---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07.04.2011 - 05:01:54 - [3543481] ----D- C:\Program Files\7-Zip
O43 - CFD: 21.04.2011 - 14:38:30 - [48403156] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 02.02.2011 - 17:50:32 - [9918330] ----D- C:\Program Files\Audacity
O43 - CFD: 28.03.2010 - 03:12:22 - [146393] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 17.04.2011 - 00:00:00 - [10417696] ----D- C:\Program Files\CCleaner
O43 - CFD: 07.03.2011 - 20:29:30 - [12776726] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 23.09.2010 - 17:17:24 - [200850] ----D- C:\Program Files\checkeMOn
O43 - CFD: 02.08.2010 - 17:42:00 - [405998029] ----D- C:\Program Files\COMODO
O43 - CFD: 18.11.2009 - 12:14:56 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 11.07.2010 - 18:04:14 - [3742913] ----D- C:\Program Files\D-Link
O43 - CFD: 05.09.2010 - 13:39:26 - [374784] ----D- C:\Program Files\Dial-a-fix-v0.60.0.24
O43 - CFD: 08.06.2010 - 18:12:04 - [795104] ----D- C:\Program Files\DIFX
O43 - CFD: 21.09.2010 - 22:21:12 - [29927588] R---D- C:\Program Files\Driver & Software
O43 - CFD: 08.10.2010 - 14:51:04 - [3469614] ----D- C:\Program Files\DVD Decrypter
O43 - CFD: 17.07.2010 - 02:59:44 - [153246502] ----D- C:\Program Files\epson
O43 - CFD: 17.03.2011 - 22:13:00 - [38644365] ----D- C:\Program Files\eRightSoft
O43 - CFD: 22.04.2011 - 13:56:42 - [3585528] ----D- C:\Program Files\ESET
O43 - CFD: 27.03.2010 - 04:34:14 - [16693768] ----D- C:\Program Files\ffdshow
O43 - CFD: 19.04.2011 - 14:58:36 - [231923860] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 12.03.2011 - 22:43:42 - [381086] ----D- C:\Program Files\FileHippo.com
O43 - CFD: 17.03.2011 - 01:01:00 - [12138762] ----D- C:\Program Files\Foxit Software
O43 - CFD: 01.02.2010 - 05:25:04 - [3659051] ----D- C:\Program Files\Gadwin Systems
O43 - CFD: 27.09.2010 - 17:56:22 - [119943148] ----D- C:\Program Files\Google
O43 - CFD: 17.07.2010 - 03:06:08 - [24397584] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 19.11.2009 - 11:06:24 - [47903] ----D- C:\Program Files\Intel
O43 - CFD: 15.04.2011 - 03:10:52 - [4767336] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 01.03.2011 - 03:45:56 - [166933005] ----D- C:\Program Files\Java
O43 - CFD: 19.04.2011 - 00:27:52 - [4050664] ----D- C:\Program Files\JDownloader
O43 - CFD: 19.04.2011 - 00:25:20 - [4050664] ----D- C:\Program Files\JDownloader(2)
O43 - CFD: 19.04.2011 - 01:13:36 - [4050664] ----D- C:\Program Files\JDownloader(3)
O43 - CFD: 01.03.2011 - 03:56:54 - [4973037] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 19.11.2009 - 09:32:10 - [1721508] ----D- C:\Program Files\Microsoft
O43 - CFD: 23.07.2010 - 22:51:02 - [39848379] ----D- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 18.11.2009 - 12:19:04 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 23.07.2010 - 22:57:20 - [988536264] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 12.01.2011 - 20:29:54 - [749298347] ----D- C:\Program Files\Microsoft Office 2010
O43 - CFD: 21.04.2011 - 13:26:10 - [76251206] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 23.07.2010 - 22:57:14 - [3635637] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 19.11.2009 - 09:33:50 - [2304341] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 23.07.2010 - 22:59:26 - [326800] ----D- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 23.07.2010 - 22:55:06 - [1378033] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 23.07.2010 - 22:57:14 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 13.08.2010 - 02:53:36 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 26.01.2011 - 00:22:24 - [16393462] ----D- C:\Program Files\MP3Gain
O43 - CFD: 20.04.2011 - 14:20:30 - [0] ----D- C:\Program Files\Mpg2Cut2 (pas installé)
O43 - CFD: 23.07.2010 - 23:00:54 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 25.01.2010 - 10:44:04 - [869270] ----D- C:\Program Files\MSECACHE
O43 - CFD: 18.11.2009 - 12:13:56 - [0] ----D- C:\Program Files\MSN
O43 - CFD: 18.11.2009 - 12:14:30 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 30.11.2009 - 11:04:38 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 18.11.2009 - 14:28:26 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 23.11.2010 - 21:30:18 - [0] ----D- C:\Program Files\Online Services
O43 - CFD: 16.12.2010 - 03:49:42 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 17.03.2011 - 15:22:44 - [31080925] ----D- C:\Program Files\Paint.NET
O43 - CFD: 16.10.2010 - 19:57:10 - [0] ----D- C:\Program Files\ParetoLogic
O43 - CFD: 11.07.2010 - 15:58:42 - [9740904] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 01.02.2011 - 06:32:36 - [9004657] ----D- C:\Program Files\ratDVD
O43 - CFD: 18.11.2009 - 15:52:34 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 18.11.2009 - 12:16:54 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 25.12.2010 - 17:03:22 - [3070453] ----D- C:\Program Files\SlySoft
O43 - CFD: 28.12.2010 - 07:43:48 - [0] ----D- C:\Program Files\Smart Projects
O43 - CFD: 23.02.2011 - 16:01:22 - [50845480] ----D- C:\Program Files\The KMPlayer
O43 - CFD: 21.04.2011 - 00:00:18 - [1358039] ----D- C:\Program Files\Trend Micro
O43 - CFD: 18.11.2009 - 12:32:04 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 25.01.2010 - 18:20:20 - [16840211] ----D- C:\Program Files\VideoReDoPlus
O43 - CFD: 05.04.2011 - 00:45:10 - [1152415] ----D- C:\Program Files\VirtualDub-1.6.18
O43 - CFD: 25.01.2010 - 10:44:24 - [142742] ----D- C:\Program Files\Windows Installer Clean Up
O43 - CFD: 26.01.2010 - 20:42:48 - [7680] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 26.01.2010 - 20:47:46 - [3544382] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 18.11.2009 - 14:28:24 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 18.11.2009 - 12:16:58 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 18.11.2009 - 12:19:04 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 24.01.2010 - 07:41:14 - [1347584] ----D- C:\Program Files\XnView
O43 - CFD: 08.06.2010 - 17:54:20 - [24233] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 23.07.2010 - 22:59:22 - [99136] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 17.07.2010 - 03:04:00 - [5552347] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 01.03.2011 - 03:46:44 - [1247175] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 28.12.2010 - 07:31:22 - [2599] ----D- C:\Program Files\Fichiers Communs\Java(2)
O43 - CFD: 23.07.2010 - 23:01:14 - [212716646] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 18.11.2009 - 12:16:08 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 18.11.2009 - 12:21:06 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 18.11.2009 - 12:16:10 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 18.11.2009 - 12:21:02 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 23.07.2010 - 22:53:30 - [7849973] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 17.03.2011 - 02:47:12 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 26.01.2010 - 00:36:52 - [3300672] ----D- C:\Documents and Settings\user\Application Data\Adobe
O43 - CFD: 30.05.2010 - 20:41:26 - [2439] ----D- C:\Documents and Settings\user\Application Data\Audacity
O43 - CFD: 26.05.2010 - 22:31:00 - [29856] ----D- C:\Documents and Settings\user\Application Data\Canneverbe Limited
O43 - CFD: 16.10.2010 - 19:57:32 - [753] ----D- C:\Documents and Settings\user\Application Data\DriverCure
O43 - CFD: 15.08.2010 - 16:19:02 - [199] ----D- C:\Documents and Settings\user\Application Data\dvdcss
O43 - CFD: 24.03.2011 - 15:38:32 - [2172] ----D- C:\Documents and Settings\user\Application Data\EPSON
O43 - CFD: 17.03.2011 - 01:01:56 - [83] ----D- C:\Documents and Settings\user\Application Data\Foxit Software
O43 - CFD: 12.04.2010 - 18:13:04 - [0] ----D- C:\Documents and Settings\user\Application Data\Google
O43 - CFD: 11.02.2010 - 14:31:06 - [169] ----D- C:\Documents and Settings\user\Application Data\gtk-2.0
O43 - CFD: 18.11.2009 - 12:32:06 - [0] ----D- C:\Documents and Settings\user\Application Data\Identities
O43 - CFD: 14.04.2011 - 20:50:24 - [5900] ----D- C:\Documents and Settings\user\Application Data\InfraRecorder
O43 - CFD: 17.07.2010 - 02:16:24 - [0] ----D- C:\Documents and Settings\user\Application Data\InstallShield
O43 - CFD: 20.11.2009 - 14:41:34 - [4526] ----D- C:\Documents and Settings\user\Application Data\Macromedia
O43 - CFD: 04.04.2010 - 17:28:22 - [77209] ----D- C:\Documents and Settings\user\Application Data\Malwarebytes
O43 - CFD: 30.01.2010 - 20:40:50 - [0] ----D- C:\Documents and Settings\user\Application Data\Media Player Classic
O43 - CFD: 22.12.2010 - 00:31:14 - [19430495] -S--D- C:\Documents and Settings\user\Application Data\Microsoft
O43 - CFD: 21.04.2011 - 13:29:48 - [63] ----D- C:\Documents and Settings\user\Application Data\Mozilla
O43 - CFD: 08.06.2010 - 22:06:20 - [354] ----D- C:\Documents and Settings\user\Application Data\PC Suite
O43 - CFD: 20.11.2009 - 14:12:30 - [62486534] ----D- C:\Documents and Settings\user\Application Data\Sun
O43 - CFD: 03.02.2011 - 14:01:18 - [12669] ----D- C:\Documents and Settings\user\Application Data\VideoReDoPlus
O43 - CFD: 15.10.2010 - 03:03:40 - [635500] ----D- C:\Documents and Settings\user\Application Data\vlc
O43 - CFD: 19.04.2011 - 00:23:48 - [0] ----D- C:\Documents and Settings\user\Application Data\WinRAR
O43 - CFD: 24.01.2010 - 06:02:06 - [47023] ----D- C:\Documents and Settings\user\Application Data\XnView
O43 - CFD: 30.05.2010 - 21:12:40 - [192110] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Adobe
O43 - CFD: 05.10.2010 - 13:34:24 - [3458] ----D- C:\Documents and Settings\user\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 09.08.2010 - 13:34:38 - [12] ----D- C:\Documents and Settings\user\Local Settings\Application Data\COMODO
O43 - CFD: 24.01.2010 - 07:52:56 - [0] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Deployment
O43 - CFD: 12.04.2010 - 18:13:04 - [677658826] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Google
O43 - CFD: 20.11.2009 - 12:51:22 - [532896] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Identities
O43 - CFD: 20.01.2011 - 22:56:44 - [26598589] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft
O43 - CFD: 23.07.2010 - 22:50:24 - [0] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft Help
O43 - CFD: 20.11.2009 - 09:28:30 - [0] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Mozilla
O43 - CFD: 17.04.2011 - 22:45:12 - [0] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Paint.NET
O43 - CFD: 01.02.2011 - 06:32:42 - [1867] ----D- C:\Documents and Settings\user\Local Settings\Application Data\ratDVD
O43 - CFD: 19.04.2011 - 01:17:20 - [11030000] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Temp
O43 - CFD: 09.10.2010 - 23:26:20 - [3023977] ----D- C:\Documents and Settings\user\Local Settings\Application Data\Thunderbird
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.50EF1200F915817C00FCFD7F24F01200] - 22.04.2011 - 18:09:55 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [197044]
O44 - LFC:[MD5.C0E52FA4243D3FD8B2F3CDD4F6CB80B4] - 22.04.2011 - 12:56:47 ---A- . (...) -- C:\WINDOWS\setupapi.log [681]
O44 - LFC:[MD5.254FFD9FE6CACC8E9D9EC8547973C924] - 22.04.2011 - 12:17:40 ---A- . (...) -- C:\WINDOWS\system.ini [246]
O44 - LFC:[MD5.F23AA3AFB7B5F2E7D159E833A452C05A] - 22.04.2011 - 12:17:40 ---A- . (...) -- C:\WINDOWS\win.ini [582]
O44 - LFC:[MD5.743DBCFEC2C8875309B95FC24B106B65] - 22.04.2011 - 12:13:45 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [12598]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22.04.2011 - 12:11:33 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.50EF1200F915817C00FCFD7F24F01200] - 22.04.2011 - 12:11:22 ---A- . (...) -- C:\WINDOWS\wiadebug.log [236]
O44 - LFC:[MD5.50EF1200F915817C00FCFD7F24F01200] - 22.04.2011 - 12:11:19 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 22.04.2011 - 12:10:17 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.ADB6B4400F4564F64307FBED605880BA] - 21.04.2011 - 13:40:21 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [3240]
O44 - LFC:[MD5.7AC0961DDB6D63B3DE925814DE617AB2] - 21.04.2011 - 00:06:58 ---A- . (...) -- C:\UsbFix_Upload_Me_USER-7A.zip [159298152]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 19.04.2011 - 11:46:08 ---A- . (...) -- C:\WINDOWS\System32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 19.04.2011 - 11:46:08 ---A- . (...) -- C:\WINDOWS\System32\nscompat.tlb [23392]
O44 - LFC:[MD5.876F6A174D83BDD45E6131C0FA183908] - 18.04.2011 - 18:39:18 ---A- . (...) -- C:\WINDOWS\System32\AUTOEXEC.NT [2009]
O44 - LFC:[MD5.63BE981A773643C010909071463FBF47] - 15.04.2011 - 09:19:44 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [294072]
O44 - LFC:[MD5.16BD010EC454ACBD6F2BB33D291B1C99] - 15.04.2011 - 02:03:32 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1085622]
O44 - LFC:[MD5.6EA01C702A8188A2AEC952CBA68D3AED] - 15.04.2011 - 02:03:32 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [72218]
O44 - LFC:[MD5.F16CBD40A8F7EB7BF50A84BB7E3BD0A4] - 15.04.2011 - 02:03:32 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [85752]
O44 - LFC:[MD5.28F075C2F7570ED66C5926EC7F9F4D8D] - 15.04.2011 - 02:03:32 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [444342]
O44 - LFC:[MD5.599A108F9CD810EEFF31E25DF7B645B6] - 15.04.2011 - 02:03:32 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [513412]
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.I420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\WINDOWS\System32\i420vfw.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll
O52 - TDSD: \Drivers32\"vidc.MP42"="MPG4C32.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"i420vfw.dll"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\WINDOWS\System32\i420vfw.dll
O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \drivers.desc\"yv12vfw.dll"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX7400 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.exe
O53 - SMSR:HKLM\...\startupreg\FileHippo.com [Key] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\igfxpers [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\OfficeSyncProcess [Key] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.E696E749BEDCDA8B23757B8B5EA93780] - 29.10.2006 - 16:13:38 R--A- . (.Andrea Electronics Corporation - Andrea Audio Noise Cancellation Driver.) -- C:\WINDOWS\system32\drivers\aeaudio.sys [100224]
O58 - SDL:[MD5.3A3A82FFD268BCFB7AE6A48CECF00AD9] - 29.10.2006 - 16:16:24 R--A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver..) -- C:\WINDOWS\system32\drivers\b57xp32.sys [156160]
O58 - SDL:[MD5.3292260A6AE8F328C7EF698B6EBD56E2] - 15.11.2002 - 11:15:08 ---A- . (.Broadcom Corporation - USB Driver for Bluetooth Adapter.) -- C:\WINDOWS\system32\drivers\bcbthub.sys [148794]
O58 - SDL:[MD5.F44473733DFB74273629B35FFD35C52C] - 30.11.2004 - 13:14:28 ---A- . (.Broadcom Corporation - Bluetooth Audio Device.) -- C:\WINDOWS\system32\drivers\btaudio.sys [17024]
O58 - SDL:[MD5.9EC319F60CDAC83B8E35A5E4D7F8BBFC] - 30.11.2004 - 13:12:14 ---A- . (.Broadcom Corporation - Bluetooth Protocol Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btkrnl.sys [1241818]
O58 - SDL:[MD5.EE94A5AE84B6118C62F9C4A7324F9FE3] - 30.11.2004 - 13:10:14 ---A- . (.Broadcom Corporation - Bluetooth BTPORT Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btport.sys [30299]
O58 - SDL:[MD5.372355AACC82FC375C8F5B8F1CA2A2D6] - 30.11.2004 - 13:13:28 ---A- . (.Broadcom Corporation - Bluetooth Serial Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btserial.sys [23271]
O58 - SDL:[MD5.02A62B03C80F1FA2D56E4FCA7654C850] - 30.11.2004 - 13:13:24 ---A- . (.Broadcom Corporation - Bluetooth Serial Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btslbcsp.sys [222876]
O58 - SDL:[MD5.078364ADACFFA3B182B8A83E53E1B664] - 30.11.2004 - 13:13:16 ---A- . (.Broadcom Corporation - Bluetooth LAN Access Server Driver.) -- C:\WINDOWS\system32\drivers\btwdndis.sys [148040]
O58 - SDL:[MD5.8D9CA290F72936C72E6AC6BE084640B4] - 30.11.2004 - 13:10:52 ---A- . (.Broadcom Corporation - Bluetooth Virtual HID Minidriver.) -- C:\WINDOWS\system32\drivers\btwhid.sys [44163]
O58 - SDL:[MD5.71E6901A1C17CA0BC1E286964F2BD31B] - 30.11.2004 - 13:09:50 ---A- . (.Broadcom Corporation - Driver for Bluetooth USB Devices.) -- C:\WINDOWS\system32\drivers\btwusb.sys [55288]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 02.03.2006 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.61B20CA85950870FA23587B26F3E4D7D] - 23.01.2011 - 15:37:20 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\WINDOWS\system32\drivers\cmderd.sys [15592]
O58 - SDL:[MD5.DD530EE7D9EFBB0EC42AEBE7226B8A93] - 23.01.2011 - 15:37:20 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\WINDOWS\system32\drivers\cmdGuard.sys [239368]
O58 - SDL:[MD5.07CBBE993ED08A52DAFAC1E6CF27B6A5] - 23.01.2011 - 15:37:20 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\WINDOWS\system32\drivers\cmdhlp.sys [27576]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 02.03.2006 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.2058F9B35E9BC0ADA5C9709263602A30] - 30.11.2004 - 13:09:56 ---A- . (.Broadcom Corporation - Flash Upgrade Driver for Bluetooth USB Device.) -- C:\WINDOWS\system32\drivers\frmupgr.sys [17516]
O58 - SDL:[MD5.9A883C3C4D91292C0D09DE7C728E781C] - 20.09.2005 - 10:00:54 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys [1302332]
O58 - SDL:[MD5.8154A2C13B72B08DB11157673C60C3EB] - 23.01.2011 - 15:37:21 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\WINDOWS\system32\drivers\inspect.sys [94784]
O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20.12.2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20.12.2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 02.03.2006 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 17.09.2007 - 14:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [21632]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 02.03.2006 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 02.03.2006 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 02.03.2006 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13.04.2008 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.F1771926A47A18BD3A3EDAC334FC78E0] - 29.10.2006 - 16:12:54 R--A- . (.Analog Devices, Inc. - SoundMAX Stub Driver.) -- C:\WINDOWS\system32\drivers\smsens.sys [3744]
O58 - SDL:[MD5.FA3368A7039F5ABAA4B933703AC34763] - 29.10.2006 - 16:13:38 R--A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\drivers\smwdm.sys [578304]
O58 - SDL:[MD5.D6870895FE46A464A19141440EB6CC1E] - 03.07.2007 - 15:54:24 ---A- . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80552]
O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 03.07.2007 - 15:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [9256]
O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 03.07.2007 - 15:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [9256]
O58 - SDL:[MD5.0FE167362E4689B716CDC8D93ADEDDA8] - 03.07.2007 - 15:57:24 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [11944]
O58 - SDL:[MD5.55A15707E32B6709242AD127E62CA55A] - 03.07.2007 - 15:58:20 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [106792]
O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 03.07.2007 - 16:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [9256]
O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 03.07.2007 - 16:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [9256]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12.11.2009 - 13:48:56 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 02.03.2006 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 02.03.2006 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 15.07.2009 - 08:08:24 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 02.03.2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\System32\drivers\btkrnl.sys - Bluetooth Protocol Stack (BTKRNL) .(.Broadcom Corporation - Bluetooth Protocol Driver for Windows 2000.) - LEGACY_BTKRNL
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\btserial.sys - Bluetooth Serial Driver (BTSERIAL) .(.Broadcom Corporation - Bluetooth Serial Driver for Windows 2000.) - LEGACY_BTSERIAL
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\btslbcsp.sys - Bluetooth Port Client Driver (BTSLBCSP) .(.Broadcom Corporation - Bluetooth Serial Driver for Windows 2000.) - LEGACY_BTSLBCSP
O64 - Services: CurCS - C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe - Bluetooth Service (btwdins) .(.Broadcom Corporation - Bluetooth Support Server.) - LEGACY_BTWDINS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS
O64 - Services: CurCS - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe - No object (cmdAgent) .(.COMODO - COMODO Internet Security.) - LEGACY_CMDAGENT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cmderd.sys - COMODO Internet Security Eradication Driver (cmderd) .(.COMODO - COMODO Internet Security Eradication Driver.) - LEGACY_CMDERD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cmdguard.sys - No object (cmdGuard) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cmdhlp.sys - No object (cmdHlp) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP
O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP
O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN
O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.exe - EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) .(.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - LEGACY_EPSON_PM_RPCV4_01
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS
O64 - Services: CurCS - (.not file.) - Service Windows Live Contrôle parental (fsssvc) .(...) - LEGACY_FSSSVC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Google Update Service (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Updater Service (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\inspect.sys - No object (Inspect) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT
O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD
O64 - Services: CurCS - (.not file.) - kwrdapob (kwrdapob) .(...) - LEGACY_KWRDAPOB
O64 - Services: CurCS - (.not file.) - LightScribeService Direct Disc Labeling Service (LightScribeService) .(...) - LEGACY_LIGHTSCRIBESERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - (.not file.) - (.not file.) - NMIndexingService (NMIndexingService) .(...) - LEGACY_NMINDEXINGSERVICE
O64 - Services: CurCS - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccess (NMSAccess) .(...) - LEGACY_NMSACCESS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM
O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP
O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS
O64 - Services: CurCS - (.not file.) - SASDIFSV (SASDIFSV) .(...) - LEGACY_SASDIFSV
O64 - Services: CurCS - (.not file.) - SASKUTIL (SASKUTIL) .(...) - LEGACY_SASKUTIL
O64 - Services: CurCS - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer (ServiceLayer) .(.Nokia. - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) -
http://search.live.comO69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) -
http://search.live.comO69 - SBI: SearchScopes [HKCU] {2851D2CC-501B-4A03-9EAB-4DBEF6FA3276} [DefaultScope] - (Google) -
http://www.google.comO69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7102} - (Web Search) -
http://www.google.com---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.D59F24B86431EEB25281BCE7817783F1] [SPRF] (.Pas de propriétaire - Audacity Setup.) -- C:\Program Files\audacity-win-1.2.6.exe [2228534]
[MD5.35D6257848D60EE889D59BD625CBBC4F] [SPRF] (.BluetoothInstaller.com - Bluetooth Driver Installer.) -- C:\Program Files\BluetoothDriverInstaller.exe [1835008]
[MD5.3247F5ED640E356FA50421585C7D5B56] [SPRF] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files\ccsetup228.exe [3370400]
[MD5.D8FD5050713A394BBD89A3427460B6D8] [SPRF] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files\ccsetup230.exe [3376656]
[MD5.9BDD7480F6762A22805AE93919AA226C] [SPRF] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files\ccsetup233.exe [3396176]
[MD5.2664ED7002A71A813A166E0E2B9AF402] [SPRF] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files\ccsetup236.exe [1187896]
[MD5.E818D8C55F72AA5A3B12A21E32ADE82B] [SPRF] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files\ccsetup300.exe [2811584]
[MD5.8A545A5402FDD7FF0726C27A802F5A49] [SPRF] (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\cdbxp_setup_4.3.2.2140.exe [6586329]
[MD5.25002594AF29F2496835BD9E2372F028] [SPRF] (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\cdbxp_setup_4.3.7.2316.exe [4849286]
[MD5.6319EE0D4F06C0615E5EB2B7EA9E2ED3] [SPRF] (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\cdbxp_setup_4.3.7.2356.exe [4849809]
[MD5.DC58793767BA5AD31C7BAD4CB9EB3B66] [SPRF] (.COMODO - COMODO Installer.) -- C:\Program Files\cispremium_installer_x86.exe [58570184]
[MD5.DEA0689A7BED9ADA64CD279448A03979] [SPRF] (.www.trad-fr.com - DVD Decrypter - Le Rippeur DVD Ultime!.) -- C:\Program Files\DVDDecrypter_3.5.4.0_Fr.exe [1708137]
[MD5.DF6791B8660205E28D40B534461B009C] [SPRF] (.ffdshow - ffdshow Setup.) -- C:\Program Files\ffdshow_rev3299_20100303_xxl.exe [4328446]
[MD5.8EF7ADCFD01707558A47EE4856786260] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\FHSetup.exe [252991]
[MD5.4509E0D2793D8A47E6962D1E1628B2DE] [SPRF] (.Mozilla - Firefox.) -- C:\Program Files\Firefox Setup 3.6.12.exe [8627256]
[MD5.CA80A14C7189920E689C764D0615B2E4] [SPRF] (.Foxit Corporation - Foxit Reader Install Wizard.) -- C:\Program Files\FoxitReader43_enu_Setup.exe [7853560]
[MD5.C526B9ED6BE7F5E2EDE908181C749456] [SPRF] (.Microsoft Corporation - Security Update.) -- C:\Program Files\IE8-WindowsXP-KB978207-x86-FRA.exe [9717624]
[MD5.97D8A2F0ABF1E3FC8BB4F6A36C6371B6] [SPRF] (.Adobe Systems Incorporated - Adobe® Flash® Player Plugin Installer.) -- C:\Program Files\install_flash_player.exe [1924200]
[MD5.0B2867E614B0BDF7E76454230B55D33C] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\jre-6u22-windows-i586.exe [16074528]
[MD5.075D4221B84265690A41574E6AB647C8] [SPRF] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\mbam-setup.exe [5918776]
[MD5.A285D4D8D165E2D27328C7F76F13B291] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\mp3gain-win-full-1_2_5.exe [1978007]
[MD5.D5F4AB6063B3B3795B1C0F0CF30C7DFB] [SPRF] (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\msicuu2[WindowsInstallerCleanUp].exe [359656]
[MD5.B71080B1075E3ED32D8D654F306313B4] [SPRF] (.Pas de propriétaire - Installs Paint.NET..) -- C:\Program Files\Paint.NET.3.5.2.Install.exe [5046640]
[MD5.51C0F8E0536E6E6F1A63A1811F6ADF4A] [SPRF] (.Pas de propriétaire - Installs Paint.NET..) -- C:\Program Files\Paint.NET.3.5.8.Install.exe [3717344]
[MD5.F1105FC210EEAEE32CF466CA1D32BB23] [SPRF] (.Google Inc. - Picasa.) -- C:\Program Files\picasa3-setup.exe [9496056]
[MD5.88B3B9E7BE7A75AB195DD2C2E8D735BA] [SPRF] (.Google Inc. - Picasa.) -- C:\Program Files\picasa38-setup.exe [14271992]
[MD5.CC5BE18E29E599996CDBC6B2028C2903] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PrintScreen44_Setup.exe [2893583]
[MD5.401FC1EA831D384F8B6027B86A45F86A] [SPRF] (.ratDVD - ratDVD Setup.) -- C:\Program Files\ratdvd_ratdvd_0.78.1444_anglais_14682.exe [4730740]
[MD5.4BE3A5406DB8259F694828B0B384CA77] [SPRF] (.Pas de propriétaire - Real Alternative Setup.) -- C:\Program Files\Real_Alternative_202_Lite.exe [5446282]
[MD5.9A93F0C1B28FD62810BBC3DC5CA4C2CC] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Setup.exe [1401213]
[MD5.A6E9D7E4D2D3D7E923129A8F840F6024] [SPRF] (.eRightSoft - SUPER © v2011.build.47 (March 12, 2011) Setup.) -- C:\Program Files\super_super_v2011_build_47_anglais_19891.exe [23004209]
[MD5.F612B1938DB9F8881A538D5D38A54B1A] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ToolsCleaner2.exe [455680]
[MD5.2B8B69983B75C0384022E2B73D59B4E9] [SPRF] (.DRD Systems, Inc. - VideoReDo-Plus Setup.) -- C:\Program Files\VideoReDoPlus-2-5-6-512b4.exe [11414720]
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 30.11.2004 163840 | (btwdins) . (.Broadcom Corporation.) - C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe
SR - | Auto 23.01.2011 1803224 | C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SS - | Demand 14.04.2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SR - | Auto 11.01.2007 113664 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.exe
SS - | Auto 18.03.2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11.06.2010 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Disabled 01.03.2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SS - | Demand 01.03.2011 0 | (MEMSWEEP2) . (...) - C:\WINDOWS\system32\60.tmp
SR - | Auto 04.03.2010 71096 | (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SS - | Demand 07.04.2008 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer,
http://www.gmer.netRun by user at 22.04.2011 19:34:27
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x86751AB8]
3 CLASSPNP[0xF74EAFD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\00000063[0x867DAF18]
5 ACPI[0xF7460620] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IdeDeviceP0T0L0-4[0x8677CD98]
kernel: MBR read successfully
user & kernel MBR OK
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13,
http://ad13.geekstogRun by user at 22.04.2011 19:34:29
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
End of the scan (989 lines in 03mn 02s)(0)
Désolé, je ne peux pas le transmettre par Ci-joint, IE ne fonctionne pas.
blueway