- Code: Tout sélectionner
---\\ HKCU & HKLM Software Keys
[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKCU\Software\AC3filter]
[HKCU\Software\ASUS]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Alliance MCA]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Arcsoft]
[HKCU\Software\Ares]
[HKCU\Software\Ask.com]
[HKCU\Software\AskToolbar]
[HKCU\Software\AvantGo]
[HKCU\Software\Avira]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cookienator]
[HKCU\Software\Cyberlink]
[HKCU\Software\Digital Image Design]
[HKCU\Software\DigitalVolcano]
[HKCU\Software\DivXNetworks]
[HKCU\Software\ESTsoft]
[HKCU\Software\Earth Resource Mapping]
[HKCU\Software\Face-Bon Free Trial]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\HookNetwork]
[HKCU\Software\IGN]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MAL]
[HKCU\Software\Macromedia]
[HKCU\Software\Magellan]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\MessengerSkinner]
[HKCU\Software\Mindscape]
[HKCU\Software\Mio]
[HKCU\Software\Mozilla]
[HKCU\Software\Naviter]
[HKCU\Software\Netscape]
[HKCU\Software\Nikon]
[HKCU\Software\ODBC]
[HKCU\Software\PDFCreator]
[HKCU\Software\Paint.NET]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\Snowlion.net]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sunbelt Software]
[HKCU\Software\TRENDnet]
[HKCU\Software\TeamCu]
[HKCU\Software\TopoGrafix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WAEUSOF]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\diskcat]
[HKLM\Software\8ec]
[HKLM\Software\ACE Compression Software]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Alliance MCA]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Application Updater]
[HKLM\Software\ArcSoft]
[HKLM\Software\AvantGo]
[HKLM\Software\Avira]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cyberlink]
[HKLM\Software\EPSON]
[HKLM\Software\ESTsoft]
[HKLM\Software\EUSOFT]
[HKLM\Software\Earth Resource Mapping]
[HKLM\Software\EuSoftware]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Garmin]
[HKLM\Software\Gemplus]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Intel]
[HKLM\Software\JavaRa]
[HKLM\Software\JavaSoft]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Licenses]
[HKLM\Software\Lowrance Electronics]
[HKLM\Software\MAL]
[HKLM\Software\MCCI]
[HKLM\Software\MDC]
[HKLM\Software\MSI]
[HKLM\Software\Macromedia]
[HKLM\Software\Magellan]
[HKLM\Software\Mindscape]
[HKLM\Software\Mio]
[HKLM\Software\Mobile Application Link]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nikon]
[HKLM\Software\ODBC]
[HKLM\Software\PDFCreator]
[HKLM\Software\Paint.NET]
[HKLM\Software\Photomail]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Shuttle Technology]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sunbelt Software]
[HKLM\Software\Tantalus]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\WAD]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\X-AVCSD]
[HKLM\Software\mozilla.org]
[HKLM\Software\pdfforge]
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\Application Updater
O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Ares
O43 - CFD:Common File Directory ----D- C:\Program Files\Ask.com
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AvantGo Connect
O43 - CFD:Common File Directory ----D- C:\Program Files\AVG
O43 - CFD:Common File Directory ----D- C:\Program Files\Avira
O43 - CFD:Common File Directory ----D- C:\Program Files\AXMA
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\Cookienator
O43 - CFD:Common File Directory ----D- C:\Program Files\Dazzle
O43 - CFD:Common File Directory ----D- C:\Program Files\Dealio Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\Duplicate Cleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON
O43 - CFD:Common File Directory ----D- C:\Program Files\ESTsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FotoStation Easy
O43 - CFD:Common File Directory ----D- C:\Program Files\FouFou
O43 - CFD:Common File Directory ----D- C:\Program Files\Framing Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Free Audio Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Glary Utilities
O43 - CFD:Common File Directory ----D- C:\Program Files\gs
O43 - CFD:Common File Directory ----D- C:\Program Files\GUILD WARS
O43 - CFD:Common File Directory ----D- C:\Program Files\Hijackthis
O43 - CFD:Common File Directory ----D- C:\Program Files\IcoFX 1.6
O43 - CFD:Common File Directory ----D- C:\Program Files\IGN
O43 - CFD:Common File Directory ----D- C:\Program Files\INFORAD
O43 - CFD:Common File Directory ----D- C:\Program Files\INFORAD_DRIVERS
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\IrfanView
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Konvertor
O43 - CFD:Common File Directory ----D- C:\Program Files\Lowrance Electronics
O43 - CFD:Common File Directory ----D- C:\Program Files\Magellan
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office Outlook Connector
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Research
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Midas Interactive
O43 - CFD:Common File Directory ----D- C:\Program Files\Mindscape
O43 - CFD:Common File Directory ----D- C:\Program Files\Mio Technology
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Thunderbird
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\navilog1
O43 - CFD:Common File Directory ----D- C:\Program Files\Navionics
O43 - CFD:Common File Directory ----D- C:\Program Files\Naviter
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Paint.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator
O43 - CFD:Common File Directory ----D- C:\Program Files\pdfforge Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoMail Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\PocketFMS
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Rage Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony Setup
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\Sunbelt Software
O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUpMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\UbiSoft
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\Wizardbrush 6
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Zone Labs
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nikon
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SCM
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Microsoft Shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.764B7295E96E2E66C26616B55463FF6F] - 25/05/2010 - 21:26:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NAVI.ini [3466]
O44 - LFC:[MD5.00000000000000000000000000000000] - 25/05/2010 - 15:10:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32480]
O44 - LFC:[MD5.CDE4047BABC66D516AE99DD9022C19D5] - 24/05/2010 - 08:24:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat [664]
O44 - LFC:[MD5.7D9F0DFC8F55BCE51D486330C37DE320] - 23/05/2010 - 09:40:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1748335]
O44 - LFC:[MD5.00000000000000000000000000000000] - 23/05/2010 - 09:34:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [237]
O44 - LFC:[MD5.00000000000000000000000000000000] - 23/05/2010 - 09:34:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/05/2010 - 09:34:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 23/05/2010 - 09:33:47 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.E80910D9D7FD72BA1AD747C4240E8CFB] - 23/05/2010 - 09:33:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ativvaxx.cap [47604]
O44 - LFC:[MD5.727C231AEF955FB005B5943263BCAC33] - 22/05/2010 - 21:49:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\MRT.INI [172]
O44 - LFC:[MD5.DD368D441E2B7769BCB09763CFC8A76F] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log [6184]
O44 - LFC:[MD5.01EB0E8F6123EBE51D8D8C9101F22712] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978542.log [10621]
O44 - LFC:[MD5.03517E6F6296C8DF22A9C4D2C00B8625] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log [2094]
O44 - LFC:[MD5.8B66BB3C88E98684C1E59063D003F0F1] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log [991]
O44 - LFC:[MD5.91DE07FA57547585EF3AC547909A3D62] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.A0172B811165C8F4EE98D794D47844FE] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log [303]
O44 - LFC:[MD5.D0042D5C5955ED557BB7D4513A5FEA17] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntdtcsetup.log [1265]
O44 - LFC:[MD5.EF2BA830936CEB4BBDC6080BB13CA6FF] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log [2956]
O44 - LFC:[MD5.EBCD6E91C52DEE20B4AE705AE9A84CD7] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log [342]
O44 - LFC:[MD5.51800AF3A2EA87478E760AB6F822BB3C] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [2414]
O44 - LFC:[MD5.7469E68365F2B204FF6694043DAE7069] - 22/05/2010 - 21:47:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tsoc.log [2359]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/05/2010 - 21:47:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/05/2010 - 21:47:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.F1E18D27D3B7175063A6DD20E92AAAD8] - 22/05/2010 - 11:23:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [13646]
O44 - LFC:[MD5.06B151F2D3247761315A2458450185E4] - 20/05/2010 - 20:56:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cleannavi.txt [1236]
O44 - LFC:[MD5.E76FB8F4B849B373D330BBF2602DC66F] - 20/05/2010 - 20:47:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TB.txt [3136]
O44 - LFC:[MD5.B6A7E7CFB9E8F5830949581921C19FF7] - 09/05/2010 - 11:07:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntbtlog.txt [139766]
O44 - LFC:[MD5.B8AAE69563CC5FA98BD69545D8CA887D] - 03/05/2010 - 07:21:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1102384]
O44 - LFC:[MD5.2976B948019379851B1EC5A8D0B76898] - 03/05/2010 - 07:21:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [68292]
O44 - LFC:[MD5.90688CB784F4BD6FE9095B5CD6AE85A4] - 03/05/2010 - 07:21:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [81626]
O44 - LFC:[MD5.7F506372F54A5DA85E7F0D5721BDC1F1] - 03/05/2010 - 07:21:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [435396]
O44 - LFC:[MD5.B5872D2F810B4D618EBAE6E0E5ADA95F] - 03/05/2010 - 07:21:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [503656]
O44 - LFC:[MD5.2E8F6BE71469A67D5AA32D9A766A2F93] - 02/05/2010 - 21:22:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\mbam-error.txt [127]
O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952]
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\eMule\emule.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\user\Bureau\freezer v1.4 fr\freezer v1.4 fr\freezer.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Documents and Settings\user\Bureau\freezer v1.4 fr\freezer v1.4 fr\freezer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) (.not file.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) (.not file.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\IncMail.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImApp.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\IncrediMail\Bin\ImpCnt.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) (.not file.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) (.not file.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{4d419793-208f-11de-b210-0014d1c69072}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\LaunchU3.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll
O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll
O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm
O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"MSACM.CEGSM"="mobilev.acm" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\mobilev.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.5" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"mobilev.acm"="Hewlett Packard Mobile Voice" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\mobilev.acm
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 03:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\drivers\ASACPI.sys
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 28/12/2007 - 08:22:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
O58 - SDL:[MD5.365E08750277C7319FBC721EDD377929] - 08/08/2008 - 10:30:43 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys
O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys
O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 21:46:26 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys
O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys
O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 21/08/2004 - 15:15:50 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 21/08/2004 - 15:15:50 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 14:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 21/08/2004 - 15:15:50 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 21/08/2004 - 15:16:20 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 21/08/2004 - 15:15:50 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 21/08/2004 - 15:15:50 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.671828423B5BF9DB4FC20AE337F2F893] - 30/01/2008 - 11:28:08 R--A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2860.sys
O58 - SDL:[MD5.B52B25F41BF3511071A0E7D10D659C56] - 01/07/2008 - 04:27:44 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys
O58 - SDL:[MD5.0BE7F157D695E1D10EE102C96DE4AC18] - 18/12/2008 - 13:19:14 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys
O58 - SDL:[MD5.419883201CA9AD697CCFB8FC46DD6F78] - 31/10/2008 - 07:09:06 R--A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) -- C:\WINDOWS\system32\drivers\SbFw.sys
O58 - SDL:[MD5.F01B8409A11C319E3C5B9DD418676D2C] - 21/06/2008 - 04:54:54 ---A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall NDIS Intermediate driver.) -- C:\WINDOWS\system32\drivers\SbFwIm.sys
O58 - SDL:[MD5.31CA701F26EA66468AD3C3C6498755CE] - 21/06/2008 - 04:54:54 R--A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\drivers\sbhips.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.6CE397C482BEDE91A38E56A8C4A0DC6D] - 28/06/2004 - 14:08:56 ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\WINDOWS\system32\drivers\ser2pl.sys
O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 22/12/2005 - 11:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 22/12/2005 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 22/12/2005 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys
O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 22/12/2005 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys
O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 22/12/2005 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 22/12/2005 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 22/12/2005 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys
O58 - SDL:[MD5.EF3504DD32E2EA222BE0CBC9A0895F89] - 23/02/2009 - 17:17:00 ---A- . (.Pas de propriétaire - ProtectCD Copyprotection Helper I/O Driver for Accounts with li.) -- C:\WINDOWS\system32\drivers\SSHDRV76.sys
O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 19/07/2009 - 09:26:35 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 21/08/2004 - 15:15:50 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.1DF89C499BF45D878B87EBD4421D462D] - 28/08/2009 - 19:42:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 21/08/2004 - 15:15:50 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 21/08/2004 - 15:15:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 21/08/2004 - 15:15:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.71FD8A33351C042312BF151E74CFA9D9] - 03/05/2009 - 16:08:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\EUSOFT.SYS
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 21/08/2004 - 15:15:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 21/08/2004 - 15:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 04/08/2004 - 23:46:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 21/08/2004 - 15:16:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 21/08/2004 - 15:16:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 21/08/2004 - 15:16:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 21/08/2004 - 15:16:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 21/08/2004 - 15:16:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 04/08/2004 - 23:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 04/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 04/08/2004 - 23:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 04/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 04/08/2004 - 23:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.)
O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)
O63 - Logiciel: Toolbar SD - (.IDN Team.)
---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - Apple Mobile Device (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE
O64 - Services: CurCS - C:\Program Files\Application Updater\ApplicationUpdater.exe - Application Updater (Application Updater) .(.Spigot, Inc. - Application Updater.) - LEGACY_APPLICATION_UPDATER
O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER
O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - (.not file.) - AVG Free8 Network Redirector (AvgTdiX) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGTDIX
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB
O64 - Services: CurCS - C:\Program Files\Bonjour\mDNSResponder.exe - Service Bonjour (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - (.not file.) - GMSIPCI (GMSIPCI) .(.Pas de propriétaire - Pas de description.) - LEGACY_GMSIPCI
O64 - Services: CurCS - C:\Program Files\iPod\bin\iPodService.exe - Service de l’iPod (iPod Service) .(.Apple Inc. - iPodService Module (32-bit).) - LEGACY_IPOD_SERVICE
O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR
O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP
O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS
O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR
O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP
O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS
O64 - Services: CurCS - C:\Windows\system32\drivers\SbFw.sys - SbFw (SbFw) .(.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) - LEGACY_SBFW
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\sbhips.sys - Sunbelt HIPS Driver (sbhips) .(.Sunbelt Software, Inc. - Sunbelt Personal Firewall Host Intrusion Pr.) - LEGACY_SBHIPS
O64 - Services: CurCS - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe - SbPF.Launcher (SbPF.Launcher) .(.Sunbelt Software, Inc. - Sunbelt Personal Firewall SbPFLnch.) - LEGACY_SBPF.LAUNCHER
O64 - Services: CurCS - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe - Sunbelt Personal Firewall 4 (SPF4) .(.Sunbelt Software, Inc. - Sunbelt Firewall Service.) - LEGACY_SPF4
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\SSHDRV76.sys - SSHDRV76 (SSHDRV76) .(.Pas de propriétaire - ProtectCD Copyprotection Helper I/O Driver.) - LEGACY_SSHDRV76
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE
---\\ Observateur d'évènement d'application (OEA) (O66)
O66 - EventLog: ID=215 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Contacts
O66 - EventLog: ID=217 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Contacts
O66 - EventLog: ID=474 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Contacts
O66 - EventLog: ID=465 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows Live Contacts
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: C:\Documents And Settings\user\Application Data\Mozilla\Firefox\Profiles\\9jt04n16.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.cbid", "GL");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.default-channel-url-mask", "http://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.fresh-install", false);
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.l", "dis");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.last-config-req", "1274818951042");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.locale", "fr_FR");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.o", "10168");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.qsrc", "2871");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.r", "3");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.search-suggestions-enabled", true);
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.enabledItems", "toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,jqs@sun.com:1.0,{20a82645-c095-46ed-
---\\ Recherche d'infection Master Boot Record (O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by user at 25/05/2010 23:16:11
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
---\\ Infection BT - BHO/Toolbar (Possible)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.8.0.0) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (.Spigot, Inc. - Search Settings IE.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM]
O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM]
[HKCU\Software\Ask.com]
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.asktb.default-channel-url-mask", "http://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}");
O69 - SBI: prefs.js [user - 9jt04n16.default] user_pref("extensions.enabledItems", "toolbar@ask.com:3.6.2.119,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,jqs@sun.com:1.0,{20a82645-c095-46ed-
End of the scan (898 lines in 06mn 28s)