program Files\Jeux\B&W\runblack.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(...) -- C:\Program Files\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe" [Enabled] .(...) -- C:\Program Files\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\StarCraft II\StarCraft II.exe" [Enabled] .(...) -- C:\Program Files\Jeux\StarCraft II\StarCraft II.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\StarCraft II\Versions\Base15405\SC2.exe" [Enabled] .(...) -- C:\Program Files\Jeux\StarCraft II\Versions\Base15405\SC2.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Riot Games\League of Legends\air\LolClient.exe" [Enabled] .(...) -- C:\Riot Games\League of Legends\air\LolClient.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Riot Games\League of Legends\game\League of Legends.exe" [Enabled] .(...) -- C:\Riot Games\League of Legends\game\League of Legends.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Fallout New Vegas\Steam.exe" [Enabled] .(...) -- C:\Program Files\Jeux\Fallout New Vegas\Steam.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Jeux\Fallout New Vegas\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe" [Enabled] .(...) -- C:\Program Files\Jeux\Fallout New Vegas\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe (.not file.
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
O47 - AAKE:Key Export SP - "C:\Riot Games\League of Legends\lol.launcher.exe" [Enabled] .(...) -- C:\Riot Games\League of Legends\lol.launcher.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\remy\Bureau\blobby\blobby.exe" [Disabled] .(...) -- C:\Documents and Settings\remy\Bureau\blobby\blobby.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\remy\Bureau\blobby\blobby-server.exe" [Disabled] .(...) -- C:\Documents and Settings\remy\Bureau\blobby\blobby-server.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\wupdmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de mise à jour de Windows NT.) -- C:\WINDOWS\system32\wupdmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Pando Networks\Media Booster\PMB.exe" [Enabled] .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\pwspio\setup.exe" [Enabled] .(...) -- C:\WINDOWS\TEMP\pwspio\setup.exe (.not file.)
O47 - AAKE:Key Export SP - "\??\C:\WINDOWS\system32\winlogon.exe" [Enabled] .(.Microsoft Corporation - Application d'ouverture de session Windows NT.) -- C:\WINDOWS\system32\winlogon.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Pando Networks\Media Booster\PMB.exe" [Enabled] .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys . (...) -- C:\WINDOWS\System32\Drivers\nm.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
~ Scan CSB in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{7e4b5046-2854-11e0-a3cf-0090f58d1940}\AutoRun\command. (...) -- C:\WINDOWS\system32\Page_accueil_PPE.pdf (.not file.)
O51 - MPSK:{b53d3e3e-024a-11de-9f93-0090f58d1940}\AutoRun\command. (...) -- C:\WINDOWS\system32\copy.exe (.not file.)
O51 - MPSK:{b8c0ebbe-c22b-11df-a2d0-0090f58d1940}\AutoRun\command. (...) -- F:\EmDesk.exe (.not file.)
O51 - MPSK:{c08ffcd1-583f-11df-a1f9-0090f58d1940}\AutoRun\command. (...) -- C:\WINDOWS\system32\MAiOBeF.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"VIDC.IV41"="IR41_32.AX" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\IR41_32.AX
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \drivers.desc\"IR41_32.AX"="IR41_32.AX" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\IR41_32.AX
~ Scan Keys in 00mn 01s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AlcoholAutomount [Key] . (...) -- C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard Development Company, L.P. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (...) -- C:\Program Files\QuickTime\QTTask.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SMSERIAL [Key] . (...) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O53 - SMSR:HKLM\...\startupreg\XboxStat [Key] . (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
~ Scan Keys in 00mn 02s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.3F6884EFF406238D39AAA892218F1DF7] - 28/07/2011 - 12:59:37 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]
O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 28/07/2011 - 10:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys [43008]
O58 - SDL:[MD5.7F08D9C504B015D81A8ABD75C80028C5] - 28/07/2011 - 12:59:35 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.FF028BFF4FE4E5CE35C797FBF1B21609] - 28/07/2011 - 13:02:22 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344]
O58 - SDL:[MD5.C2181EF6B54752273A0759A968C59279] - 28/07/2011 - 13:02:25 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102616]
O58 - SDL:[MD5.AC48BDD4CD5D44AF33087C06D6E9511C] - 28/07/2011 - 12:59:56 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.B64134316FCD1F20E0F10EF3E65BD522] - 28/07/2011 - 13:03:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [441176]
O58 - SDL:[MD5.D6788E3211AFA9951ED7A4D617F68A4F] - 28/07/2011 - 13:03:44 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [307928]
O58 - SDL:[MD5.4D100C45517809439C7B6DD98997FA00] - 28/07/2011 - 13:02:37 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [49240]
O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 28/07/2011 - 22:29:30 --H-- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys [56623]
O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 28/07/2011 - 22:29:30 --H-- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys [11615]
O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 28/07/2011 - 22:29:30 --H-- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys [12047]
O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys [30671]
O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys [63663]
O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys [26367]
O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys [21343]
O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys [36463]
O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys [29455]
O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys [34735]
O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 28/07/2011 - 15:53:40 --H-- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys [327168]
O58 - SDL:[MD5.417352592432F5368A8296F7FB73BECF] - 28/07/2011 - 15:53:42 --H-- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [701440]
O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 28/07/2011 - 22:29:28 --H-- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys [57856]
O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 28/07/2011 - 22:29:30 --H-- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys [13824]
O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 28/07/2011 - 22:29:30 --H-- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys [14336]
O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 28/07/2011 - 22:29:30 --H-- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys [52224]
O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys [104960]
O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys [28672]
O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys [13824]
O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys [73216]
O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys [31744]
O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 28/07/2011 - 22:29:32 --H-- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys [63488]
O58 - SDL:[MD5.F0D933B42CD0594048E4D5200AE9E417] - 28/07/2011 - 16:46:13 --HA- . (...) -- C:\WINDOWS\system32\drivers\atksgt.sys [281760]
O58 - SDL:[MD5.92A964547B96D697E5E9ED43B4297F5A] - 28/07/2011 - 04:50:20 --HA- . (.Brother Industries Ltd. - Brother USB Scanner Driver.) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys [15295]
O58 - SDL:[MD5.C3E76B0C05EBF7261ABFB08D9E75822E] - 28/07/2011 - 00:01:10 --H-- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [9072]
O58 - SDL:[MD5.17590DFE29E02842A6E3A463E443D1B9] - 28/07/2011 - 00:01:10 --H-- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [9200]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/07/2011 - 22:27:32 --HA- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/07/2011 - 22:27:32 --HA- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.3FCC124B6E08EE0E9351F717DD136939] - 28/07/2011 - 17:07:18 --H-- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys [138752]
O58 - SDL:[MD5.2A013E7530BEAB6E569FAA83F517E836] - 28/07/2011 - 17:07:16 --H-- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [145920]
O58 - SDL:[MD5.30CA91E657CEDE2F95359D6EF186F650] - 28/07/2011 - 03:04:40 R-HA- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49664]
O58 - SDL:[MD5.EFD31AFA752AA7C7BBB57BCBE2B01C78] - 28/07/2011 - 03:04:40 R-HA- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.7AC43C38CA8FD7ED0B0A4466F753E06E] - 28/07/2011 - 03:04:40 --HA- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568]
O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 28/07/2011 - 22:41:48 --H-- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys [220032]
O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 28/07/2011 - 22:41:50 --H-- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys [685056]
O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 28/07/2011 - 22:41:56 --H-- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys [1041536]
O58 - SDL:[MD5.9509D5D449BA04CA455348973D281741] - 28/07/2011 - 10:26:10 ---A- . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\WINDOWS\system32\drivers\jmcr.sys [144984]
O58 - SDL:[MD5.07712CEF42A89B76ADB2FC8124FCCD14] - 28/07/2011 - 13:26:44 ---A- . (.JMicron Technology Corp. - OHCI1394 upper filter driver.) -- C:\WINDOWS\system32\drivers\johci.sys [23640]
O58 - SDL:[MD5.F8A7212D0864EF5E9185FB95E6623F4D] - 28/07/2011 - 16:46:12 --HA- . (...) -- C:\WINDOWS\system32\drivers\lirsgt.sys [25888]
O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 28/07/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712]
O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 28/07/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [39984]
O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 28/07/2011 - 22:41:56 --H-- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [11868]
O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 28/07/2011 - 22:41:40 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys [126686]
O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 28/07/2011 - 22:41:38 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys [1309184]
O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 28/07/2011 - 22:29:38 --H-- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys [452736]
O58 - SDL:[MD5.0888844230083CE3B47395102BCA8207] - 28/07/2011 - 21:49:52 R-HA- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\system32\drivers\NETw5x32.sys [3626112]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/07/2011 - 22:27:32 --HA- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 28/07/2011 - 22:41:40 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys [180360]
O58 - SDL:[MD5.18C9B152DA7BEA76B2F9E4B6412E0AAF] - 28/07/2011 - 04:27:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 266.58.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [9888672]
O58 - SDL:[MD5.50ACB7253D1104E5917E15A0670D63D5] - 28/07/2011 - 00:10:52 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\WINDOWS\system32\drivers\nvhda32.sys [100456]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/07/2011 - 22:28:10 --HA- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.E42E3433DBB4CFFE8FDD91EAB29AEA8E] - 28/07/2011 - 00:01:10 --H-- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\PxHelp20.sys [45648]
O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 28/07/2011 - 22:41:40 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys [13776]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/07/2011 - 22:27:32 --HA- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/07/2011 - 22:27:32 --HA- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.CB9310A5A910648D359C99A857E22A54] - 28/07/2011 - 16:55:00 --HA- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [143360]
O58 - SDL:[MD5.B2957D6C1226F029230DAC2C46D34286] - 28/07/2011 - 17:33:00 R-H-- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4707328]
O58 - SDL:[MD5.59509AD6CBC28F2C73056268985B3E48] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 Driver.) -- C:\WINDOWS\system32\drivers\s0016bus.sys [89256]
O58 - SDL:[MD5.8C4A9024CF84D61D4BC07F06DDF7B2D1] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s0016cm.sys [12200]
O58 - SDL:[MD5.8C4A9024CF84D61D4BC07F06DDF7B2D1] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s0016cmnt.sys [12200]
O58 - SDL:[MD5.44D115C6BE5DF0F32338DA1032923644] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 USB Ethernet Emulation (WDM class reg.) -- C:\WINDOWS\system32\drivers\s0016cr.sys [10792]
O58 - SDL:[MD5.B98C3A6F91F4FBA285AF9606A240C6B4] - 28/07/2011 - 11:33:14 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys [15016]
O58 - SDL:[MD5.8A83426F4FB7B5212825D9DE76368B1A] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC Modem WDM Driver.) -- C:\WINDOWS\system32\drivers\s0016mdm.sys [120744]
O58 - SDL:[MD5.7A78BBA97FEB5E6D24C49E93A3BF7287] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC Device Management Driver.) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys [114216]
O58 - SDL:[MD5.34EF7B5F611957B73E7219DD5A222AD1] - 28/07/2011 - 11:33:14 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 USB Ethernet Emulation (NDIS 5 Minipo.) -- C:\WINDOWS\system32\drivers\s0016nd5.sys [25512]
O58 - SDL:[MD5.36792935847143E4A3CDA0DC87248487] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC OBEX Interface Device Driver.) -- C:\WINDOWS\system32\drivers\s0016obex.sys [110632]
O58 - SDL:[MD5.927208754FB27FC3E7A659E77500C5D1] - 28/07/2011 - 11:33:14 --HA- . (.MCCI Corporation - Sony Ericsson Device 0016 USB Ethernet Emulation.) -- C:\WINDOWS\system32\drivers\s0016unic.sys [115752]
O58 - SDL:[MD5.DA9BB7BCBB5F3D4B4E9B1E767278259D] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s0016wh.sys [12200]
O58 - SDL:[MD5.DA9BB7BCBB5F3D4B4E9B1E767278259D] - 28/07/2011 - 11:33:12 --HA- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s0016whnt.sys [12200]
O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 28/07/2011 - 22:29:52 --H-- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys [166912]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 28/07/2011 - 08:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 28/07/2011 - 10:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys [40960]
O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 28/07/2011 - 22:41:42 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys [129535]
O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 28/07/2011 - 22:41:44 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys [404990]
O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 28/07/2011 - 22:41:46 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys [95424]
O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 28/07/2011 - 22:41:46 --H-- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys [13240]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2011 - 00:00:00 --HA- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [691696]
O58 - SDL:[MD5.D7B9AD3ABD0F7F9F694D71F38B5C7B72] - 28/07/2011 - 18:41:42 --HA- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [220032]
O58 - SDL:[MD5.C050F120451B08FBF79588F66BF51CCD] - 28/07/2011 - 00:15:00 R-HA- . (.UPEK Inc. - TouchChip USB Kernel Driver.) -- C:\WINDOWS\system32\drivers\tcusb.sys [57872]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/07/2011 - 22:27:32 --HA- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/07/2011 - 22:27:32 --HA- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 28/07/2011 - 22:29:40 --H-- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys [11807]
O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 28/07/2011 - 22:29:40 --H-- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys [11295]
O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 28/07/2011 - 22:29:42 --H-- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys [11871]
O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 28/07/2011 - 22:29:42 --H-- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys [11935]
O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 28/07/2011 - 22:29:46 --H-- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys [22271]
O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 28/07/2011 - 22:29:46 --H-- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys [25471]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/07/2011 - 22:27:11 --HA- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/07/2011 - 22:27:17 --HA- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/07/2011 - 22:27:38 --HA- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/07/2011 - 22:27:44 --HA- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/07/2011 - 21:23:06 --HA- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 28/07/2011 - 10:43:08 --HA- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\WINDOWS\system32\npptNT2.sys [4682]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/07/2011 - 22:28:01 --HA- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/07/2011 - 22:28:01 --HA- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/07/2011 - 22:28:01 --HA- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/07/2011 - 22:28:01 --HA- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/07/2011 - 22:28:01 --HA- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 28/07/2011 - 22:45:26 --HA- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 28/07/2011 - 22:45:16 --HA- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 28/07/2011 - 22:45:12 --HA- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 28/07/2011 - 22:45:16 --HA- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 28/07/2011 - 22:45:14 --HA- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Scan Drivers in 00mn 03s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 22/09/2009 - C:\WINDOWS\System32\DRIVERS\atksgt.sys - atksgt (atksgt) .(...) - LEGACY_ATKSGT
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 09/09/2002 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 17/07/2010 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 22/09/2005 - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service(LightScribeService) .(.Hewlett-Packard Company - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE
O64 - Services: CurCS - 22/09/2009 - C:\WINDOWS\System32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(...) - LEGACY_LIRSGT
O64 - Services: CurCS - 29/05/2011 - C:\WINDOWS\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy(MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - 07/01/2011 - C:\WINDOWS\System32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 266.5.) - LEGACY_NVSVC
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\DRIVERS\secdrv.sys - Secdrv(Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - ??/??/???? - C:\WINDOWS\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD
~ Scan Services in 00mn 03s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 01s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <firefox.exe> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {A502F098-5D87-4A8F-B335-05FF21006275} [DefaultScope] - (Live Search) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
~ Scan Keys in 00mn 00s



---\\ Internet Feature Controls (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
~ Scan Keys in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : 8555 - (27/07/2011)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}] =>Toolbar.Crawler
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}] =>Toolbar.Crawler
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OfferBox] =>PUP.OfferBox
C:\Documents and Settings\remy\Application Data\Adobe\plugs =>Trojan.FakeAlert
C:\Documents and Settings\remy\Application Data\Adobe\shed =>Trojan.FakeAlert
C:\Program Files\OfferBox =>PUP.OfferBox
C:\Documents and Settings\remy\Application Data\OfferBox =>PUP.OfferBox
C:\Documents and Settings\remy\Application Data\teamspeak2 =>Toolbar.Conduit
~ Scan Additionnel in 00mn 05s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Demand 28/07/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SR - | Auto 28/07/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 28/07/2011 53248 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
SS - | Demand 28/07/2011 3375952 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\WINDOWS\system32\GameMon.des
SR - | Auto 28/07/2011 156776 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\nvsvc32.exe
SR - | Auto 28/07/2011 73728 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
~ Scan Services in 00mn 08s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by remy at 28/07/2011 16:10:09

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8AA454D0]<<
1 ntkrnlpa!IofCallDriver[0x804EF196] -> \Device\Harddisk0\DR0[0x8AA6BAB8]
3 CLASSPNP[0xB80F8FD7] -> ntkrnlpa!IofCallDriver[0x804EF196] -> [0x8AAD1DE0]
\Driver\atapi[0x8AA9FC30] -> IRP_MJ_CREATE -> 0x8AA454D0
error: Read Un périphérique attaché au système ne fonctionne pas correctement.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8AA4531B
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
~ Scan MBR in 00mn 11s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by remy at 28/07/2011 16:10:11

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 13s



End of the scan (1409 lines in 04mn 08s)(0)
0
Réponse 16 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
Modifié par remyge le 28/07/2011 à 17:20
Tout y est avec ça : O43 - CFD: 09/01/2009 - 19:26:38 - [0] ----D- C:\Program Files\Windows Update (c'est ce qui manquait tout a l heure: j'ai juste mis un espace entre windows et update ^^')
0
Réponse 17 / 38
Utilisateur anonyme
28 juil. 2011 à 17:26
C'est pas mal infecté
Télécharge TDSSKiller (de Kaspersky) sur ton bureau
https://support.kaspersky.com/downloads/utils/tdsskiller.exe

Double clique sur TDSSKiller pour le lancer (avec Vista/Seven, clic droit
dessus, et sur exécuter en tant qu'administrateur

Clique sur Start scan, et laisse l'outil travailler

Si des fichiers infectés sont trouvés, une nouvelle fenêtre va s'ouvrir

Si TDSS. tdl2 est détecté, l'option delete sera cochée par défaut

Si TDSS.tdl3 est détecté, vérifie que Cure est bien cochée

Si TDSS.tdl4 (\HardDisk0\MBR) est détecté, vérifie que Cure
est bien cochée

Si Suspicious file est indiqué, laisse l'option cochée sur Skip

Clique sur Continue, puis sur Reboot now pour
redémarrer le PC

Poste le rapport qui est sauvegardé dans C:\TDSSKiller_Quarantine\
JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS
heure de passage).


Ensuite

Télécharge USBFix (de El Desaparecido, C_XX) sur ton bureau
http://teamxscript.changelog.fr/too/UsbFix.exe

# Double clic sur UsbFix présent sur ton bureau, et clique sur
exécuter pour lancer l'installation qui se fera automatiquement

# Clique sur Suppression

# Branche toutes tes sources et données externes (clé USB, disque dur
externe...) sans les ouvrir sur ton PC, et clique sur OK

# La suppression est lancée. Le bureau va disparaitre, c'est normal

# Ensuite poste le rapport UsbFix.txt qui est apparu avec le bureau .

# Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )



Et ensuite
Télécharge Ad-Remover sur ton bureau:
http://www.teamxscript.org/adremoverTelechargement.html ( Lien officiel )
https://www.androidworld.fr/ ( Miroir )

/!\ Ferme toutes tes applications ouvertes. /!\

Double clique sur le fichier que tu viens de télécharger, à l'écran qui apparait, clique sur Nettoyer.
Laisse travailler l'outil.
Poste le rapport qui s'affiche à l'écran quand l'analyse est terminée.
Il est sauvegardé dans C:\Ad-Remover-CLEAN[1].txt


0
Réponse 18 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:40
Yo, voici le rapport de TDSSK
2011/07/28 17:30:02.0281 2728 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/28 17:30:02.0453 2728 ================================================================================
2011/07/28 17:30:02.0453 2728 SystemInfo:
2011/07/28 17:30:02.0453 2728
2011/07/28 17:30:02.0453 2728 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/28 17:30:02.0453 2728 Product type: Workstation
2011/07/28 17:30:02.0453 2728 ComputerName: REMY
2011/07/28 17:30:02.0453 2728 UserName: remy
2011/07/28 17:30:02.0453 2728 Windows directory: C:\WINDOWS
2011/07/28 17:30:02.0453 2728 System windows directory: C:\WINDOWS
2011/07/28 17:30:02.0453 2728 Processor architecture: Intel x86
2011/07/28 17:30:02.0453 2728 Number of processors: 2
2011/07/28 17:30:02.0453 2728 Page size: 0x1000
2011/07/28 17:30:02.0453 2728 Boot type: Normal boot
2011/07/28 17:30:02.0453 2728 ================================================================================
2011/07/28 17:30:04.0156 2728 Initialize success
2011/07/28 17:30:12.0390 0204 ================================================================================
2011/07/28 17:30:12.0390 0204 Scan started
2011/07/28 17:30:12.0390 0204 Mode: Manual;
2011/07/28 17:30:12.0390 0204 ================================================================================
2011/07/28 17:30:13.0140 0204 Aavmker4 (3f6884eff406238d39aaa892218f1df7) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/28 17:30:13.0218 0204 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/28 17:30:13.0250 0204 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/07/28 17:30:13.0296 0204 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/28 17:30:13.0328 0204 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
2011/07/28 17:30:13.0437 0204 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/28 17:30:13.0500 0204 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/28 17:30:13.0515 0204 aswMon2 (c2181ef6b54752273a0759a968c59279) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/28 17:30:13.0531 0204 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/28 17:30:13.0593 0204 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/07/28 17:30:13.0703 0204 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/28 17:30:13.0718 0204 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/28 17:30:13.0750 0204 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/28 17:30:13.0828 0204 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/28 17:30:13.0921 0204 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/07/28 17:30:13.0953 0204 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/28 17:30:13.0984 0204 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/28 17:30:14.0015 0204 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/28 17:30:14.0046 0204 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/07/28 17:30:14.0046 0204 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/07/28 17:30:14.0093 0204 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
2011/07/28 17:30:14.0156 0204 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/07/28 17:30:14.0187 0204 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/07/28 17:30:14.0218 0204 BTHPORT (b6dcfa596e97c3964f9148d5d9198ef8) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/07/28 17:30:14.0250 0204 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/07/28 17:30:14.0281 0204 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/28 17:30:14.0312 0204 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/28 17:30:14.0343 0204 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/28 17:30:14.0390 0204 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/28 17:30:14.0421 0204 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/28 17:30:14.0468 0204 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/07/28 17:30:14.0484 0204 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/07/28 17:30:14.0578 0204 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/28 17:30:14.0640 0204 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/28 17:30:14.0671 0204 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/28 17:30:14.0671 0204 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/28 17:30:14.0703 0204 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/28 17:30:14.0734 0204 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/28 17:30:14.0765 0204 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/28 17:30:14.0812 0204 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/28 17:30:14.0843 0204 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/28 17:30:14.0843 0204 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/28 17:30:14.0875 0204 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/28 17:30:14.0890 0204 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/28 17:30:14.0890 0204 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/28 17:30:14.0921 0204 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/28 17:30:14.0984 0204 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/28 17:30:15.0015 0204 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/28 17:30:15.0078 0204 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/07/28 17:30:15.0109 0204 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/07/28 17:30:15.0125 0204 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/07/28 17:30:15.0156 0204 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/28 17:30:15.0218 0204 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/28 17:30:15.0234 0204 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/28 17:30:15.0390 0204 IntcAzAudAddService (b2957d6c1226f029230dac2c46d34286) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/28 17:30:15.0531 0204 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/28 17:30:15.0562 0204 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/28 17:30:15.0609 0204 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/28 17:30:15.0656 0204 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/28 17:30:15.0687 0204 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/28 17:30:15.0703 0204 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/28 17:30:15.0750 0204 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/28 17:30:15.0781 0204 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/28 17:30:15.0828 0204 JMCR (9509d5d449ba04ca455348973d281741) C:\WINDOWS\system32\DRIVERS\jmcr.sys
2011/07/28 17:30:15.0875 0204 johci (07712cef42a89b76adb2fc8124fccd14) C:\WINDOWS\system32\DRIVERS\johci.sys
2011/07/28 17:30:15.0890 0204 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/28 17:30:15.0890 0204 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/28 17:30:15.0921 0204 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/28 17:30:15.0937 0204 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/28 17:30:16.0015 0204 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/07/28 17:30:16.0078 0204 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/07/28 17:30:16.0093 0204 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/28 17:30:16.0125 0204 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/28 17:30:16.0171 0204 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/28 17:30:16.0218 0204 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/28 17:30:16.0234 0204 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/28 17:30:16.0265 0204 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/28 17:30:16.0312 0204 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/28 17:30:16.0328 0204 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/28 17:30:16.0359 0204 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/28 17:30:16.0375 0204 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/28 17:30:16.0437 0204 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/28 17:30:16.0484 0204 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/28 17:30:16.0531 0204 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/28 17:30:16.0531 0204 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/28 17:30:16.0562 0204 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/28 17:30:16.0578 0204 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/28 17:30:16.0625 0204 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/28 17:30:16.0656 0204 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/28 17:30:16.0703 0204 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/28 17:30:16.0734 0204 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/28 17:30:16.0750 0204 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/28 17:30:16.0750 0204 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/28 17:30:16.0796 0204 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/28 17:30:16.0937 0204 NETw5x32 (0888844230083ce3b47395102bca8207) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
2011/07/28 17:30:16.0984 0204 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/28 17:30:17.0046 0204 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/07/28 17:30:17.0062 0204 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/28 17:30:17.0093 0204 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/28 17:30:17.0140 0204 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/28 17:30:17.0406 0204 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/28 17:30:17.0562 0204 NVHDA (50acb7253d1104e5917e15a0670d63d5) C:\WINDOWS\system32\drivers\nvhda32.sys
2011/07/28 17:30:17.0609 0204 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/28 17:30:17.0625 0204 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/28 17:30:17.0671 0204 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2011/07/28 17:30:17.0703 0204 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2011/07/28 17:30:17.0718 0204 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2011/07/28 17:30:17.0765 0204 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
2011/07/28 17:30:17.0796 0204 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/28 17:30:17.0828 0204 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
2011/07/28 17:30:17.0843 0204 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/28 17:30:17.0859 0204 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/28 17:30:17.0890 0204 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/28 17:30:17.0937 0204 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/28 17:30:17.0953 0204 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/28 17:30:18.0078 0204 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/28 17:30:18.0093 0204 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/07/28 17:30:18.0109 0204 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/28 17:30:18.0140 0204 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/28 17:30:18.0171 0204 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/28 17:30:18.0265 0204 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/28 17:30:18.0281 0204 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/28 17:30:18.0296 0204 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/28 17:30:18.0312 0204 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/28 17:30:18.0375 0204 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/28 17:30:18.0406 0204 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/28 17:30:18.0453 0204 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/28 17:30:18.0484 0204 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/28 17:30:18.0500 0204 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/28 17:30:18.0546 0204 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/07/28 17:30:18.0593 0204 RTLE8023xp (cb9310a5a910648d359c99a857e22a54) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/07/28 17:30:18.0656 0204 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys
2011/07/28 17:30:18.0671 0204 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
2011/07/28 17:30:18.0687 0204 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
2011/07/28 17:30:18.0718 0204 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
2011/07/28 17:30:18.0718 0204 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
2011/07/28 17:30:18.0734 0204 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys
2011/07/28 17:30:18.0765 0204 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys
2011/07/28 17:30:18.0796 0204 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/28 17:30:18.0812 0204 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/28 17:30:18.0843 0204 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/07/28 17:30:18.0875 0204 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/28 17:30:18.0921 0204 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/28 17:30:18.0984 0204 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/28 17:30:18.0984 0204 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/07/28 17:30:19.0000 0204 sptd - detected LockedFile.Multi.Generic (1)
2011/07/28 17:30:19.0000 0204 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/28 17:30:19.0015 0204 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/28 17:30:19.0062 0204 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/28 17:30:19.0093 0204 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/28 17:30:19.0109 0204 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/28 17:30:19.0218 0204 SynTP (d7b9ad3abd0f7f9f694d71f38b5c7b72) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/07/28 17:30:19.0234 0204 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/28 17:30:19.0281 0204 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/28 17:30:19.0328 0204 Tcpip6 (aa7a55536096d646dc7ab0ac5641e9e8) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
2011/07/28 17:30:19.0343 0204 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/28 17:30:19.0359 0204 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/28 17:30:19.0390 0204 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/28 17:30:19.0453 0204 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
2011/07/28 17:30:19.0500 0204 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/28 17:30:19.0531 0204 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/28 17:30:19.0562 0204 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/28 17:30:19.0593 0204 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/28 17:30:19.0609 0204 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/28 17:30:19.0625 0204 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/28 17:30:19.0656 0204 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/28 17:30:19.0687 0204 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/28 17:30:19.0703 0204 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/28 17:30:19.0734 0204 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/28 17:30:19.0765 0204 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/28 17:30:19.0796 0204 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/28 17:30:19.0812 0204 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/28 17:30:19.0875 0204 Wdf01000 (060e8cb99cc0a6751db5810c042b0d45) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/07/28 17:30:19.0953 0204 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/28 17:30:20.0000 0204 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/28 17:30:20.0078 0204 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/28 17:30:20.0125 0204 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\WINDOWS\system32\DRIVERS\xusb21.sys
2011/07/28 17:30:20.0140 0204 MBR (0x1B8) (dad11e2a62df7f44f938c5059e874339) \Device\Harddisk0\DR0
2011/07/28 17:30:20.0140 0204 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/07/28 17:30:20.0156 0204 Boot (0x1200) (6608441c05d066040410461a5423a6d0) \Device\Harddisk0\DR0\Partition0
2011/07/28 17:30:20.0171 0204 Boot (0x1200) (263f85c03bcc85319d1f93f6d0186eaa) \Device\Harddisk0\DR0\Partition1
2011/07/28 17:30:20.0171 0204 ================================================================================
2011/07/28 17:30:20.0171 0204 Scan finished
2011/07/28 17:30:20.0171 0204 ================================================================================
2011/07/28 17:30:20.0187 3936 Detected object count: 2
2011/07/28 17:30:20.0187 3936 Actual detected object count: 2
2011/07/28 17:31:26.0953 3936 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/28 17:31:27.0000 3936 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/07/28 17:31:27.0000 3936 \Device\Harddisk0\DR0 - ok
2011/07/28 17:31:27.0000 3936 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/07/28 17:31:40.0296 3708 Deinitialize success
0
Utilisateur anonyme
28 juil. 2011 à 17:48
J'attends les autres résultats
0
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:51
usb fix
############################## | UsbFix 7.052 | [Suppression]

Utilisateur: remy (Administrateur) # REMY [ ]
Mis à jour le 27/07/2011 par El Desaparecido
Lancé à 17:44:08 | 28/07/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Pare-feu Windows: Activé
Antivirus: avast! Antivirus 5.0.100664421 [(!) Disabled | Updated]
RAM -> 2043 Mo
C:\ (%systemdrive%) -> Disque fixe # 60 Go (32 Go libre(s) - 55%) [] # NTFS
D:\ -> Disque fixe # 90 Go (36 Go libre(s) - 40%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Disque amovible # 3 Go (545 Mo libre(s) - 15%) [] # FAT32
I:\ -> Disque fixe # 465 Go (260 Go libre(s) - 56%) [Iomega_HDD] # NTFS

################## | Éléments infectieux |

Supprimé! C:\Recycler\S-1-5-21-1123561945-1645522239-839522115-1003
Supprimé! D:\Recycler\S-1-5-21-1123561945-1645522239-839522115-1003
Supprimé! D:\AUTORUN.INF

################## | Registre |

Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{74cf4988-ea6b-11dd-9f58-806d6172696f}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{7e4b5046-2854-11e0-a3cf-0090f58d1940}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b53d3e3e-024a-11de-9f93-0090f58d1940}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b8c0ebbe-c22b-11df-a2d0-0090f58d1940}

################## | Listing |

[20/06/2011 - 12:57:29 | N | 4677] C:\aswBoot.log
[09/01/2009 - 19:28:59 | N | 0] C:\AUTOEXEC.BAT
[16/08/2010 - 13:40:54 | N | 224] C:\boot.ini
[28/10/2009 - 17:11:29 | D ] C:\bootcd
[09/09/2002 - 23:27:14 | N | 4952] C:\Bootfont.bin
[28/07/2011 - 12:42:01 | D ] C:\Config.Msi
[09/01/2009 - 19:28:59 | N | 0] C:\CONFIG.SYS
[18/08/2009 - 07:48:01 | N | 1932] C:\DlgTest.log
[09/01/2009 - 19:32:44 | D ] C:\Documents and Settings
[17/07/2011 - 14:51:35 | D ] C:\e138abba2037c145e17d
[09/01/2009 - 19:38:11 | D ] C:\Intel
[09/01/2009 - 19:28:59 | N | 0] C:\IO.SYS
[09/01/2009 - 19:28:59 | N | 0] C:\MSDOS.SYS
[11/04/2010 - 11:34:34 | RHD ] C:\MSOCache
[09/01/2009 - 19:51:05 | N | 47564] C:\NTDETECT.COM
[13/07/2011 - 13:06:39 | N | 252240] C:\ntldr
[28/07/2011 - 10:34:40 | D ] C:\NVIDIA
[28/07/2011 - 17:32:46 | ASH | 3246391296] C:\pagefile.sys
[28/07/2011 - 16:10:11 | N | 512] C:\PhysicalDisk0_MBR.bin
[27/10/2009 - 12:53:42 | D ] C:\pnp
[28/07/2011 - 16:03:28 | D ] C:\Program Files
[28/07/2011 - 17:47:06 | SHD ] C:\RECYCLER
[10/08/2010 - 13:46:13 | N | 189] C:\Setup.log
[02/06/2009 - 19:58:19 | SHD ] C:\System Volume Information
[28/07/2011 - 17:31:40 | N | 48000] C:\TDSSKiller.2.5.11.0_28.07.2011_17.30.02_log.txt
[23/10/2010 - 16:08:00 | D ] C:\temp
[25/02/2009 - 19:05:45 | ASH | 5120] C:\Thumbs.db
[28/07/2011 - 17:47:07 | D ] C:\UsbFix
[28/07/2011 - 17:48:10 | A | 1402] C:\UsbFix.txt
[28/07/2011 - 12:45:07 | D ] C:\WINDOWS
[25/01/2009 - 02:02:20 | D ] D:\backup
[22/06/2011 - 17:35:11 | D ] D:\bureau a trier
[13/07/2011 - 11:19:23 | D ] D:\Coqueréaumont
[02/07/2011 - 13:19:05 | D ] D:\docs persos
[10/05/2010 - 17:43:23 | D ] D:\DSi
[29/06/2011 - 14:54:14 | D ] D:\films
[28/07/2011 - 15:28:30 | D ] D:\Jeux
[03/07/2011 - 20:03:56 | D ] D:\Nouveau dossier
[29/06/2011 - 14:54:14 | D ] D:\photos persos
[14/07/2010 - 01:56:34 | N | 145] D:\Raccourci vers Lecteur CD.lnk
[28/07/2011 - 17:47:07 | SHD ] D:\RECYCLER
[13/07/2011 - 11:55:25 | D ] D:\sauve
[28/07/2011 - 12:07:51 | D ] D:\SMRTNTKY
[15/05/2009 - 17:17:44 | SHD ] D:\System Volume Information
[02/02/2009 - 11:07:42 | D ] D:\WorldOfGoo_downarchive

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_REMY.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.

################## | E.O.F |
0
Utilisateur anonyme
28 juil. 2011 à 17:54
bien, maintenant Ad Remover
0
Réponse 19 / 38
remyge Messages postés 63 Date d'inscription mardi 20 octobre 2009 Statut Membre Dernière intervention 13 juillet 2013 1
28 juil. 2011 à 17:58
et voilà:
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 17:52:53 le 28/07/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
remy@REMY ( )

============== ACTION(S) ==============


Dossier supprimé: C:\Documents and Settings\remy\Application Data\OfferBox
Dossier supprimé: C:\Program Files\OfferBox

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\OfferBox
Clé supprimée: HKCU\Software\OfferBox
Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Documents and Settings\remy\Application Data\Mozilla\FireFox\Profiles\ay2rmle3.default --
Extensions\{26FD1F83-A45B-4c74-AF5A-F2EE0EE4D691} (HighlightAll)
Searchplugins\Wibeez.xml (<SearchPlugin xmlns=hxxp://www.mozilla.org/2006/browser/search/<ShortNameWibeez</ShortName <DescriptionMéta-annuaire Wi...)
Prefs.js - browser.download.dir, C:\\Documents and Settings\\remy\\Bureau
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\remy\\Bureau
Prefs.js - browser.startup.homepage, hxxp://www.google.fr
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0
Prefs.js - keyword.URL, hxxp://www.wibeez.com/france?search&q=

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe (x)
HKLM_ElevationPolicy\{9EC8A041-8BD6-4f3e-9FA5-F25893A6E04F} - C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper.exe (x)
HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.)
HKLM_ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32} - C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe (x)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre6\bin\ssv.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 2 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 28/07/2011 17:52:56 (589 Octet(s))

Fin à: 17:53:23, 28/07/2011

============== E.O.F ==============
0
Réponse 20 / 38
Utilisateur anonyme
28 juil. 2011 à 18:02
Copie les lignes suivantes en gras ci dessous, c'est à dire
que tu sélectionnes les lignes indiquées en gras avec ta souris, tu fait
clic droit dessus>copier

O4 - HKUS\S-1-5-18\..\Run: [8DDYX0ZBPZ] C:\WINDOWS\TEMP\Lt0.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [8DDYX0ZBPZ] C:\WINDOWS\TEMP\Lt0.exe (.not file.)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}] =>Toolbar.Crawler
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}] =>Toolbar.Crawler
C:\Documents and Settings\remy\Application Data\Adobe\plugs =>Trojan.FakeAlert
C:\Documents and Settings\remy\Application Data\Adobe\shed =>Trojan.FakeAlert
C:\Documents and Settings\remy\Application Data\teamspeak2 =>Toolbar.Conduit


* Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse

Redémarre ton PC

Ensuite, poste moi un nouveau rapport ZHPDiag

0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
Comment éliminer manuellement virus trojan?
ballag -
RClog -

12 réponses