Web Browser - Forums CNET France

Transcription

Rapport de ZHPDiag v1.27.1622 par Nicolas Coolman, Update du 23/02/2011
Run by user at 25/02/2011 17:20:30
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : [email protected]
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19019
MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)
GCIE: Google Chrome
---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 42 GB (36%) free of 116 GB
---\\ Logged in mode
Computer Name: PC-DE-USER
User Name: user
All Users Names: user, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\user\AppData\Roaming
%LocalAppData%=C:\Users\user\AppData\Local
%StartMenu%=C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 42 Go of 116 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 89 Go of 115 Go)
E:\ CD-ROM drive (Not Inserted)
H:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008
03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.74BCC23D622F32DA0450D164735ACAB1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/12/2010
07:27:04.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.)
(.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -C:\Windows\System32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009
07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]
---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program
Files\Windows Defender\MSASCui.exe [1008184]
[MD5.1FE2E92576ED4BC83FFA4FDB2831C3B2] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
[141848]
[MD5.A13F4ABCD303F04A805155F6049D1CB2] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
[154136]
[MD5.4F535C9ECC352167B2F5B26D38A247BD] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
[129560]
[MD5.99C1D6B7C36C891EC099AA8D120185C4] - (.Realtek Semiconductor - HD Audio Control Panel.) -C:\Windows\RtHDVCpl.exe [4911104]
[MD5.98888488D0E6DB0256E5E661BCD35EB6] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe [1029416]
[MD5.DBC3E8226BE6FE67FAE94025C80FE907] - (.TOSHIBA CORPORATION - ConfigFree(TM) Task tray menu.) -- C:\Program
Files\Toshiba\ConfigFree\NDSTray.exe [1056768]
[MD5.E1FAAF7915BC07352CCF1DFF37058414] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program
Files\Toshiba\Toshiba Online Product Information\TOPI.exe [581632]
[MD5.137962BA4B4B60A0E5F12D6C9DFA4C2F] - (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for
Toshiba\traybar.exe [413696]
[MD5.B0674AE101707D21F9E30484D6465704] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program
Files\Toshiba\Power Saver\TPwrMain.exe [431456]
[MD5.DF14865FD7961D9D4FA5A2A3C2F33560] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe
[252440]
[MD5.CFA543A46B0E67E3ED65FA01026F8689] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program
Files\Toshiba\SmoothView\SmoothView.exe [509816]
[MD5.E9E5692F51D6032A1105C7BE27FC0BAE] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program
Files\Toshiba\FlashCards\TCrdMain.exe [712704]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir
Desktop\avgnt.exe [281768]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program
Files\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.E5B82EA4B98828D50C61137BFA8793F1] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
[421160]
[MD5.137149B37E9C9DBDE30E4C40867252E4] - (.Pas de propriétaire - fr.) -- C:\Program
Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [430080]
[MD5.ABBABB9718848FD74C2D156BDFEDBCD5] - (.Agere Systems - LtMoh MFC Application.) -- C:\Program
Files\ltmoh\ltmoh.exe [191552]
[MD5.DD84FD291B2C324B8E6D6EF6B8643A69] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Camera
Assistant Software for Toshiba\CEC_MAIN.exe [4624384]
[MD5.435F79D364B796A4EA0B5CAF24CA78BD] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools
Lite\DTLite.exe [369200]
[MD5.61CFEDAF9C527A1463F34F71240F9BB5] - (.Skype Technologies S.A. - Skype.) -- C:\Program
Files\Skype\Phone\Skype.exe [15026056]
[MD5.76DAC52F7A6D3AD3C8307D012ACF46CE] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org
3\program\soffice.exe [7424000]
[MD5.EEBF2F715C02C8A6CE6DBE844DD1B4E3] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org
3\program\soffice.bin [7418368]
[MD5.09CFCEB5072C9FA0BFE0A551F6D5CE07] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program
Files\Synaptics\SynTP\SynTPHelper.exe [95528]
[MD5.F064D3DA9BCEC02D9782D39446603DCA] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager.) -- C:\Program
Files\Toshiba\ConfigFree\CFSwMgr.exe [405504]
[MD5.2CE8F1C52F490875592166316C512B6F] - (.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin
Manager\skypePM.exe [80256]
[MD5.A852BEC60713B0465DFB0E899FDADBC8] - (.Lavasoft Limited - Ad-Aware Tray Application.) -- C:\Program
Files\Lavasoft\Ad-Aware\AAWTray.exe [939848]
[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
[912344]
[MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla
Firefox\plugin-container.exe [16856]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe
[69120]
[MD5.0477C2F9171599CA5BC3307FDFBA8D89] - (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program
Files\Spybot - Search & Destroy\SpybotSD.exe [5365592]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot Search & Destroy\TeaTimer.exe [2260480]
[MD5.4CEC4B72C5B255EC2F7C54CD03554540] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program
Files\Malwarebytes' Anti-Malware\mbam.exe [963976]
[MD5.C799301BE48A4C969ED6202A4278DD40] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program
Files\ZHPDiag\ZHPDiag.exe [631808]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions
(P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ckgssepm.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ckgssepm.default\searchplugins\fissa.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\fcmdSrchost.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [user] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program
Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla
Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.2".) -- C:\Program
Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16249.) -- C:\Program Files\Mozilla
Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla
Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- C:\Program Files\Microsoft
Silverlight\4.0.60129.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program
Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in
for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a
href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program
Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
M0 - MFSP: prefs.js [user - ckgssepm.default] http://de.msn.com/?rd=1
M2 - MFEP: prefs.js [user - ckgssepm.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET
Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [user - ckgssepm.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar
v2.1.1.20091029021655 (.Yahoo!.)
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing
(R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
http://de.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\Software\Microsoft\Internet Explorer\Main,Search Page =
http://home.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} Clé orpheline
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry)
(F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF
Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE
Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet
Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft®
Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.)
-- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM)
Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows
Defender\MSASCui.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product
Information\topi.exe
O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for
Toshiba\traybar.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power
Saver\TPwrMain.exe
O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program
Files\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program
Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program
Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common
Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - Gestionnaire pour appareils Windows
Mobile.) -- C:\Windows\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program
Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program
Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.exe
O4 - HKCU\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows
Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search
& Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\..\Run: [TOSCDSPD] TOSCDSPD.exe
O4 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live
Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools
Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1008204058-2155011868-3498949083-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System
settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux
MSN.lnk . (...) -- C:\Users\user\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (.not file.)
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk . (...)
-- C:\Program Files\OpenOffice.org 3\program\quickstart.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft
Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft
Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk .
(.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\user\Desktop\poubelle - Copie.lnk - Clé orpheline
O4 - Global Startup: C:\Users\user\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot
- Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -C:\Windows\Installer\{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}\SafariIco.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer
Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla
Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk .
(.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk .
(.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer
(O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {76577871-04EC-495E-A12B91F7C3600AFA} . (.Pas de propriétaire - Pas de description.) -- C:\Toshiba\Webshops\ebay.ico
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {8A918C1D-E123-4E36-B562-5C1519E434CE} . (.Pas de propriétaire - Pas de description.) -C:\Toshiba\Webshops\amazon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.Pas de propriétaire
- Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft
Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program
Files\Bonjour\mdnsNSP.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{964B5F78-4539-4B8A-8AD7-93BA0BEFDA72}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F008EB6F-698E-4C69-AA48-584E08D82147}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{964B5F78-4539-4B8A-8AD7-93BA0BEFDA72}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F008EB6F-698E-4C69-AA48-584E08D82147}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{964B5F78-4539-4B8A-8AD7-93BA0BEFDA72}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F008EB6F-698E-4C69-AA48-584E08D82147}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for
IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun)
(O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL)
(O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft
Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) C:\Windows\system32\agrsmsvc.exe
O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir
Desktop\avguard.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (ConfigFree Service) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program
Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: (FLEXlm server for PTC) . (.Macrovision Corporation - Pas de description.) - C:\Program
Files\flexnet\i486_nt\obj\lmgrd.exe
O23 - Service: (gupdate1c9c37c3694ef08) . (.Google Inc. - Programme d'installation de Google.) - C:\Program
Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\AdAware\AAWService.exe
O23 - Service: (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot Search & Destroy\SDWinSec.exe
O23 - Service: (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\Toshiba\TOSHIBA DVD
PLAYER\TNaviSrv.exe
O23 - Service: (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\Toshiba\Power
Saver\TosCoSrv.exe
O23 - Service: (TOSHIBA Bluetooth Service) - Clé orpheline
O23 - Service: (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - C:\Program
Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead
Systems\DVD\ULCDRSvr.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WLIDSVC.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft
Office\Office12\WINWORD.exe
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{D5D233B5-C3E8-4EAB-B75C6D7EDDBD3BFD}.job
[MD5.FD3ECBA78A7A5C77ABB0ED475425E571] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program
Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
[MD5.5467F1FF0AF264566740F67E8B810735] [APT] [Google Software Updater] (.Google.) -- C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program
[MD5.61CFEDAF9C527A1463F34F71240F9BB5] [APT] [{E97FAD48-E0CB-49F9-B632-646D26B3B22D}] (.Skype Technologies
S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software
Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) C:\Windows\System32\DRIVERS\wanarp.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for
the 2007 Microsoft Office suites
O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware
O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] -- {CEBB6BFB-D708-4F99-A633BC2600E01EF6}
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95A39968DD7960}
O42 - Logiciel: Codeur Windows Media Série 9 - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
O42 - Logiciel: Codeur Windows Media Série 9 - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA44DB8BEEDE485}
O42 - Logiciel: Desktop SMS - (.IDM.) [HKLM] -- {5980B928-1C95-4B3E-957B-B02D8147FF9E}
O42 - Logiciel: Enregistrement utilisateur de Canon MP550 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de
Canon MP550 series
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-012436CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-012436CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B1DD5AA-FF34-4D6E-A912-CB46BB7378DC}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D39F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client
Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A2140B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A829DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-00000000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-00000000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-00000000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-00000000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-00000000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-00000000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-00000000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-00000000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-00000000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-00000000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935FFE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -{770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f21818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C039D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET
Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft
.NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: Octoshape add-in for Adobe Flash Player - (.Pas de propriétaire.) [HKCU] -- Octoshape add-in for Adobe Flash
Player
O42 - Logiciel: OpenOffice.org 3.0 - (.OpenOffice.org.) [HKLM] -- {6860B340-530D-46B3-91F8-1AE1F70F7C33}
O42 - Logiciel: PDF-Tools - (.Tracker Software.) [HKLM] -- PDF-Tools_is1
O42 - Logiciel: PTC License Server Release Wildfire 4.0 Datecode M100 - (.PTC.) [HKLM] -- PTC License Server Release Wildfire
4.0 Datecode M100
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-981347A3-948C-8A155460CC2A}
O42 - Logiciel: Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -{8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C958108FE7DBC}
O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-00000000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {90120000-0011-00000000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-00000000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-00000000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Windows Media Encoder (KB2447961) - (.Microsoft Corporation.) [HKLM] -- KB2447961
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype™ 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68FE5A88D31DE6}_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {78C6A78A-8B03-48C8-A47C-78BA1FCA2307}
O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}
O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-460084B2-441CEB12FADF}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C730E42C-935A-45BB-A0C537E5234D111B}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- {C730E42C-935A-45BB-A0C5-37E5234D111B}
O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3}
O42 - Logiciel: TOSHIBA Recovery Disc Creator - (.TOSHIBA.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA SD Memory Utilities - (.TOSHIBA.) [HKLM] -- {EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
O42 - Logiciel: TOSHIBA Software Modem - (.Agere Systems.) [HKLM] -- TOSHIBA Software Modem
O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58B527406B42C8}
O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-012436CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2492475) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-00000000000FF1CE}_PROPLUS_{AB9C3240-8F97-4998-8911-3D40044124FC}
O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B24354ECE3E10066}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A73914FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {881F5DE8-9367-4B81-A325-E91BBC6472F9}
O42 - Logiciel: myphotobook 3.5 - (.myphotobook.) [HKLM] -- myphotobook
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\CDDB]
[HKCU\Software\CEC_CM_SW]
[HKCU\Software\CTPW Data]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\FissaSearch]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IDM]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavasoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Lucent]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaChance]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nektra]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PTC]
[HKCU\Software\Piriform]
[HKCU\Software\PlotSoft]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SecuROM]
[HKCU\Software\Shared Components]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Tracker Software]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\keyhole.com]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\CUSTPDF Writer]
[HKLM\Software\Canon]
[HKLM\Software\Chicony Electronics Co.,Ltd.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DT Soft]
[HKLM\Software\DivXNetworks]
[HKLM\Software\FLEXlm License Manager]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Gradient]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IBM]
[HKLM\Software\IDM]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lavasoft]
[HKLM\Software\Licenses]
[HKLM\Software\Lucent]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\ODBC]
[HKLM\Software\OfferBox]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PTC]
[HKLM\Software\Policies]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Synaptics]
[HKLM\Software\Sys Modules]
[HKLM\Software\Toshiba]
[HKLM\Software\Tracker Software]
[HKLM\Software\Ulead Systems]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\mozilla.org]
[HKLM\Software\mypdfconverter]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData
(O43)
O43 - CFD: 09/08/2009 - 20:41:42 - [0] ----D- C:\Program Files\7-Zip
O43 - CFD: 29/04/2008 - 15:15:14 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 12/02/2011 - 10:39:28 - [162801072] ----D- C:\Program Files\Adobe
O43 - CFD: 09/06/2009 - 22:10:20 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 02/09/2009 - 17:28:44 - [170395661] ----D- C:\Program Files\Avira
O43 - CFD: 05/10/2010 - 09:19:44 - [599990] ----D- C:\Program Files\Bonjour
O43 - CFD: 26/12/2008 - 13:36:06 - [65057094] ----D- C:\Program Files\Camera Assistant Software for Toshiba
O43 - CFD: 16/02/2011 - 20:59:52 - [22239475] ----D- C:\Program Files\Canon
O43 - CFD: 22/04/2009 - 19:26:30 - [2408386] ----D- C:\Program Files\CCleaner
O43 - CFD: 04/02/2011 - 19:20:54 - [916047889] ----D- C:\Program Files\Common Files
O43 - CFD: 24/12/2009 - 17:37:22 - [10382532] ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 16/02/2011 - 20:17:26 - [0] ----D- C:\Program Files\Dassault Systemes
O43 - CFD: 14/06/2009 - 11:36:22 - [0] ----D- C:\Program Files\directx
O43 - CFD: 24/04/2009 - 09:25:06 - [1218138] ----D- C:\Program Files\DivX
O43 - CFD: 26/12/2008 - 13:42:08 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 13/06/2010 - 11:13:26 - [1387488] ----D- C:\Program Files\Filehunter
O43 - CFD: 18/12/2009 - 13:29:42 - [99130436] ----D- C:\Program Files\flexnet
O43 - CFD: 16/02/2011 - 20:29:38 - [7829136] ----D- C:\Program Files\Google
O43 - CFD: 13/06/2010 - 11:19:12 - [81920] ----D- C:\Program Files\gs
O43 - CFD: 16/04/2008 - 13:11:56 - [14402650] ----D- C:\Program Files\IDM
O43 - CFD: 12/12/2009 - 20:51:26 - [129823405] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 26/12/2008 - 13:35:50 - [38935307] ----D- C:\Program Files\Intel
O43 - CFD: 12/02/2011 - 10:32:16 - [5800346] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 16/04/2008 - 13:01:16 - [23151528] ----D- C:\Program Files\InterVideo
O43 - CFD: 21/12/2010 - 23:58:36 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 22/12/2010 - 00:00:16 - [128525040] ----D- C:\Program Files\iTunes
O43 - CFD: 03/04/2010 - 11:42:46 - [245529069] ----D- C:\Program Files\Java
O43 - CFD: 21/03/2009 - 11:43:22 - [15984024] ----D- C:\Program Files\JRE
O43 - CFD: 23/02/2011 - 21:26:52 - [93413271] ----D- C:\Program Files\Lavasoft
O43 - CFD: 01/10/2009 - 19:15:06 - [49656370] ----D- C:\Program Files\LimeWire
O43 - CFD: 26/12/2008 - 13:50:58 - [378121] ----D- C:\Program Files\ltmoh
O43 - CFD: 25/02/2011 - 17:01:58 - [4931894] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 14/06/2009 - 11:30:14 - [834381555] ----D- C:\Program Files\Micro Application
O43 - CFD: 05/10/2009 - 21:59:24 - [2664525] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 13:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 05/01/2010 - 21:28:50 - [588166157] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 23/02/2011 - 19:07:34 - [38371963] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 05/10/2009 - 22:00:18 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 05/01/2010 - 21:28:46 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 05/01/2010 - 21:25:02 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 17/12/2010 - 03:06:04 - [145421942] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 26/06/2010 - 02:01:20 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 24/08/2010 - 23:46:06 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 11/02/2011 - 19:50:54 - [143360] ----D- C:\Program Files\Movie Subtitles Searcher
O43 - CFD: 14/12/2010 - 20:11:52 - [32720423] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 05/01/2010 - 21:29:06 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 16/04/2008 - 12:22:20 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 06/01/2011 - 22:37:22 - [11812918] ----D- C:\Program Files\MyPDFConverter
O43 - CFD: 16/04/2008 - 13:11:34 - [18592497] ----D- C:\Program Files\myphotobook
O43 - CFD: 11/11/2009 - 20:26:36 - [381240] ----D- C:\Program Files\NOS
O43 - CFD: 16/02/2011 - 20:23:58 - [96600] ----D- C:\Program Files\OfferBox
O43 - CFD: 21/03/2009 - 11:43:20 - [354600809] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 30/09/2010 - 17:34:34 - [56751614] ----D- C:\Program Files\Orange
O43 - CFD: 13/06/2010 - 11:08:04 - [0] ----D- C:\Program Files\PlotSoft
O43 - CFD: 20/12/2009 - 19:52:20 - [789812043] ----D- C:\Program Files\ptchelpWildfire 4.0
O43 - CFD: 21/12/2010 - 23:42:52 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 29/05/2010 - 11:54:26 - [0] ----D- C:\Program Files\Real
O43 - CFD: 16/04/2008 - 12:39:32 - [21392108] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 17/04/2010 - 11:15:28 - [38057297] ----D- C:\Program Files\Safari
O43 - CFD: 04/02/2011 - 19:21:26 - [28273755] R---D- C:\Program Files\Skype
O43 - CFD: 25/02/2011 - 16:49:46 - [61544543] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 16/04/2008 - 12:40:22 - [14542283] ----D- C:\Program Files\Synaptics
O43 - CFD: 26/12/2008 - 13:40:10 - [254711774] ----D- C:\Program Files\Toshiba
O43 - CFD: 13/06/2010 - 14:56:12 - [10838094] ----D- C:\Program Files\Tracker Software
O43 - CFD: 16/04/2008 - 12:58:18 - [421881179] ----D- C:\Program Files\Ulead Systems
O43 - CFD: 02/11/2006 - 14:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 24/02/2009 - 19:56:36 - [61995016] ----D- C:\Program Files\VideoLAN
O43 - CFD: 16/09/2009 - 07:49:38 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 16/09/2009 - 07:49:38 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 16/09/2009 - 07:49:38 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 16/09/2009 - 07:49:38 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 22/02/2011 - 18:05:18 - [146581192] ----D- C:\Program Files\Windows Live
O43 - CFD: 12/02/2011 - 10:32:20 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 16/04/2008 - 13:00:56 - [14301199] ----D- C:\Program Files\Windows Media Components
O43 - CFD: 15/10/2010 - 02:22:26 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 26/12/2008 - 13:42:08 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 16/09/2009 - 07:49:38 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 19/11/2009 - 12:39:06 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 16/09/2009 - 07:49:38 - [6887473] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 07/05/2009 - 11:15:56 - [4874990] ----D- C:\Program Files\WinRAR
O43 - CFD: 25/02/2011 - 17:20:42 - [3584701] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 12/02/2011 - 10:39:34 - [6281214] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 21/12/2010 - 23:58:32 - [106958057] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 24/01/2011 - 12:11:36 - [560] ----D- C:\Program Files\Common Files\CANON
O43 - CFD: 05/01/2010 - 21:28:46 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 03/10/2010 - 11:04:32 - [1634832] ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD: 16/04/2008 - 13:01:14 - [8559357] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 03/04/2010 - 11:43:16 - [42251717] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 22/02/2011 - 18:02:16 - [446150992] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/04/2009 - 19:41:36 - [0] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 29/05/2010 - 11:54:32 - [0] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 04/02/2011 - 19:20:54 - [2254216] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 02/11/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 11/01/2010 - 08:12:52 - [46771595] ----D- C:\Program Files\Common Files\System
O43 - CFD: 16/04/2008 - 13:03:14 - [1374029] ----D- C:\Program Files\Common Files\Toshiba Shared
O43 - CFD: 16/04/2008 - 13:01:06 - [21678602] ----D- C:\Program Files\Common Files\Ulead Systems
O43 - CFD: 24/02/2009 - 20:05:36 - [190935305] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 12/02/2011 - 10:39:32 - [763] ----D- C:\ProgramData\Adobe
O43 - CFD: 09/06/2009 - 22:09:00 - [220772864] ----D- C:\ProgramData\Apple
O43 - CFD: 09/06/2009 - 22:11:34 - [128205108] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 02/09/2009 - 17:28:46 - [46877161] ----D- C:\ProgramData\Avira
O43 - CFD: 26/12/2008 - 13:42:08 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 16/02/2011 - 21:27:42 - [114] --H-D- C:\ProgramData\CanonIJEGV
O43 - CFD: 16/02/2011 - 20:44:52 - [0] --H-D- C:\ProgramData\CanonIJScan
O43 - CFD: 24/12/2009 - 17:36:28 - [568] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 16/02/2011 - 20:14:00 - [0] ----D- C:\ProgramData\DassaultSystemes
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 26/12/2008 - 13:42:08 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 19/02/2009 - 19:37:34 - [14402] ----D- C:\ProgramData\Google
O43 - CFD: 25/02/2011 - 06:54:34 - [14595] ----D- C:\ProgramData\Google Updater
O43 - CFD: 25/06/2009 - 20:41:46 - [52765] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 23/02/2011 - 21:34:50 - [320634295] ----D- C:\ProgramData\Lavasoft
O43 - CFD: 18/12/2009 - 13:29:56 - [8836] ----D- C:\ProgramData\Macrovision
O43 - CFD: 23/02/2011 - 20:06:52 - [14009780] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 21/04/2009 - 20:32:44 - [7914] ----D- C:\ProgramData\McAfee
O43 - CFD: 26/12/2008 - 13:42:08 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 22/02/2011 - 18:03:02 - [239274702] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 12/02/2011 - 03:01:34 - [64828] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 26/12/2008 - 13:42:08 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 11/11/2009 - 20:26:36 - [818] ----D- C:\ProgramData\NOS
O43 - CFD: 06/10/2009 - 06:41:18 - [604] ----D- C:\ProgramData\Office Genuine Advantage
O43 - CFD: 24/12/2009 - 17:45:22 - [3510483] ----D- C:\ProgramData\Propellerhead Software
O43 - CFD: 29/05/2010 - 11:21:28 - [403656] ----D- C:\ProgramData\Real
O43 - CFD: 04/02/2011 - 19:20:50 - [21733713] ----D- C:\ProgramData\Skype
O43 - CFD: 25/02/2011 - 16:48:46 - [276758] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 03/04/2010 - 11:43:18 - [119] ----D- C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 14:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 29/04/2008 - 15:03:32 - [1024] ----D- C:\ProgramData\TOSHIBA
O43 - CFD: 26/12/2008 - 13:45:36 - [740] ----D- C:\ProgramData\ToshibaEurope
O43 - CFD: 16/04/2008 - 13:00:30 - [220835] ----D- C:\ProgramData\Ulead Systems
O43 - CFD: 11/10/2009 - 21:31:58 - [0] ----D- C:\ProgramData\WinZip
O43 - CFD: 11/02/2009 - 18:30:18 - [4471363] ----D- C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 15/06/2010 - 19:40:48 - [2776109] ----D- C:\Users\user\AppData\Roaming\Apple Computer
O43 - CFD: 07/11/2010 - 10:14:56 - [0] ----D- C:\Users\user\AppData\Roaming\Avira
O43 - CFD: 16/02/2011 - 20:46:58 - [0] ----D- C:\Users\user\AppData\Roaming\Canon
O43 - CFD: 24/12/2009 - 17:43:54 - [2763] ----D- C:\Users\user\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 26/11/2009 - 10:32:54 - [17752] ----D- C:\Users\user\AppData\Roaming\DassaultSystemes
O43 - CFD: 08/03/2009 - 16:35:14 - [1782] ----D- C:\Users\user\AppData\Roaming\DesktopSMS
O43 - CFD: 16/02/2011 - 20:23:06 - [0] ----D- C:\Users\user\AppData\Roaming\Dev-Cpp
O43 - CFD: 20/04/2009 - 20:19:10 - [0] ----D- C:\Users\user\AppData\Roaming\DivX
O43 - CFD: 23/02/2011 - 18:30:38 - [1271] ----D- C:\Users\user\AppData\Roaming\dvdcss
O43 - CFD: 27/02/2009 - 19:52:12 - [34710] ----D- C:\Users\user\AppData\Roaming\Google
O43 - CFD: 26/12/2008 - 13:52:14 - [0] ----D- C:\Users\user\AppData\Roaming\Identities
O43 - CFD: 23/02/2011 - 19:51:58 - [0] ----D- C:\Users\user\AppData\Roaming\InstallShield
O43 - CFD: 17/10/2009 - 14:27:50 - [35238869] ----D- C:\Users\user\AppData\Roaming\LimeWire
O43 - CFD: 11/02/2009 - 18:30:18 - [1791] ----D- C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 23/02/2011 - 20:06:58 - [1895351] ----D- C:\Users\user\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:36 - [0] ----D- C:\Users\user\AppData\Roaming\Media Center Programs
O43 - CFD: 24/01/2011 - 17:52:28 - [4976676] -S--D- C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 19/02/2009 - 19:20:32 - [0] ----D- C:\Users\user\AppData\Roaming\Microsoft Web Folders
O43 - CFD: 22/04/2009 - 19:03:36 - [6425350] ----D- C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 14/03/2009 - 20:50:12 - [16890804] ----D- C:\Users\user\AppData\Roaming\myphotobook
O43 - CFD: 14/02/2011 - 21:38:18 - [230123] ----D- C:\Users\user\AppData\Roaming\OfferBox
O43 - CFD: 21/03/2009 - 11:45:16 - [2338905] ----D- C:\Users\user\AppData\Roaming\OpenOffice.org
O43 - CFD: 24/12/2009 - 17:49:16 - [8914] ----D- C:\Users\user\AppData\Roaming\Propellerhead Software
O43 - CFD: 18/12/2009 - 18:14:42 - [5111] ----D- C:\Users\user\AppData\Roaming\PTC
O43 - CFD: 29/05/2010 - 11:54:22 - [285225] ----D- C:\Users\user\AppData\Roaming\Real
O43 - CFD: 25/02/2011 - 17:20:10 - [4439383] ----D- C:\Users\user\AppData\Roaming\Skype
O43 - CFD: 25/02/2011 - 16:32:30 - [68272] ----D- C:\Users\user\AppData\Roaming\skypePM
O43 - CFD: 17/10/2009 - 14:43:52 - [13824] ----D- C:\Users\user\AppData\Roaming\Template
O43 - CFD: 07/02/2009 - 14:58:22 - [752] ----D- C:\Users\user\AppData\Roaming\Toshiba
O43 - CFD: 26/03/2009 - 13:54:00 - [447521] ----D- C:\Users\user\AppData\Roaming\vlc
O43 - CFD: 20/03/2009 - 13:38:04 - [0] ----D- C:\Users\user\AppData\Roaming\WinRAR
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C90CF70B808732027046788FE8812757] - 25/02/2011 - 16:32:31 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.FA77CA1050E4168E6B9512C7855B8070] - 25/02/2011 - 06:50:22 ---A- . (...) -- C:\aaw7boot.log [3987]
O44 - LFC:[MD5.0A7B704C887F77AC8CDCE059407336B4] - 24/02/2011 - 18:13:13 ---A- . (...) -- C:\ZHPExportRegistry-24-022011-18-13-13.txt [3552]
O44 - LFC:[MD5.4C5F231DB68F1C62655798EAFDF48309] - 24/02/2011 - 17:51:56 ---A- . (...) -- C:\ZHPExportRegistry-24-022011-17-51-56.txt [29312]
O44 - LFC:[MD5.B41665A43EC69D48E428CF2B2BB3F2EA] - 23/02/2011 - 21:42:51 ---A- . (...) -C:\Windows\System32\lsdelete.exe [16432]
O44 - LFC:[MD5.B7C19EC8B0DD7EFA58AD41FFEB8B8CDA] - 23/02/2011 - 21:34:50 ---A- . (.Lavasoft AB - Boot Driver.) -C:\Windows\System32\drivers\Lbd.sys [64288]
O44 - LFC:[MD5.C1AE5D1F53285D79A0B73A62AF20734F] - 23/02/2011 - 21:34:47 ---A- . (.Sunbelt Software - Anti-Rootkit
Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [98392]
O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 23/02/2011 - 20:06:50 ---A- . (.Malwarebytes Corporation Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 23/02/2011 - 20:06:47 ---A- . (.Malwarebytes Corporation Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.DE610F23CCE8FC25F708A78E4C31E922] - 23/02/2011 - 19:08:11 ---A- . (...) -C:\Windows\System32\FNTCACHE.DAT [427280]
O44 - LFC:[MD5.4271A731F0912D018B91D7863451CC8E] - 22/02/2011 - 17:46:22 ---A- . (...) -C:\Windows\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.BF8A195718BDF4745D4E81CB3964B474] - 22/02/2011 - 17:46:22 ---A- . (...) -C:\Windows\System32\perfc009.dat [104070]
O44 - LFC:[MD5.295D3D333CE5EEE4EDFA1ED84A6DE253] - 22/02/2011 - 17:46:22 ---A- . (...) -C:\Windows\System32\perfc00C.dat [126626]
O44 - LFC:[MD5.C1D90B636AB74D9222E4A211ABD7DF19] - 22/02/2011 - 17:46:22 ---A- . (...) -C:\Windows\System32\perfh009.dat [595996]
O44 - LFC:[MD5.420FEA6DAE0BD99D5ACF4679B223168A] - 22/02/2011 - 17:46:22 ---A- . (...) -C:\Windows\System32\perfh00C.dat [679042]
O44 - LFC:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 19/02/2011 - 12:03:08 ---A- . (.Avira GmbH - Avira Driver for Security
Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [135096]
O44 - LFC:[MD5.BE8A26BD07E1D66DC4B097DE157658C2] - 10/02/2011 - 06:47:24 ---A- . (.Adobe Systems Incorporated Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [292352]
O44 - LFC:[MD5.8E98986925EB7719B3B03CEA11EC8D82] - 10/02/2011 - 06:47:23 ---A- . (.Adobe Systems - Windows NT
OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 01/08/2009 - 07:27:37 ---A- . (...) -- C:\Windows\System32\winrm.vbs
[201184]
O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 16/07/2009 - 18:30:03 ---A- . (...) -C:\Windows\System32\WsmTxt.xsl [2426]
O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 16/07/2009 - 18:30:03 ---A- . (...) -C:\Windows\System32\wsmanconfig_schema.xml [4675]
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{36155074-a28d-11de-b608-001e33482b2f}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -C:\Windows\system32\ACEr.exe (.not file.)
O51 - MPSK:{57efd24a-156b-11de-ac91-001e33482b2f}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -F:\ysyjq1bs.exe (.not file.)
O51 - MPSK:{6ab1d7a5-3330-11de-8546-001e33482b2f}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -F:\LaunchU3.exe (.not file.)
O51 - MPSK:{f07ce5d4-b38f-11df-b298-001e33482b2f}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -J:\PMBP_Win.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm" . (.Pas de propriétaire - Pas de
description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut
Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security
Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security
Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows
SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows
SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160
Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort
Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.CE91B158FA490CF4C4D487A4130F4660] - 28/11/2006 - 14:11:00 ---A- . (.Agere Systems - SoftModem Device
Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1161888]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE
Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport
Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID
WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 14/12/2010 - 07:51:41 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -C:\Windows\system32\drivers\avgntflt.sys [61960]
O58 - SDL:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 19/02/2011 - 12:03:08 ---A- . (.Avira GmbH - Avira Driver for
Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [135096]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME
USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME
USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother
Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother
Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB
MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB
Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 05/10/2006 - 03:42:42 ---A- . (.Sonic Solutions - CDR4 CD and DVD
Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [2432]
O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 05/10/2006 - 03:42:42 ---A- . (.Sonic Solutions - CDRAL Place
Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE
Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI
miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé
NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for
LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.CBC22823628544735625B280665E434E] - 20/11/2006 - 13:11:14 ---A- . (.TOSHIBA Corporation - TOSHIBA
Firmware Linkage 32-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys [7168]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.)
-- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart
Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.E5A0034847537EAEE3C00349D5C34C5F] - 29/09/2007 - 23:03:12 ---A- . (.Intel Corporation - Intel Matrix Storage
Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [308248]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage
Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.038815297078D236D8CC064C295A74C6] - 13/09/2007 - 14:23:50 ---A- . (.Intel Corporation - Intel Graphics
Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [1925632]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.B7C19EC8B0DD7EFA58AD41FFEB8B8CDA] - 22/11/2010 - 09:50:19 ---A- . (.Lavasoft AB - Boot Driver.) -C:\Windows\system32\drivers\Lbd.sys [64288]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC
Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT
SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT
SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID
Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI
MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID
RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.35D5458D9A1B26B2005ABFFBF4C1C5E7] - 21/01/2008 - 03:23:20 ---A- . (.Intel Corporation - Intel® Wireless
WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw3v32.sys [2225664]
O58 - SDL:[MD5.6522DD40A5F67CED020BD81B856613FB] - 26/09/2007 - 06:12:22 ---A- . (.Intel Corporation - Intel® Wireless
WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw4v32.sys [2251776]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID
Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote
intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA®
nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA®
nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 24/08/2009 - 11:22:32 ---A- . (.Printing Communications Assoc., Inc.
(PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\system32\drivers\PCAMp50.sys [28224]
O58 - SDL:[MD5.1961590AA191B6B7DCF18A6A693AF7B8] - 24/08/2009 - 11:22:32 ---A- . (.Printing Communications Assoc., Inc.
(PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\system32\drivers\PCASp50.sys [27072]
O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device
Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre
Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI
Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.C2EF513BBE069F0D4EE0938A76F975D3] - 15/02/2008 - 17:01:18 ---A- . (.REDC - RICOH SD Driver.) -C:\Windows\system32\drivers\rimmptsk.sys [46592]
O58 - SDL:[MD5.C398BCA91216755B098679A8DA8A2300] - 30/07/2007 - 09:42:58 ---A- . (.REDC - RICOH MS Driver.) -C:\Windows\system32\drivers\rimsptsk.sys [43008]
O58 - SDL:[MD5.2A2554CB24506E0A0508FC395C4A1B42] - 30/07/2007 - 10:54:02 ---A- . (.REDC - RICOH XD SM Driver.) -C:\Windows\system32\drivers\rixdptsk.sys [38400]
O58 - SDL:[MD5.8A4341616976E47712B60F18C7049DCC] - 30/01/2008 - 11:34:20 ---A- . (.Realtek Semiconductor Corp. Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2058528]
O58 - SDL:[MD5.8CCA591019216E9523E3CB385CE643E6] - 28/12/2007 - 19:21:54 ---A- . (.Realtek Corporation - Realtek
8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [104448]
O58 - SDL:[MD5.C1AE5D1F53285D79A0B73A62AF20734F] - 23/02/2011 - 21:34:47 ---A- . (.Sunbelt Software - Anti-Rootkit
Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [98392]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision
Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS
AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.7CED120054890D7700FCFD7F50EE1200] - 24/12/2009 - 00:00:00 ---A- . (...) -C:\Windows\system32\drivers\sptd.sys [691696]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/06/2010 - 15:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot
Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI
Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI
Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI
Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.55F6E55CC2430CA8713387106FA79817] - 06/12/2007 - 18:12:48 ---A- . (.Synaptics, Inc. - Synaptics Touchpad
Driver.) -- C:\Windows\system32\drivers\SynTP.sys [196400]
O58 - SDL:[MD5.1825BCEB47BF41C5A9F0E44DE82FC27A] - 18/10/2006 - 10:50:04 ---A- . (.TOSHIBA Corporation. - Toshiba
ODD Writing Driver For x86..) -- C:\Windows\system32\drivers\tdcmdpst.sys [16128]
O58 - SDL:[MD5.1EA5F27C29405BF49799FECA77186DA9] - 21/01/2008 - 14:42:24 ---A- . (.TOSHIBA Corporation - tos_sps2.) -C:\Windows\system32\drivers\tos_sps32.sys [285184]
O58 - SDL:[MD5.792A8B80F8188ABA4B2BE271583F3E46] - 09/11/2007 - 14:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA
ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS [23640]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA
Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise
Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise
SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.5C2BDC152BBAB34F36473DEAF7713F22] - 28/09/2010 - 15:44:52 ---A- . (.Apple, Inc. - Apple Mobile Device
USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.8C5094A8AB24DE7496C7C19942F2DF04] - 17/12/2007 - 11:45:20 ---A- . (.Chicony Electronics Co., Ltd. UVCFTR_S.sys.) -- C:\Windows\system32\drivers\UVCFTR_S.SYS [18432]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic
PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID
DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS
[9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS
[33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -C:\Windows\system32\NTIO804.SYS [34672]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft
Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for
Minifilter.) - LEGACY_AVGIO
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) LEGACY_AVGNTFLT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security
Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan
Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - C:\Windows\System32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log
File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - C:\Windows\System32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk
Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) LEGACY_DFSC
O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation
- DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - C:\Windows\System32\drivers\ecache.sys - ReadyBoost Caching Driver (Ecache) .(.Microsoft Corporation
- Special Memory Device Cache.) - LEGACY_ECACHE
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\System32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation
- FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres
de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\System32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du
protocole.) - LEGACY_HTTP
O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) LEGACY_IPFILTERDRIVER
O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security
Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys - Lavasoft helper driver (Lavasoft Kernexplorer) .(...)
- LEGACY_LAVASOFT_KERNEXPLORER
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Lbd.sys - Lbd (Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio)
.(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de
filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - C:\Windows\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy (MBAMSwissArmy)
.(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR
O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk) .(...) - LEGACY_MFEHIDK
O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk01) .(...) - LEGACY_MFEHIDK01
O64 - Services: CurCS - C:\Windows\System32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - (.not file.) - MPFP (MPFP) .(...) - LEGACY_MPFP
O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) LEGACY_MPSDRV
O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft
Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb)
.(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft
Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft
Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - C:\Windows\System32\drivers\msahci.sys - msahci (msahci) .(.Microsoft Corporation - MS AHCI 1.0
Standard Driver.) - LEGACY_MSAHCI
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - C:\Windows\System32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider
driver.) - LEGACY_MUP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - C:\Windows\System32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0
wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft
Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport
driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\System32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI
Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\System32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing
Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50
O64 - Services: CurCS - C:\Windows\System32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing
Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50
O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected
Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.)
- LEGACY_PSCHED
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd)
.(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft
Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP
Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - C:\Windows\System32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft
Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr)
.(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) LEGACY_SMB
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) LEGACY_SRV
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) LEGACY_SRV2
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network
driver.) - LEGACY_SRVNET
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.)
- LEGACY_SSMDRV
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) LEGACY_TCPIP
O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft
Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) LEGACY_TDX
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.)
- LEGACY_UDFS
O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA
Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\Windows\System32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft
Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000)
.(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.)
-- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla
Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla
Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.)
-- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -C:\Windows\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet
Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program
Files\Safari\Safari.exe
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {046EBF9E-1E60-4B55-BA62-D81C072DDCFA} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {b41306c6-96d0-442a-bcc4-b0f621e82ce9} - (Fissa) - http://www.fissa.com
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.81EBC5DB32DA754CAE9E200B70F06DE2] [SPRF] (.Microsoft Corporation - Barre d'outils Bing.) -C:\Users\user\AppData\Local\Temp\MSN9FD9.exe [469256]
[MD5.1108B166160D6023AF76435B074052B6] [SPRF] (.Macrovision Corporation - Setup.exe.) -C:\Users\user\AppData\Local\Temp\_is2606.exe [455600]
[MD5.0FECB3FB879F3ED7AB5BB878D947E87A] [SPRF] (.Propellerhead Software AB - ReWire.) -C:\Users\user\AppData\Roaming\Rewire.dll [225280]
[MD5.D340FAF7C701118A4D74440CD9E80187] [SPRF] (.Propellerhead Software AB - REX Shared library.) -C:\Users\user\AppData\Roaming\REX Shared Library.dll [233472]
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de
sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système
spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.)
-- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -C:\Windows\system32\netproj.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et
Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program
Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -C:\Windows\system32\dfsr.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "TCP Query User{27D8D80A-3DC8-47E4-81D5-394D0D68015C}C:\program files\limewire\limewire.exe" | In - Private P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "UDP Query User{202B00F7-00C0-4852-82A2-4BD2371AF1F2}C:\program files\limewire\limewire.exe" | In - Private P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "{9E877A91-2B7E-4D49-9375-D0192AE27767}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{23A51336-E54F-4389-96FD-8D682F007E1A}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{9CE56837-230C-4E05-8B44-810B957CCF03}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live
Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{F3D55646-7622-4577-9A68-F2417CE82AA1}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live
Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O87 - FAEL: "TCP Query User{0151508D-B38F-443C-880A-21051EB0E899}C:\program files\limewire\limewire.exe" | In - Public P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "UDP Query User{1E6AC43E-2594-468E-8A8C-42FA53D707B4}C:\program files\limewire\limewire.exe" | In - Public P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "TCP Query User{2502746F-9DFF-489E-8426-07D4BA7EA0D9}C:\program files\dassault
systemes\b11\intel_a\code\bin\orbixd.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\dassault
systemes\b11\intel_a\code\bin\orbixd.exe (.not file.)
O87 - FAEL: "UDP Query User{2C3E7472-09F7-45B7-8DC4-2275CF2F5E5A}C:\program files\dassault
systemes\b11\intel_a\code\bin\orbixd.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\dassault
systemes\b11\intel_a\code\bin\orbixd.exe (.not file.)
O87 - FAEL: "TCP Query User{FA7A6968-2DE6-4BAB-AF6D-86758E6A58F4}C:\program files\dassault
systemes\b11\intel_a\code\bin\cnext.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\dassault
systemes\b11\intel_a\code\bin\cnext.exe (.not file.)
O87 - FAEL: "UDP Query User{6742945B-A7F8-4A18-83C0-915FF7A49EA8}C:\program files\dassault
systemes\b11\intel_a\code\bin\cnext.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\dassault
systemes\b11\intel_a\code\bin\cnext.exe (.not file.)
O87 - FAEL: "TCP Query User{1BB7C111-853B-4026-A749-103F40B59895}C:\program files\proewildfire 4.0\i486_nt\obj\xtop.exe"
|In - Private - P6 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\obj\xtop.exe (.not file.)
O87 - FAEL: "UDP Query User{20C0A73E-ECC1-4ACE-BB99-79B1D7AE82ED}C:\program files\proewildfire
4.0\i486_nt\obj\xtop.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\obj\xtop.exe (.not file.)
O87 - FAEL: "TCP Query User{6588C4A8-0813-4750-9DD3-46ADB1BF0ACB}C:\program files\proewildfire
4.0\i486_nt\nms\nmsd.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\nms\nmsd.exe (.not file.)
O87 - FAEL: "UDP Query User{646DF786-163C-44DD-B40E-C309C59E854C}C:\program files\proewildfire
4.0\i486_nt\nms\nmsd.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\nms\nmsd.exe (.not file.)
O87 - FAEL: "TCP Query User{97332DB4-6F8C-4C99-A4AD-4ED35EDB221F}C:\program files\proewildfire
4.0\i486_nt\obj\pro_comm_msg.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\proewildfire
4.0\i486_nt\obj\pro_comm_msg.exe (.not file.)
O87 - FAEL: "UDP Query User{F5A7595E-8C0A-489C-B36A-F7F6E52DF88D}C:\program files\proewildfire
4.0\i486_nt\obj\pro_comm_msg.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\proewildfire
O87 - FAEL: "TCP Query User{BF737491-777D-43EB-AA90-6EAD804CFCC5}C:\program files\proewildfire
4.0\i486_nt\nms\nmsd.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\nms\nmsd.exe (.not file.)
O87 - FAEL: "UDP Query User{6C8613E8-18C6-4BF5-AB71-F1939D9B3E83}C:\program files\proewildfire
4.0\i486_nt\nms\nmsd.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\nms\nmsd.exe (.not file.)
O87 - FAEL: "TCP Query User{732126E6-B233-405D-AD72-6EC05506AB02}C:\program files\proewildfire 4.0\i486_nt\obj\xtop.exe"
|In - Public - P6 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\obj\xtop.exe (.not file.)
O87 - FAEL: "UDP Query User{7E941D78-3190-47D4-A479-046F925C5711}C:\program files\proewildfire 4.0\i486_nt\obj\xtop.exe"
|In - Public - P17 - TRUE | .(...) -- C:\program files\proewildfire 4.0\i486_nt\obj\xtop.exe (.not file.)
O87 - FAEL: "TCP Query User{F01D2789-2D89-4C6A-894D-3CB0BAF6DCF5}C:\program files\proewildfire
4.0\i486_nt\obj\pro_comm_msg.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\proewildfire
O87 - FAEL: "UDP Query User{4B096428-2F84-4438-9467-75405D1769EF}C:\program files\proewildfire
4.0\i486_nt\obj\pro_comm_msg.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\proewildfire
O87 - FAEL: "{0529FB57-EF6F-41B4-B050-7F6369AF9BAB}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office
Outlook.) -- C:\Program Files\Microsoft Office\Office12\outlook.exe
O87 - FAEL: "{C8FEB967-8192-4843-A8EE-3B6D4C1DE798}" |In - None - P6 - TRUE | .(...) -C:\Windows\WindowsMobile\wmdHost.exe (.not file.)
O87 - FAEL: "{ECE4EF1F-CA18-48C1-80B1-BBEA4F83CFA2}" |In - None - P6 - TRUE | .(...) -C:\Windows\WindowsMobile\wmdHost.exe (.not file.)
O87 - FAEL: "TCP Query User{B7CF69D0-3C38-494E-A230-2D402AC63431}C:\program files\real\realplayer\realplay.exe" |In Public - P6 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "UDP Query User{971B1D91-E077-444F-903A-F607F8E8683C}C:\program files\real\realplayer\realplay.exe" |In Public - P17 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "{BE4E5CA7-8310-44E2-954F-38FA2888349C}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{A774DAB6-05C4-40A6-B39F-FDF65C150A2C}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{AE684E29-DA7B-4004-8FC6-67E6E9B4DB45}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program
Files\iTunes\iTunes.exe
O87 - FAEL: "TCP Query User{6D930F21-A358-454D-A5A7-E800E043BEF0}C:\users\user\appdata\roaming\macromedia\flash
player\www.macromedia.com\bin\octoshape\octoshape.exe" |In - Public - P6 - TRUE | .(...) -C:\users\user\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe (.not file.)
O87 - FAEL: "UDP Query User{E6153E2B-937D-4E19-A7AB-178F19882E85}C:\users\user\appdata\roaming\macromedia\flash
player\www.macromedia.com\bin\octoshape\octoshape.exe" |In - Public - P17 - TRUE | .(...) -C:\users\user\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe (.not file.)
O87 - FAEL: "{DB9DB701-C96E-4AB9-903F-BBC73BF8A029}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{84A5F5C9-8005-41E0-95F4-1BD8AF8456B8}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live
Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
---\\ Etat général des services non Microsoft (EGS) (SR=Running,
SS=Stopped)
SR - | Auto 05/10/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SR - | Auto 17/08/2010 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 14/12/2010 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 16/10/2010 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
SR - | Auto 27/07/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 25/12/2007 40960 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program
Files\TOSHIBA\ConfigFree\CFSvcs.exe
SR - | Auto 18/12/2009 1371778 | (FLEXlm server for PTC) . (.Macrovision Corporation.) - C:\Program
Files\flexnet\i486_nt\obj\lmgrd.exe
SS - | Demand 21/01/2008 21504 | C:\Program Files\NOS\bin\getPlus_Helper.dll (getPlusHelper) . (.NOS Microsystems Ltd..) C:\Windows\System32\svchost.exe
SS - | Auto 22/04/2009 133104 | (gupdate1c9c37c3694ef08) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 22/04/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
SR - | Demand 13/12/2010 820008 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/02/2011 1405384 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\AdAware\AAWService.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search &
Destroy\SDWinSec.exe
SR - | Auto 21/01/2008 83312 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\Toshiba\TOSHIBA DVD
PLAYER\TNaviSrv.exe
SR - | Auto 21/11/2007 129632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 17/01/2008 431456 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
SS - | Auto 17/01/2008 0 | (TOSHIBA Bluetooth Service) . (.Pas de propriétaire.) - c:\Program Files\Toshiba\Bluetooth Toshiba
Stack\TosBtSrv.exe
SR - | Auto 03/12/2007 126976 | (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation.) - C:\Program
Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
SR - | Auto 23/08/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead
Systems\DVD\ULCDRSvr.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) C:\Windows\system32\svchost.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Run by user at 25/02/2011 17:22:43
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys sphv.sys hal.dll >>UNKNOWN [0x860CA938]<<
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
System32\Drivers\sphv.sys
1 ntkrnlpa!IofCallDriver[0x82490912] -> \Device\Harddisk0\DR0[0x86C11690]
3 CLASSPNP[0x83B158B3] -> ntkrnlpa!IofCallDriver[0x82490912] -> \Device\Ide\IAAStorageDevice-0[0x8619B028]
kernel: MBR read successfully
detected hooks:
\Driver\atapi -> 0x861131f8
user & kernel MBR OK
Warning: possible MBR rootkit infection !
Use "ZHPFix" command "MBRFix" to clear infection !
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by user at 25/02/2011 17:22:43
Use the desktop link 'MBRCheck' to have full report
---\\ Liste des émulateurs de CD/DVD (Hook du MBR)
O58 - SDL:[MD5.7CED120054890D7700FCFD7F50EE1200] - 24/12/2009 - 00:00:00 ---A- . (...) -C:\Windows\system32\drivers\sptd.sys [691696]
End of the scan (1235 lines in 02mn 12s)(0)

Web Browser - Forums CNET France

Transcription

Documents pareils

Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du

Windows Product Information

Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman

Rapport de ZHPDiag v2015.1.9.4

Rapport de ZHPDiag v1.31.095 par Nicolas Coolman, Update du 24

SeafLog.txt - Bloc-notes scan pour danakil

Windows 8 - CDRom non reconnu Tapez dans l`invite