Help windowsrestore
Résolu/Fermé
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
-
4 avril 2011 à 14:50
Utilisateur anonyme - 4 avril 2011 à 21:40
Utilisateur anonyme - 4 avril 2011 à 21:40
27 réponses
Utilisateur anonyme
Modifié par nanard4700 le 4/04/2011 à 14:57
Modifié par nanard4700 le 4/04/2011 à 14:57
Bonjour
* Télécharger sur le bureau RogueKiller
* Quitter tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lancer simplement RogueKiller.exe
* Lorsque demandé, taper 1 et valider
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un.
* Télécharger sur le bureau RogueKiller
* Quitter tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lancer simplement RogueKiller.exe
* Lorsque demandé, taper 1 et valider
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un.
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 15:08
4 avril 2011 à 15:08
bonjour voila le rapport
RogueKiller V4.3.6 par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: YANNICK [Droits d'admin]
Mode: Recherche -- Date : 04/04/2011 15:07:55
Processus malicieux: 2
[APPDT/TMP/DESKTOP] WTyVDJpaBGULUR.exe -- c:\documents and settings\all users.windows\application data\wtyvdjpabgulur.exe -> KILLED
[APPDT/TMP/DESKTOP] 20373300.exe -- c:\documents and settings\all users.windows\application data\20373300.exe -> KILLED
Entrees de registre: 4
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : WTyVDJpaBGULUR (C:\Documents and Settings\All Users.WINDOWS\Application Data\WTyVDJpaBGULUR.exe) -> FOUND
[APPDT/TMP/DESKTOP] HKUS\S-1-5-21-842925246-1123561945-682003330-1003[...]\Run : WTyVDJpaBGULUR (C:\Documents and Settings\All Users.WINDOWS\Application Data\WTyVDJpaBGULUR.exe) -> FOUND
[HJ] HKCU\[...]\ActiveDesktop : NoChangingWallPaper (1) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V4.3.6 par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: YANNICK [Droits d'admin]
Mode: Recherche -- Date : 04/04/2011 15:07:55
Processus malicieux: 2
[APPDT/TMP/DESKTOP] WTyVDJpaBGULUR.exe -- c:\documents and settings\all users.windows\application data\wtyvdjpabgulur.exe -> KILLED
[APPDT/TMP/DESKTOP] 20373300.exe -- c:\documents and settings\all users.windows\application data\20373300.exe -> KILLED
Entrees de registre: 4
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : WTyVDJpaBGULUR (C:\Documents and Settings\All Users.WINDOWS\Application Data\WTyVDJpaBGULUR.exe) -> FOUND
[APPDT/TMP/DESKTOP] HKUS\S-1-5-21-842925246-1123561945-682003330-1003[...]\Run : WTyVDJpaBGULUR (C:\Documents and Settings\All Users.WINDOWS\Application Data\WTyVDJpaBGULUR.exe) -> FOUND
[HJ] HKCU\[...]\ActiveDesktop : NoChangingWallPaper (1) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
Utilisateur anonyme
Modifié par nanard4700 le 4/04/2011 à 15:29
Modifié par nanard4700 le 4/04/2011 à 15:29
* Quitter tous les programmes en cours
* lancer sRogueKiller.exe
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Lorsque demandé, taper 2 et valider
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
=================================================
* Télécharge et installe : Malwarebyte's Anti-Malware
* (NB : S'il te manque"COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
* A la fin du scan, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer, clique sur Yes
* Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
* Si tu as besoin d'aide regarde ce tutorial
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un.
* lancer sRogueKiller.exe
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Lorsque demandé, taper 2 et valider
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
=================================================
* Télécharge et installe : Malwarebyte's Anti-Malware
* (NB : S'il te manque"COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
* A la fin du scan, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer, clique sur Yes
* Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
* Si tu as besoin d'aide regarde ce tutorial
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 16:18
4 avril 2011 à 16:18
voila le rapport
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Version de la base de données: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 16:14:18
mbam-log-2011-04-04 (16-14-18).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 314571
Temps écoulé: 36 minute(s), 48 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WTyVDJpaBGULUR (Trojan.FakeAlert) -> Value: WTyVDJpaBGULUR -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\documents and settings\all users.windows\application data\wtyvdjpabgulur.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{cc4ded97-1e88-4b83-bfed-3939d6650efb}\RP516\A0094792.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\all users.windows\application data\20373300.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\documents and settings\yannick.e6750-6ac5e2889\Bureau\rk_quarantine\20373300.exe.vir (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\documents and settings\yannick.e6750-6ac5e2889\Bureau\rk_quarantine\wtyvdjpabgulur.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Version de la base de données: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 16:14:18
mbam-log-2011-04-04 (16-14-18).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 314571
Temps écoulé: 36 minute(s), 48 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WTyVDJpaBGULUR (Trojan.FakeAlert) -> Value: WTyVDJpaBGULUR -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\documents and settings\all users.windows\application data\wtyvdjpabgulur.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{cc4ded97-1e88-4b83-bfed-3939d6650efb}\RP516\A0094792.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\all users.windows\application data\20373300.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\documents and settings\yannick.e6750-6ac5e2889\Bureau\rk_quarantine\20373300.exe.vir (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\documents and settings\yannick.e6750-6ac5e2889\Bureau\rk_quarantine\wtyvdjpabgulur.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 16:59
4 avril 2011 à 16:59
apres l analyse avec Malwarebytes' Anti-Malware j ai plus la fenetre de windows restory et j ai toujours pass mes icones
Utilisateur anonyme
4 avril 2011 à 17:11
4 avril 2011 à 17:11
Tes icones sont elles revenues.??
On va faire une analyse de ton systéme.
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, " exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
On va faire une analyse de ton systéme.
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, " exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 17:37
4 avril 2011 à 17:37
non mes icones sont pas revenues
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 17:41
4 avril 2011 à 17:41
http://www.cijoint.fr/cjlink.php?file=cj201104/cijst6RSqy.txt
Utilisateur anonyme
4 avril 2011 à 17:48
4 avril 2011 à 17:48
* rends toi sur ce site : https://www.virustotal.com/gui/
==>Analyse ce fichier:
----------------------------------------------------------------------
C:\PhysicalDisk0_MBR.bin
----------------------------------------------------------------------
* Cliquez sur Parcourir... :
* Sélectionnez le fichier que vous voulez analyser et cliquez sur Ouvrir :
* Cliquez ensuite sur Envoyez le fichier : s'il a déjà été analysé, demande une nouvelle analyse.
* Fais un copier/coller du rapport sur le forum.
==>Analyse ce fichier:
----------------------------------------------------------------------
C:\PhysicalDisk0_MBR.bin
----------------------------------------------------------------------
* Cliquez sur Parcourir... :
* Sélectionnez le fichier que vous voulez analyser et cliquez sur Ouvrir :
* Cliquez ensuite sur Envoyez le fichier : s'il a déjà été analysé, demande une nouvelle analyse.
* Fais un copier/coller du rapport sur le forum.
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 18:01
4 avril 2011 à 18:01
Additional informationShow all
MD5 : 05ee681840221d8ef5e2b3aef716d9ba
SHA1 : 97aa7c42ab923f58a7f1e55a792e40468d4faa01
SHA256: 0c5544a24593511009cb31f166cf38e0f39b77e5d80bb8c5a88f274e3ceba355
ssdeep: 3072:ZgZxgZIEOc+V+Wny/VbIc5TcZUySbhayq6WDVhqdtQh0i0F2I8HPVBfQ5PHyprYU:CZxdZ
8oy/VLwYO
File size : 115545 bytes
First seen: 2011-04-04 15:54:54
Last seen : 2011-04-04 15:54:54
TrID:
Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
VT Community
MD5 : 05ee681840221d8ef5e2b3aef716d9ba
SHA1 : 97aa7c42ab923f58a7f1e55a792e40468d4faa01
SHA256: 0c5544a24593511009cb31f166cf38e0f39b77e5d80bb8c5a88f274e3ceba355
ssdeep: 3072:ZgZxgZIEOc+V+Wny/VbIc5TcZUySbhayq6WDVhqdtQh0i0F2I8HPVBfQ5PHyprYU:CZxdZ
8oy/VLwYO
File size : 115545 bytes
First seen: 2011-04-04 15:54:54
Last seen : 2011-04-04 15:54:54
TrID:
Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
VT Community
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 18:18
4 avril 2011 à 18:18
VT Community Sign in ? My account ? Sign out Signing out... Languages ?
VirusTotal's website has changed, we need new translations, do you feel like helping the community?
info@virustotal.com
Sign in to VT CommunitySafety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
email
password
Keep me logged in
Sign in Signing in, please wait...
Login failed, please try again
Forgot your password? Create an account
Edit my profile
View my profile
Inbox
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: ZHPDiag.txt
Submission date: 2011-04-04 16:07:03 (UTC)
Current status: finished
Result: 0 /42 (0.0%)
VT Community
not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.04.04.00 2011.04.04 -
AntiVir 7.11.5.183 2011.04.04 -
Antiy-AVL 2.0.3.7 2011.04.04 -
Avast 4.8.1351.0 2011.04.04 -
Avast5 5.0.677.0 2011.04.04 -
AVG 10.0.0.1190 2011.04.04 -
BitDefender 7.2 2011.04.04 -
CAT-QuickHeal 11.00 2011.04.03 -
ClamAV 0.97.0.0 2011.04.04 -
Commtouch 5.2.11.5 2011.03.24 -
Comodo 8219 2011.04.04 -
DrWeb 5.0.2.03300 2011.04.04 -
Emsisoft 5.1.0.5 2011.04.04 -
eSafe 7.0.17.0 2011.04.04 -
eTrust-Vet 36.1.8251 2011.04.04 -
F-Prot 4.6.2.117 2011.04.04 -
F-Secure 9.0.16440.0 2011.04.02 -
Fortinet 4.2.254.0 2011.04.02 -
GData 22 2011.04.04 -
Ikarus T3.1.1.103.0 2011.04.04 -
Jiangmin 13.0.900 2011.03.31 -
K7AntiVirus 9.96.4290 2011.04.04 -
Kaspersky 7.0.0.125 2011.04.04 -
McAfee 5.400.0.1158 2011.04.04 -
McAfee-GW-Edition 2010.1C 2011.04.04 -
Microsoft 1.6702 2011.04.04 -
NOD32 6014 2011.04.04 -
Norman 6.07.07 2011.04.04 -
Panda 10.0.3.5 2011.04.04 -
PCTools 7.0.3.5 2011.04.04 -
Prevx 3.0 2011.04.04 -
Rising 23.51.05.05 2011.04.02 -
Sophos 4.64.0 2011.04.04 -
SUPERAntiSpyware 4.40.0.1006 2011.04.04 -
Symantec 20101.3.2.89 2011.04.04 -
TheHacker 6.7.0.1.164 2011.04.04 -
TrendMicro 9.200.0.1012 2011.04.04 -
TrendMicro-HouseCall 9.200.0.1012 2011.04.04 -
VBA32 3.12.14.3 2011.04.04 -
VIPRE 8917 2011.04.04 -
ViRobot 2011.4.4.4392 2011.04.04 -
VirusBuster 13.6.286.0 2011.04.04 -
Additional informationShow all
MD5 : 05ee681840221d8ef5e2b3aef716d9ba
SHA1 : 97aa7c42ab923f58a7f1e55a792e40468d4faa01
SHA256: 0c5544a24593511009cb31f166cf38e0f39b77e5d80bb8c5a88f274e3ceba355
ssdeep: 3072:ZgZxgZIEOc+V+Wny/VbIc5TcZUySbhayq6WDVhqdtQh0i0F2I8HPVBfQ5PHyprYU:CZxdZ
8oy/VLwYO
File size : 115545 bytes
First seen: 2011-04-04 16:07:03
Last seen : 2011-04-04 16:07:03
Magic: Non-ISO extended-ASCII English text, with CRLF line terminators
TrID:
Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
ExifTool:
-
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
[b]text/b -- bold
[i]text/i -- italics
[u]text/u -- underline
[s]text/s -- strikethrough
[code]text/code - preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Goodware Malware Spam attachment/link
P2P download Propagating via IM Network worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit comment Post comment Posting comment...
Comment successfully posted
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com- TOS & Privacy Policy
VirusTotal's website has changed, we need new translations, do you feel like helping the community?
info@virustotal.com
Sign in to VT CommunitySafety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
password
Keep me logged in
Sign in Signing in, please wait...
Login failed, please try again
Forgot your password? Create an account
Edit my profile
View my profile
Inbox
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: ZHPDiag.txt
Submission date: 2011-04-04 16:07:03 (UTC)
Current status: finished
Result: 0 /42 (0.0%)
VT Community
not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.04.04.00 2011.04.04 -
AntiVir 7.11.5.183 2011.04.04 -
Antiy-AVL 2.0.3.7 2011.04.04 -
Avast 4.8.1351.0 2011.04.04 -
Avast5 5.0.677.0 2011.04.04 -
AVG 10.0.0.1190 2011.04.04 -
BitDefender 7.2 2011.04.04 -
CAT-QuickHeal 11.00 2011.04.03 -
ClamAV 0.97.0.0 2011.04.04 -
Commtouch 5.2.11.5 2011.03.24 -
Comodo 8219 2011.04.04 -
DrWeb 5.0.2.03300 2011.04.04 -
Emsisoft 5.1.0.5 2011.04.04 -
eSafe 7.0.17.0 2011.04.04 -
eTrust-Vet 36.1.8251 2011.04.04 -
F-Prot 4.6.2.117 2011.04.04 -
F-Secure 9.0.16440.0 2011.04.02 -
Fortinet 4.2.254.0 2011.04.02 -
GData 22 2011.04.04 -
Ikarus T3.1.1.103.0 2011.04.04 -
Jiangmin 13.0.900 2011.03.31 -
K7AntiVirus 9.96.4290 2011.04.04 -
Kaspersky 7.0.0.125 2011.04.04 -
McAfee 5.400.0.1158 2011.04.04 -
McAfee-GW-Edition 2010.1C 2011.04.04 -
Microsoft 1.6702 2011.04.04 -
NOD32 6014 2011.04.04 -
Norman 6.07.07 2011.04.04 -
Panda 10.0.3.5 2011.04.04 -
PCTools 7.0.3.5 2011.04.04 -
Prevx 3.0 2011.04.04 -
Rising 23.51.05.05 2011.04.02 -
Sophos 4.64.0 2011.04.04 -
SUPERAntiSpyware 4.40.0.1006 2011.04.04 -
Symantec 20101.3.2.89 2011.04.04 -
TheHacker 6.7.0.1.164 2011.04.04 -
TrendMicro 9.200.0.1012 2011.04.04 -
TrendMicro-HouseCall 9.200.0.1012 2011.04.04 -
VBA32 3.12.14.3 2011.04.04 -
VIPRE 8917 2011.04.04 -
ViRobot 2011.4.4.4392 2011.04.04 -
VirusBuster 13.6.286.0 2011.04.04 -
Additional informationShow all
MD5 : 05ee681840221d8ef5e2b3aef716d9ba
SHA1 : 97aa7c42ab923f58a7f1e55a792e40468d4faa01
SHA256: 0c5544a24593511009cb31f166cf38e0f39b77e5d80bb8c5a88f274e3ceba355
ssdeep: 3072:ZgZxgZIEOc+V+Wny/VbIc5TcZUySbhayq6WDVhqdtQh0i0F2I8HPVBfQ5PHyprYU:CZxdZ
8oy/VLwYO
File size : 115545 bytes
First seen: 2011-04-04 16:07:03
Last seen : 2011-04-04 16:07:03
Magic: Non-ISO extended-ASCII English text, with CRLF line terminators
TrID:
Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
ExifTool:
-
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
[b]text/b -- bold
[i]text/i -- italics
[u]text/u -- underline
[s]text/s -- strikethrough
[code]text/code - preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Goodware Malware Spam attachment/link
P2P download Propagating via IM Network worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit comment Post comment Posting comment...
Comment successfully posted
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com- TOS & Privacy Policy
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 18:30
4 avril 2011 à 18:30
comment je fait desole je suis nul en informatique
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 18:31
4 avril 2011 à 18:31
celui la
Rapport de ZHPDiag v1.27.1862 par Nicolas Coolman, Update du 03/04/2011
Run by YANNICK at 04/04/2011 17:38:14
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 172 GB (77%) free of 221 GB
---\\ Logged in mode
Computer Name: E6750-6AC5E2889
User Name: YANNICK
All Users Names: YANNICK, SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Documents and Settings\YANNICK\Application Data
%LocalAppData%=C:\Documents and Settings\YANNICK\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\YANNICK\Menu Démarrer
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 172 Go of 221 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 159 Go of 245 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 11:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Processus lancés
[MD5.1F31A588CC83A7B76715F9549515C161] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.2.) -- C:\WINDOWS\system32\nvsvc32.exe [154216]
[MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736]
[MD5.018857EAD9A077A56AEDFC0E5EF7A24A] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.112325F53AB720CA77825726D427FBDC] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.C4305F070481199D102F20DAC23E554B] - (.NVIDIA - NVIDIA Access Manager.) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [131072]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [360224]
[MD5.A1DD33D16F277CE34124EE52AB2C0F14] - (...) -- C:\WINDOWS\system32\PnkBstrA.exe [75064]
[MD5.38CDA1E493C6589910A3FBE81ECCD354] - (...) -- C:\WINDOWS\system32\PnkBstrB.exe [189480]
[MD5.8CFCA7E2FD4B57C2BEF929C1C1A4C56E] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [271760]
[MD5.83E70761489F8235E5BD94A6CCA8437D] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [18717696]
[MD5.FCB74635483CE82FF2BE9F91D2C8558E] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432]
[MD5.A63E46BECDDC697FF9C086D7AACBB0BE] - (.cyberlink - brs.) -- C:\Program Files\Cyberlink\Shared Files\brs.exe [75048]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\RUNDLL32.EXE [33792]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208]
[MD5.2DFCB2393528446AEB9FB861A8FC39AB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.766E24A20116AFA41F380B57FFE7AF02] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.0CA8C2E721617AA2F923A8151C96FB33] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
[MD5.85D374F30A2015D795B1E8D1258866D4] - (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe [116280]
[MD5.C2271BD91106CEEC631265842CAD09DC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642048]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [YANNICK] -- C:\Documents and Settings\YANNICK\Application Data\Mozilla\Firefox\Profiles\o10br65d.default\searchplugins\live-search.xml
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.2.39.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.3.0f4.) -- C:\Documents and Settings\YANNICK.E6750-6AC5E2889\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [BDRegion] . (.cyberlink - brs.) -- C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam.) -- c:\program files\steam\steam.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] . (.NVIDIA - NVIDIA nTune Command.) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\..\Run: [Steam] . (.Valve Corporation - Steam.) -- c:\program files\steam\steam.exe
O4 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\..\Run: [NVIDIA nTune] . (.NVIDIA - NVIDIA nTune Command.) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A92000000001}\SC_Reader.ico (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft Office PowerPoint 2007.lnk . (...) -- C:\WINDOWS\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Live ID.lnk . (.Microsoft Corporation.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype add-on for Internet Explorer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Skype add-on for Internet Explorer - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/fr/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{15313CDF-7C07-4B4A-94B6-B35D729EAE01}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CCS\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{15313CDF-7C07-4B4A-94B6-B35D729EAE01}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CS2\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{15313CDF-7C07-4B4A-94B6-B35D729EAE01}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CS3\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.242
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (nTuneService) . (.NVIDIA - NVIDIA Access Manager.) - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.2.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: (PnkBstrA) . (...) - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: (PnkBstrB) . (...) - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files\CyberLink\PowerDVD8\000.fcl
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{03D05354-AEC8-433F-834F-7392818CEE4B}.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl26f52309) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A30835DB-7393-42A1-93DA-37A993085822}\MpKsl26f52309.sys (.not file.)
O41 - Driver: (MpKsl401ab82a) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsl401ab82a.sys (.not file.)
O41 - Driver: (MpKsl42e14320) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C423377C-11A8-45FD-87AF-2D7B99EB2C83}\MpKsl42e14320.sys (.not file.)
O41 - Driver: (MpKsl4784e949) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DEEF2DCC-A928-4135-918D-55FC0F896C3A}\MpKsl4784e949.sys (.not file.)
O41 - Driver: (MpKsl527b0adb) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C1571341-FDD8-4452-808A-F266A7A1BF8B}\MpKsl527b0adb.sys (.not file.)
O41 - Driver: (MpKsl641cc1ef) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsl641cc1ef.sys (.not file.)
O41 - Driver: (MpKsl728c1bce) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3DD730E8-92C0-42F4-B7FD-25EB34E1C4F7}\MpKsl728c1bce.sys (.not file.)
O41 - Driver: (MpKsl796ea5b8) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B6BF46C6-09C8-4634-BC07-1AD0EF908F08}\MpKsl796ea5b8.sys (.not file.)
O41 - Driver: (MpKsl7db545bd) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsl7db545bd.sys (.not file.)
O41 - Driver: (MpKsl8ecfde06) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C53B86B4-7C70-45DA-9858-9310F4933F73}\MpKsl8ecfde06.sys (.not file.)
O41 - Driver: (MpKsla60012ac) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C423377C-11A8-45FD-87AF-2D7B99EB2C83}\MpKsla60012ac.sys (.not file.)
O41 - Driver: (MpKslac81359a) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{356BD5E0-4AEA-4717-957C-6135022011B6}\MpKslac81359a.sys
O41 - Driver: (MpKsld7fc1ca7) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsld7fc1ca7.sys (.not file.)
O41 - Driver: (MpKsle2131de6) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C1571341-FDD8-4452-808A-F266A7A1BF8B}\MpKsle2131de6.sys (.not file.)
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Attansic L1 Gigabit Ethernet Driver - (.Pas de propriétaire.) [HKLM] -- AtcL1
O42 - Logiciel: Belkin F7D1101 Basic Wireless USB Adapter - (.Belkin.) [HKLM] -- InstallShield_{AFD89880-C544-4777-B645-FBF6D3391B11}
O42 - Logiciel: Belkin F7D1101 Basic Wireless USB Adapter - (.Belkin.) [HKLM] -- {AFD89880-C544-4777-B645-FBF6D3391B11}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CPUID HWMonitor 1.15 - (.Pas de propriétaire.) [HKLM] -- CPUID HWMonitor_is1
O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: Cucusoft iPhone Ringtone Maker 2.4.4 - (.Cucusoft, Inc..) [HKLM] -- Cucusoft iPhone Ringtone Maker_is1
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
O42 - Logiciel: Fun Aquarium 3D Screensaver 1.0 - (.Pas de propriétaire.) [HKLM] -- Fun Aquarium 3D Screensaver_is1
O42 - Logiciel: Futuremark SystemInfo - (.Futuremark Corporation.) [HKLM] -- {BEE64C14-BEF1-4610-8A68-A16EAA47B882}
O42 - Logiciel: Garfield(TM) - Sauver Arlène - (.Hip Games.) [HKLM] -- Garfield Saving Arlene
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 - (.HP.) [HKLM] -- {CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM] -- HP Print Projects
O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: ImageShack Uploader 2.2.0 - (.ImageShack Corp..) [HKLM] -- {8BCD7AE7-F713-4D50-BAB9-7839B9386870}
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader
O42 - Logiciel: Java(TM) 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216015FF}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Movies2iPhone 1.24 for Windows - (.OKprods Ltd.) [HKLM] -- Movies2iPhone
O42 - Logiciel: My Photo Books (Foto-cards Edition) - (.Digilabs.) [HKLM] -- {F0142E13-8A6A-47B1-B6EA-AD02A7B63735}
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}
O42 - Logiciel: NVIDIA nTune - (.NVIDIA Corporation.) [HKLM] -- InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager
O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: VSO Image Resizer 4.0.2.5 - (.VSO-Software.) [HKLM] -- {8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1
O42 - Logiciel: VideoLAN VLC media player 0.8.6c - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Genuine Advantage Validation 1.9.42.0 Cracked - (.Wocarson.) [HKLM] -- {EB1BE39D-4C36-40A0-8CFB-079A2D14CB79}
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Xvid 1.2.1 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {FAE36873-1941-4076-A9A5-48812B5EA0B7}
O42 - Logiciel: iVideoBot Pro 5.0.0 - (.VOWSoft, Ltd..) [HKLM] -- iVideoBot Pro
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\Adobe]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Astro Gemini Software]
[HKCU\Software\Auslogics]
[HKCU\Software\Belkin]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Corel]
[HKCU\Software\Cyberlink]
[HKCU\Software\DVD Shrink]
[HKCU\Software\Digital River]
[HKCU\Software\DirectX AppWizard Apps]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Future Pinball]
[HKCU\Software\GNU]
[HKCU\Software\Gaijin]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\ImageShack Corp.]
[HKCU\Software\ImageShack]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MouseIndustries]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\NeKo]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VOWSoft]
[HKCU\Software\VSO]
[HKCU\Software\Valve]
[HKCU\Software\Wargaming.Net]
[HKCU\Software\WinRAR]
[HKCU\Software\Witan Entertainment BV]
[HKCU\Software\Yahoo]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ASUS]
[HKLM\Software\Activision]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Attansic]
[HKLM\Software\Audible]
[HKLM\Software\Belkin]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Corel]
[HKLM\Software\Creative Tech]
[HKLM\Software\Cucusoft]
[HKLM\Software\CyberLink]
[HKLM\Software\DICE]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Even Balance]
[HKLM\Software\Futuremark Corporation]
[HKLM\Software\Futuremark]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Lake]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\S3R521]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Sony Corporation]
[HKLM\Software\TuneUp]
[HKLM\Software\US Army]
[HKLM\Software\VSO]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Witan Entertainment BV]
[HKLM\Software\Wocarson]
[HKLM\Software\Yahoo]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/12/2010 - 12:54:36 - [0] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 14/11/2010 - 11:20:42 - [162858302] ----D- C:\Program Files\Adobe
O43 - CFD: 26/01/2010 - 18:43:32 - [7657398] ----D- C:\Program Files\AGEIA Technologies
O43 - CFD: 29/06/2010 - 20:19:58 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 10/11/2010 - 10:36:50 - [764597] ----D- C:\Program Files\Astro Gemini Software
O43 - CFD: 05/12/2008 - 17:36:52 - [19047997] ----D- C:\Program Files\ASUS
O43 - CFD: 23/01/2010 - 13:09:54 - [884448] ----D- C:\Program Files\Auslogics
O43 - CFD: 30/07/2010 - 17:52:08 - [68] ----D- C:\Program Files\avsysinfo
O43 - CFD: 23/03/2011 - 12:16:50 - [723913] ----D- C:\Program Files\Belkin
O43 - CFD: 17/10/2010 - 09:49:08 - [599834] ----D- C:\Program Files\Bonjour
O43 - CFD: 11/12/2010 - 14:29:32 - [3501304] ----D- C:\Program Files\CCleaner
O43 - CFD: 05/12/2010 - 14:24:48 - [111306107] ----D- C:\Program Files\Corel
O43 - CFD: 01/02/2010 - 18:44:38 - [2077454] ----D- C:\Program Files\CPUID
O43 - CFD: 30/07/2010 - 17:52:02 - [25896543] ----D- C:\Program Files\Cucusoft
O43 - CFD: 26/01/2010 - 18:53:02 - [158898133] ----D- C:\Program Files\CyberLink
O43 - CFD: 14/04/2008 - 11:13:10 - [2921110] ----D- C:\Program Files\DIFX
O43 - CFD: 28/04/2008 - 10:55:50 - [7823339] ----D- C:\Program Files\Disc2Phone
O43 - CFD: 08/12/2010 - 22:08:56 - [131057899] ----D- C:\Program Files\DivX
O43 - CFD: 28/12/2007 - 15:21:28 - [980121] ----D- C:\Program Files\DVD Shrink
O43 - CFD: 22/02/2010 - 18:23:06 - [569] ----D- C:\Program Files\Electronic Arts
O43 - CFD: 04/04/2011 - 13:22:46 - [8558717] ----D- C:\Program Files\Enigma Software Group
O43 - CFD: 15/08/2008 - 09:13:02 - [319488] ----D- C:\Program Files\ESTsoft
O43 - CFD: 01/08/2010 - 21:06:02 - [1129388120] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 27/10/2008 - 21:20:06 - [13376734] ----D- C:\Program Files\FileZilla FTP Client
O43 - CFD: 08/12/2010 - 22:08:56 - [41087247] ----D- C:\Program Files\Freeplayer
O43 - CFD: 18/08/2010 - 15:26:50 - [60] ----D- C:\Program Files\Future Pinball
O43 - CFD: 02/02/2010 - 19:57:22 - [0] ----D- C:\Program Files\Futuremark
O43 - CFD: 11/03/2008 - 21:13:54 - [7468838] ----D- C:\Program Files\GameShadow
O43 - CFD: 08/12/2010 - 22:08:56 - [16045546] ----D- C:\Program Files\GameSpy Arcade
O43 - CFD: 18/01/2011 - 16:04:48 - [244916898] ----D- C:\Program Files\Google
O43 - CFD: 04/09/2010 - 13:29:38 - [613588659] ----D- C:\Program Files\Hip Games
O43 - CFD: 25/04/2010 - 10:46:48 - [190516615] ----D- C:\Program Files\HP
O43 - CFD: 03/11/2010 - 15:26:26 - [27631682] ----D- C:\Program Files\ImageShack Uploader
O43 - CFD: 05/12/2010 - 14:30:38 - [121274193] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 28/12/2007 - 14:57:12 - [96703] ----D- C:\Program Files\Intel
O43 - CFD: 14/02/2011 - 18:08:20 - [8944676] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 23/11/2010 - 14:59:42 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 23/11/2010 - 14:59:56 - [128773687] ----D- C:\Program Files\iTunes
O43 - CFD: 01/04/2011 - 19:20:34 - [80177657] ----D- C:\Program Files\Java
O43 - CFD: 02/04/2011 - 11:13:34 - [1019006323] ----D- C:\Program Files\JDownloader
O43 - CFD: 18/08/2010 - 15:26:46 - [0] ----D- C:\Program Files\Lavalys
O43 - CFD: 23/01/2010 - 19:37:32 - [4958973] ----D- C:\Program Files\ma-config.com
O43 - CFD: 04/04/2011 - 15:32:38 - [5159921] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 17/10/2009 - 12:29:12 - [5674414] ----D- C:\Program Files\MediaInfo
O43 - CFD: 08/12/2010 - 22:08:58 - [2157699] ----D- C:\Program Files\Messenger
O43 - CFD: 31/01/2010 - 21:12:04 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 28/12/2007 - 14:51:18 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 06/11/2008 - 17:04:04 - [36450431] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 26/11/2009 - 19:32:40 - [12231585] ----D- C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 14/07/2009 - 18:06:10 - [422948642] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 06/11/2009 - 20:23:18 - [1559148] ----D- C:\Program Files\Microsoft Office Outlook Connector
O43 - CFD: 25/01/2011 - 21:23:58 - [18110254] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 23/01/2010 - 13:37:12 - [15462931] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 22/03/2009 - 20:22:22 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 17/12/2008 - 15:04:44 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 28/12/2007 - 16:17:44 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 28/12/2007 - 16:18:20 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 28/12/2007 - 16:16:20 - [315392] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 11/12/2009 - 18:24:02 - [962896] ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
O43 - CFD: 12/08/2010 - 19:18:42 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 10/11/2010 - 20:21:52 - [8982205] ----D- C:\Program Files\Movies2iPhone
O43 - CFD: 28/12/2007 - 16:46:18 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03/08/2009 - 10:34:50 - [67836870] ----D- C:\Program Files\MSECache
O43 - CFD: 17/12/2008 - 15:57:58 - [21471461] ----D- C:\Program Files\MSN
O43 - CFD: 28/12/2007 - 14:48:44 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 27/01/2010 - 18:37:18 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 28/12/2007 - 16:47:42 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 05/12/2010 - 15:14:20 - [142791320] ----D- C:\Program Files\My Photo Books (Foto-cards Edition)
O43 - CFD: 04/11/2009 - 15:54:26 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 16/02/2010 - 00:51:36 - [0] ----D- C:\Program Files\Nouveau dossier
O43 - CFD: 02/02/2010 - 18:57:56 - [164267166] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 02/02/2010 - 18:57:08 - [58814560] ----D- C:\Program Files\NVIDIA nTune Performance Application
O43 - CFD: 28/12/2007 - 14:48:50 - [1811] ----D- C:\Program Files\Online Services
O43 - CFD: 01/03/2008 - 14:06:10 - [1581760] ----D- C:\Program Files\OpenAL
O43 - CFD: 15/12/2010 - 20:38:14 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 01/03/2008 - 15:47:58 - [571829866] ----D- C:\Program Files\Panzer Elite Action
O43 - CFD: 08/12/2010 - 22:08:58 - [3515768395] ----D- C:\Program Files\pspvideo9
O43 - CFD: 20/09/2010 - 14:49:02 - [76337719] ----D- C:\Program Files\QuickTime
O43 - CFD: 28/12/2007 - 14:59:04 - [119321407] ----D- C:\Program Files\Realtek
O43 - CFD: 28/12/2007 - 16:44:28 - [37949185] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 23/11/2010 - 14:12:42 - [42618231] ----D- C:\Program Files\Safari
O43 - CFD: 11/12/2009 - 18:24:02 - [3125920] ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy)
O43 - CFD: 28/12/2007 - 14:50:18 - [1032] ----D- C:\Program Files\Services en ligne
O43 - CFD: 01/08/2010 - 21:06:26 - [25537323] R---D- C:\Program Files\Skype
O43 - CFD: 18/01/2011 - 14:04:10 - [275395402] ----D- C:\Program Files\Sony
O43 - CFD: 04/04/2011 - 16:20:30 - [8710380628] ----D- C:\Program Files\Steam
O43 - CFD: 03/10/2008 - 18:32:10 - [768026] ----D- C:\Program Files\SystemRequirementsLab
O43 - CFD: 25/08/2010 - 20:40:50 - [25251234] ----D- C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 05/12/2010 - 21:34:04 - [6825432] ----D- C:\Program Files\Teamspeak2_RC2
O43 - CFD: 18/08/2010 - 12:03:36 - [10806682] ----D- C:\Program Files\TLKGAMES
O43 - CFD: 04/07/2010 - 20:06:26 - [1912] ----D- C:\Program Files\TuneUp Utilities 2010
O43 - CFD: 25/01/2010 - 13:47:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 04/04/2011 - 14:08:16 - [23516878] ----D- C:\Program Files\Utilitaire de configuration iPhone
O43 - CFD: 25/09/2010 - 09:47:50 - [328056] ----D- C:\Program Files\uTorrent
O43 - CFD: 05/02/2008 - 17:07:28 - [33498528] ----D- C:\Program Files\VideoLAN
O43 - CFD: 24/02/2010 - 20:52:28 - [4534678] ----D- C:\Program Files\VOWSoft iPod Software
O43 - CFD: 25/11/2010 - 22:00:02 - [32080125] ----D- C:\Program Files\VSO
O43 - CFD: 21/01/2008 - 14:27:44 - [41074] ----D- C:\Program Files\Webteh
O43 - CFD: 19/12/2009 - 11:57:26 - [135949975] ----D- C:\Program Files\Windows Live
O43 - CFD: 06/11/2009 - 20:20:34 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 11/10/2008 - 21:25:36 - [3589774] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 26/01/2010 - 18:27:58 - [7559945] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 04/11/2009 - 15:54:24 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 25/01/2010 - 13:47:00 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 26/01/2010 - 20:15:56 - [3921963] ----D- C:\Program Files\WinRAR
O43 - CFD: 28/12/2007 - 14:51:18 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 04/04/2011 - 14:08:16 - [777497] ----D- C:\Program Files\Xvid
O43 - CFD: 18/08/2010 - 15:27:30 - [0] ----D- C:\Program Files\Yahoo!
O43 - CFD: 04/04/2011 - 17:38:20 - [3679161] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 14/11/2010 - 11:20:50 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 28/12/2007 - 15:16:48 - [119373758] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 23/11/2010 - 14:59:40 - [107008281] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 26/01/2010 - 18:52:58 - [114688] ----D- C:\Program Files\Fichiers Communs\CyberLink
O43 - CFD: 28/12/2007 - 16:18:38 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 04/03/2008 - 11:32:32 - [1290] ----D- C:\Program Files\Fichiers Communs\DirectX
O43 - CFD: 15/04/2010 - 11:16:10 - [30445276] ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD: 02/02/2010 - 20:10:30 - [3952449] ----D- C:\Program Files\Fichiers Communs\Futuremark Shared
O43 - CFD: 26/02/2010 - 21:54:02 - [997653] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 26/02/2010 - 21:54:22 - [1817436] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 29/12/2007 - 22:00:46 - [17795774] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 26/01/2010 - 18:46:34 - [315855949] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 28/12/2007 - 14:49:44 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 11/12/2010 - 10:33:24 - [131313] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 02/01/2010 - 14:20:38 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 28/12/2007 - 14:49:48 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 01/08/2010 - 21:06:02 - [2135336] ----D- C:\Program Files\Fichiers Communs\Skype
O43 - CFD: 28/12/2007 - 15:43:12 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 06/11/2009 - 20:23:18 - [25827352] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 17/12/2008 - 14:29:34 - [256998808] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 27/04/2008 - 13:23:40 - [42842000] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD: 04/04/2011 - 13:22:30 - [193644032] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 06/01/2008 - 12:06:54 - [1650935] ----D- C:\Documents and Settings\YANNICK\Application Data\Adobe
O43 - CFD: 06/01/2008 - 10:33:56 - [111140] ----D- C:\Documents and Settings\YANNICK\Application Data\Ahead
O43 - CFD: 23/09/2009 - 20:36:04 - [319826099] ----D- C:\Documents and Settings\YANNICK\Application Data\Apple Computer
O43 - CFD: 12/01/2008 - 20:04:16 - [136] ----D- C:\Documents and Settings\YANNICK\Application Data\ArcSoft
O43 - CFD: 04/11/2009 - 17:21:18 - [8995] ----D- C:\Documents and Settings\YANNICK\Application Data\Auslogics
O43 - CFD: 07/01/2008 - 03:04:58 - [330072] ----D- C:\Documents and Settings\YANNICK\Application Data\Bioshock
Rapport de ZHPDiag v1.27.1862 par Nicolas Coolman, Update du 03/04/2011
Run by YANNICK at 04/04/2011 17:38:14
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 172 GB (77%) free of 221 GB
---\\ Logged in mode
Computer Name: E6750-6AC5E2889
User Name: YANNICK
All Users Names: YANNICK, SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Documents and Settings\YANNICK\Application Data
%LocalAppData%=C:\Documents and Settings\YANNICK\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\YANNICK\Menu Démarrer
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 172 Go of 221 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 159 Go of 245 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 11:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Processus lancés
[MD5.1F31A588CC83A7B76715F9549515C161] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.2.) -- C:\WINDOWS\system32\nvsvc32.exe [154216]
[MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736]
[MD5.018857EAD9A077A56AEDFC0E5EF7A24A] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.112325F53AB720CA77825726D427FBDC] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.C4305F070481199D102F20DAC23E554B] - (.NVIDIA - NVIDIA Access Manager.) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [131072]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [360224]
[MD5.A1DD33D16F277CE34124EE52AB2C0F14] - (...) -- C:\WINDOWS\system32\PnkBstrA.exe [75064]
[MD5.38CDA1E493C6589910A3FBE81ECCD354] - (...) -- C:\WINDOWS\system32\PnkBstrB.exe [189480]
[MD5.8CFCA7E2FD4B57C2BEF929C1C1A4C56E] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [271760]
[MD5.83E70761489F8235E5BD94A6CCA8437D] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [18717696]
[MD5.FCB74635483CE82FF2BE9F91D2C8558E] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432]
[MD5.A63E46BECDDC697FF9C086D7AACBB0BE] - (.cyberlink - brs.) -- C:\Program Files\Cyberlink\Shared Files\brs.exe [75048]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\RUNDLL32.EXE [33792]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208]
[MD5.2DFCB2393528446AEB9FB861A8FC39AB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.766E24A20116AFA41F380B57FFE7AF02] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.0CA8C2E721617AA2F923A8151C96FB33] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]
[MD5.85D374F30A2015D795B1E8D1258866D4] - (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe [116280]
[MD5.C2271BD91106CEEC631265842CAD09DC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642048]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [YANNICK] -- C:\Documents and Settings\YANNICK\Application Data\Mozilla\Firefox\Profiles\o10br65d.default\searchplugins\live-search.xml
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.2.39.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.3.0f4.) -- C:\Documents and Settings\YANNICK.E6750-6AC5E2889\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [BDRegion] . (.cyberlink - brs.) -- C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam.) -- c:\program files\steam\steam.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] . (.NVIDIA - NVIDIA nTune Command.) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\..\Run: [Steam] . (.Valve Corporation - Steam.) -- c:\program files\steam\steam.exe
O4 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-842925246-1123561945-682003330-1003\..\Run: [NVIDIA nTune] . (.NVIDIA - NVIDIA nTune Command.) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A92000000001}\SC_Reader.ico (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft Office PowerPoint 2007.lnk . (...) -- C:\WINDOWS\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Live ID.lnk . (.Microsoft Corporation.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\YANNICK\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype add-on for Internet Explorer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Skype add-on for Internet Explorer - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/fr/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{15313CDF-7C07-4B4A-94B6-B35D729EAE01}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CCS\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{15313CDF-7C07-4B4A-94B6-B35D729EAE01}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CS2\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{15313CDF-7C07-4B4A-94B6-B35D729EAE01}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CS3\Services\Tcpip\..\{48A25B85-6DAE-4185-8E8D-B412E0BF8363}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.242
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (nTuneService) . (.NVIDIA - NVIDIA Access Manager.) - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.2.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: (PnkBstrA) . (...) - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: (PnkBstrB) . (...) - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files\CyberLink\PowerDVD8\000.fcl
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{03D05354-AEC8-433F-834F-7392818CEE4B}.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl26f52309) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A30835DB-7393-42A1-93DA-37A993085822}\MpKsl26f52309.sys (.not file.)
O41 - Driver: (MpKsl401ab82a) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsl401ab82a.sys (.not file.)
O41 - Driver: (MpKsl42e14320) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C423377C-11A8-45FD-87AF-2D7B99EB2C83}\MpKsl42e14320.sys (.not file.)
O41 - Driver: (MpKsl4784e949) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DEEF2DCC-A928-4135-918D-55FC0F896C3A}\MpKsl4784e949.sys (.not file.)
O41 - Driver: (MpKsl527b0adb) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C1571341-FDD8-4452-808A-F266A7A1BF8B}\MpKsl527b0adb.sys (.not file.)
O41 - Driver: (MpKsl641cc1ef) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsl641cc1ef.sys (.not file.)
O41 - Driver: (MpKsl728c1bce) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3DD730E8-92C0-42F4-B7FD-25EB34E1C4F7}\MpKsl728c1bce.sys (.not file.)
O41 - Driver: (MpKsl796ea5b8) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B6BF46C6-09C8-4634-BC07-1AD0EF908F08}\MpKsl796ea5b8.sys (.not file.)
O41 - Driver: (MpKsl7db545bd) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsl7db545bd.sys (.not file.)
O41 - Driver: (MpKsl8ecfde06) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C53B86B4-7C70-45DA-9858-9310F4933F73}\MpKsl8ecfde06.sys (.not file.)
O41 - Driver: (MpKsla60012ac) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C423377C-11A8-45FD-87AF-2D7B99EB2C83}\MpKsla60012ac.sys (.not file.)
O41 - Driver: (MpKslac81359a) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{356BD5E0-4AEA-4717-957C-6135022011B6}\MpKslac81359a.sys
O41 - Driver: (MpKsld7fc1ca7) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B38C5890-45E7-4830-A77B-51DF215657C2}\MpKsld7fc1ca7.sys (.not file.)
O41 - Driver: (MpKsle2131de6) . (. - .) - c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C1571341-FDD8-4452-808A-F266A7A1BF8B}\MpKsle2131de6.sys (.not file.)
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Attansic L1 Gigabit Ethernet Driver - (.Pas de propriétaire.) [HKLM] -- AtcL1
O42 - Logiciel: Belkin F7D1101 Basic Wireless USB Adapter - (.Belkin.) [HKLM] -- InstallShield_{AFD89880-C544-4777-B645-FBF6D3391B11}
O42 - Logiciel: Belkin F7D1101 Basic Wireless USB Adapter - (.Belkin.) [HKLM] -- {AFD89880-C544-4777-B645-FBF6D3391B11}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CPUID HWMonitor 1.15 - (.Pas de propriétaire.) [HKLM] -- CPUID HWMonitor_is1
O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: Cucusoft iPhone Ringtone Maker 2.4.4 - (.Cucusoft, Inc..) [HKLM] -- Cucusoft iPhone Ringtone Maker_is1
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
O42 - Logiciel: Fun Aquarium 3D Screensaver 1.0 - (.Pas de propriétaire.) [HKLM] -- Fun Aquarium 3D Screensaver_is1
O42 - Logiciel: Futuremark SystemInfo - (.Futuremark Corporation.) [HKLM] -- {BEE64C14-BEF1-4610-8A68-A16EAA47B882}
O42 - Logiciel: Garfield(TM) - Sauver Arlène - (.Hip Games.) [HKLM] -- Garfield Saving Arlene
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 - (.HP.) [HKLM] -- {CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM] -- HP Print Projects
O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: ImageShack Uploader 2.2.0 - (.ImageShack Corp..) [HKLM] -- {8BCD7AE7-F713-4D50-BAB9-7839B9386870}
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader
O42 - Logiciel: Java(TM) 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216015FF}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Movies2iPhone 1.24 for Windows - (.OKprods Ltd.) [HKLM] -- Movies2iPhone
O42 - Logiciel: My Photo Books (Foto-cards Edition) - (.Digilabs.) [HKLM] -- {F0142E13-8A6A-47B1-B6EA-AD02A7B63735}
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}
O42 - Logiciel: NVIDIA nTune - (.NVIDIA Corporation.) [HKLM] -- InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager
O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: VSO Image Resizer 4.0.2.5 - (.VSO-Software.) [HKLM] -- {8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1
O42 - Logiciel: VideoLAN VLC media player 0.8.6c - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Genuine Advantage Validation 1.9.42.0 Cracked - (.Wocarson.) [HKLM] -- {EB1BE39D-4C36-40A0-8CFB-079A2D14CB79}
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Xvid 1.2.1 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {FAE36873-1941-4076-A9A5-48812B5EA0B7}
O42 - Logiciel: iVideoBot Pro 5.0.0 - (.VOWSoft, Ltd..) [HKLM] -- iVideoBot Pro
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\Adobe]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Astro Gemini Software]
[HKCU\Software\Auslogics]
[HKCU\Software\Belkin]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Corel]
[HKCU\Software\Cyberlink]
[HKCU\Software\DVD Shrink]
[HKCU\Software\Digital River]
[HKCU\Software\DirectX AppWizard Apps]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Future Pinball]
[HKCU\Software\GNU]
[HKCU\Software\Gaijin]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\ImageShack Corp.]
[HKCU\Software\ImageShack]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MouseIndustries]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\NeKo]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VOWSoft]
[HKCU\Software\VSO]
[HKCU\Software\Valve]
[HKCU\Software\Wargaming.Net]
[HKCU\Software\WinRAR]
[HKCU\Software\Witan Entertainment BV]
[HKCU\Software\Yahoo]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ASUS]
[HKLM\Software\Activision]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Attansic]
[HKLM\Software\Audible]
[HKLM\Software\Belkin]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Corel]
[HKLM\Software\Creative Tech]
[HKLM\Software\Cucusoft]
[HKLM\Software\CyberLink]
[HKLM\Software\DICE]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Even Balance]
[HKLM\Software\Futuremark Corporation]
[HKLM\Software\Futuremark]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Lake]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\S3R521]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Sony Corporation]
[HKLM\Software\TuneUp]
[HKLM\Software\US Army]
[HKLM\Software\VSO]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Witan Entertainment BV]
[HKLM\Software\Wocarson]
[HKLM\Software\Yahoo]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/12/2010 - 12:54:36 - [0] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 14/11/2010 - 11:20:42 - [162858302] ----D- C:\Program Files\Adobe
O43 - CFD: 26/01/2010 - 18:43:32 - [7657398] ----D- C:\Program Files\AGEIA Technologies
O43 - CFD: 29/06/2010 - 20:19:58 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 10/11/2010 - 10:36:50 - [764597] ----D- C:\Program Files\Astro Gemini Software
O43 - CFD: 05/12/2008 - 17:36:52 - [19047997] ----D- C:\Program Files\ASUS
O43 - CFD: 23/01/2010 - 13:09:54 - [884448] ----D- C:\Program Files\Auslogics
O43 - CFD: 30/07/2010 - 17:52:08 - [68] ----D- C:\Program Files\avsysinfo
O43 - CFD: 23/03/2011 - 12:16:50 - [723913] ----D- C:\Program Files\Belkin
O43 - CFD: 17/10/2010 - 09:49:08 - [599834] ----D- C:\Program Files\Bonjour
O43 - CFD: 11/12/2010 - 14:29:32 - [3501304] ----D- C:\Program Files\CCleaner
O43 - CFD: 05/12/2010 - 14:24:48 - [111306107] ----D- C:\Program Files\Corel
O43 - CFD: 01/02/2010 - 18:44:38 - [2077454] ----D- C:\Program Files\CPUID
O43 - CFD: 30/07/2010 - 17:52:02 - [25896543] ----D- C:\Program Files\Cucusoft
O43 - CFD: 26/01/2010 - 18:53:02 - [158898133] ----D- C:\Program Files\CyberLink
O43 - CFD: 14/04/2008 - 11:13:10 - [2921110] ----D- C:\Program Files\DIFX
O43 - CFD: 28/04/2008 - 10:55:50 - [7823339] ----D- C:\Program Files\Disc2Phone
O43 - CFD: 08/12/2010 - 22:08:56 - [131057899] ----D- C:\Program Files\DivX
O43 - CFD: 28/12/2007 - 15:21:28 - [980121] ----D- C:\Program Files\DVD Shrink
O43 - CFD: 22/02/2010 - 18:23:06 - [569] ----D- C:\Program Files\Electronic Arts
O43 - CFD: 04/04/2011 - 13:22:46 - [8558717] ----D- C:\Program Files\Enigma Software Group
O43 - CFD: 15/08/2008 - 09:13:02 - [319488] ----D- C:\Program Files\ESTsoft
O43 - CFD: 01/08/2010 - 21:06:02 - [1129388120] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 27/10/2008 - 21:20:06 - [13376734] ----D- C:\Program Files\FileZilla FTP Client
O43 - CFD: 08/12/2010 - 22:08:56 - [41087247] ----D- C:\Program Files\Freeplayer
O43 - CFD: 18/08/2010 - 15:26:50 - [60] ----D- C:\Program Files\Future Pinball
O43 - CFD: 02/02/2010 - 19:57:22 - [0] ----D- C:\Program Files\Futuremark
O43 - CFD: 11/03/2008 - 21:13:54 - [7468838] ----D- C:\Program Files\GameShadow
O43 - CFD: 08/12/2010 - 22:08:56 - [16045546] ----D- C:\Program Files\GameSpy Arcade
O43 - CFD: 18/01/2011 - 16:04:48 - [244916898] ----D- C:\Program Files\Google
O43 - CFD: 04/09/2010 - 13:29:38 - [613588659] ----D- C:\Program Files\Hip Games
O43 - CFD: 25/04/2010 - 10:46:48 - [190516615] ----D- C:\Program Files\HP
O43 - CFD: 03/11/2010 - 15:26:26 - [27631682] ----D- C:\Program Files\ImageShack Uploader
O43 - CFD: 05/12/2010 - 14:30:38 - [121274193] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 28/12/2007 - 14:57:12 - [96703] ----D- C:\Program Files\Intel
O43 - CFD: 14/02/2011 - 18:08:20 - [8944676] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 23/11/2010 - 14:59:42 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 23/11/2010 - 14:59:56 - [128773687] ----D- C:\Program Files\iTunes
O43 - CFD: 01/04/2011 - 19:20:34 - [80177657] ----D- C:\Program Files\Java
O43 - CFD: 02/04/2011 - 11:13:34 - [1019006323] ----D- C:\Program Files\JDownloader
O43 - CFD: 18/08/2010 - 15:26:46 - [0] ----D- C:\Program Files\Lavalys
O43 - CFD: 23/01/2010 - 19:37:32 - [4958973] ----D- C:\Program Files\ma-config.com
O43 - CFD: 04/04/2011 - 15:32:38 - [5159921] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 17/10/2009 - 12:29:12 - [5674414] ----D- C:\Program Files\MediaInfo
O43 - CFD: 08/12/2010 - 22:08:58 - [2157699] ----D- C:\Program Files\Messenger
O43 - CFD: 31/01/2010 - 21:12:04 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 28/12/2007 - 14:51:18 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 06/11/2008 - 17:04:04 - [36450431] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 26/11/2009 - 19:32:40 - [12231585] ----D- C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 14/07/2009 - 18:06:10 - [422948642] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 06/11/2009 - 20:23:18 - [1559148] ----D- C:\Program Files\Microsoft Office Outlook Connector
O43 - CFD: 25/01/2011 - 21:23:58 - [18110254] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 23/01/2010 - 13:37:12 - [15462931] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 22/03/2009 - 20:22:22 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 17/12/2008 - 15:04:44 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 28/12/2007 - 16:17:44 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 28/12/2007 - 16:18:20 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 28/12/2007 - 16:16:20 - [315392] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 11/12/2009 - 18:24:02 - [962896] ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
O43 - CFD: 12/08/2010 - 19:18:42 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 10/11/2010 - 20:21:52 - [8982205] ----D- C:\Program Files\Movies2iPhone
O43 - CFD: 28/12/2007 - 16:46:18 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03/08/2009 - 10:34:50 - [67836870] ----D- C:\Program Files\MSECache
O43 - CFD: 17/12/2008 - 15:57:58 - [21471461] ----D- C:\Program Files\MSN
O43 - CFD: 28/12/2007 - 14:48:44 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 27/01/2010 - 18:37:18 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 28/12/2007 - 16:47:42 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 05/12/2010 - 15:14:20 - [142791320] ----D- C:\Program Files\My Photo Books (Foto-cards Edition)
O43 - CFD: 04/11/2009 - 15:54:26 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 16/02/2010 - 00:51:36 - [0] ----D- C:\Program Files\Nouveau dossier
O43 - CFD: 02/02/2010 - 18:57:56 - [164267166] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 02/02/2010 - 18:57:08 - [58814560] ----D- C:\Program Files\NVIDIA nTune Performance Application
O43 - CFD: 28/12/2007 - 14:48:50 - [1811] ----D- C:\Program Files\Online Services
O43 - CFD: 01/03/2008 - 14:06:10 - [1581760] ----D- C:\Program Files\OpenAL
O43 - CFD: 15/12/2010 - 20:38:14 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 01/03/2008 - 15:47:58 - [571829866] ----D- C:\Program Files\Panzer Elite Action
O43 - CFD: 08/12/2010 - 22:08:58 - [3515768395] ----D- C:\Program Files\pspvideo9
O43 - CFD: 20/09/2010 - 14:49:02 - [76337719] ----D- C:\Program Files\QuickTime
O43 - CFD: 28/12/2007 - 14:59:04 - [119321407] ----D- C:\Program Files\Realtek
O43 - CFD: 28/12/2007 - 16:44:28 - [37949185] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 23/11/2010 - 14:12:42 - [42618231] ----D- C:\Program Files\Safari
O43 - CFD: 11/12/2009 - 18:24:02 - [3125920] ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy)
O43 - CFD: 28/12/2007 - 14:50:18 - [1032] ----D- C:\Program Files\Services en ligne
O43 - CFD: 01/08/2010 - 21:06:26 - [25537323] R---D- C:\Program Files\Skype
O43 - CFD: 18/01/2011 - 14:04:10 - [275395402] ----D- C:\Program Files\Sony
O43 - CFD: 04/04/2011 - 16:20:30 - [8710380628] ----D- C:\Program Files\Steam
O43 - CFD: 03/10/2008 - 18:32:10 - [768026] ----D- C:\Program Files\SystemRequirementsLab
O43 - CFD: 25/08/2010 - 20:40:50 - [25251234] ----D- C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 05/12/2010 - 21:34:04 - [6825432] ----D- C:\Program Files\Teamspeak2_RC2
O43 - CFD: 18/08/2010 - 12:03:36 - [10806682] ----D- C:\Program Files\TLKGAMES
O43 - CFD: 04/07/2010 - 20:06:26 - [1912] ----D- C:\Program Files\TuneUp Utilities 2010
O43 - CFD: 25/01/2010 - 13:47:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 04/04/2011 - 14:08:16 - [23516878] ----D- C:\Program Files\Utilitaire de configuration iPhone
O43 - CFD: 25/09/2010 - 09:47:50 - [328056] ----D- C:\Program Files\uTorrent
O43 - CFD: 05/02/2008 - 17:07:28 - [33498528] ----D- C:\Program Files\VideoLAN
O43 - CFD: 24/02/2010 - 20:52:28 - [4534678] ----D- C:\Program Files\VOWSoft iPod Software
O43 - CFD: 25/11/2010 - 22:00:02 - [32080125] ----D- C:\Program Files\VSO
O43 - CFD: 21/01/2008 - 14:27:44 - [41074] ----D- C:\Program Files\Webteh
O43 - CFD: 19/12/2009 - 11:57:26 - [135949975] ----D- C:\Program Files\Windows Live
O43 - CFD: 06/11/2009 - 20:20:34 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 11/10/2008 - 21:25:36 - [3589774] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 26/01/2010 - 18:27:58 - [7559945] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 04/11/2009 - 15:54:24 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 25/01/2010 - 13:47:00 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 26/01/2010 - 20:15:56 - [3921963] ----D- C:\Program Files\WinRAR
O43 - CFD: 28/12/2007 - 14:51:18 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 04/04/2011 - 14:08:16 - [777497] ----D- C:\Program Files\Xvid
O43 - CFD: 18/08/2010 - 15:27:30 - [0] ----D- C:\Program Files\Yahoo!
O43 - CFD: 04/04/2011 - 17:38:20 - [3679161] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 14/11/2010 - 11:20:50 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 28/12/2007 - 15:16:48 - [119373758] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 23/11/2010 - 14:59:40 - [107008281] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 26/01/2010 - 18:52:58 - [114688] ----D- C:\Program Files\Fichiers Communs\CyberLink
O43 - CFD: 28/12/2007 - 16:18:38 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 04/03/2008 - 11:32:32 - [1290] ----D- C:\Program Files\Fichiers Communs\DirectX
O43 - CFD: 15/04/2010 - 11:16:10 - [30445276] ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD: 02/02/2010 - 20:10:30 - [3952449] ----D- C:\Program Files\Fichiers Communs\Futuremark Shared
O43 - CFD: 26/02/2010 - 21:54:02 - [997653] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 26/02/2010 - 21:54:22 - [1817436] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 29/12/2007 - 22:00:46 - [17795774] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 26/01/2010 - 18:46:34 - [315855949] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 28/12/2007 - 14:49:44 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 11/12/2010 - 10:33:24 - [131313] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 02/01/2010 - 14:20:38 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 28/12/2007 - 14:49:48 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 01/08/2010 - 21:06:02 - [2135336] ----D- C:\Program Files\Fichiers Communs\Skype
O43 - CFD: 28/12/2007 - 15:43:12 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 06/11/2009 - 20:23:18 - [25827352] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 17/12/2008 - 14:29:34 - [256998808] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 27/04/2008 - 13:23:40 - [42842000] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD: 04/04/2011 - 13:22:30 - [193644032] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 06/01/2008 - 12:06:54 - [1650935] ----D- C:\Documents and Settings\YANNICK\Application Data\Adobe
O43 - CFD: 06/01/2008 - 10:33:56 - [111140] ----D- C:\Documents and Settings\YANNICK\Application Data\Ahead
O43 - CFD: 23/09/2009 - 20:36:04 - [319826099] ----D- C:\Documents and Settings\YANNICK\Application Data\Apple Computer
O43 - CFD: 12/01/2008 - 20:04:16 - [136] ----D- C:\Documents and Settings\YANNICK\Application Data\ArcSoft
O43 - CFD: 04/11/2009 - 17:21:18 - [8995] ----D- C:\Documents and Settings\YANNICK\Application Data\Auslogics
O43 - CFD: 07/01/2008 - 03:04:58 - [330072] ----D- C:\Documents and Settings\YANNICK\Application Data\Bioshock
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 18:36
4 avril 2011 à 18:36
a l autre
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000007d
Kernel Drivers (total 124):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E5000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB80A8000 leisr.sys
0xB7F78000 ACPI.sys
0xB85AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB7F67000 pci.sys
0xB80B8000 isapnp.sys
0xB80C8000 ohci1394.sys
0xB80D8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80E8000 MountMgr.sys
0xB7F48000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7F22000 dmio.sys
0xB8330000 PartMgr.sys
0xB80F8000 VolSnap.sys
0xB7F0A000 atapi.sys
0xB8108000 disk.sys
0xB8118000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7EEA000 fltMgr.sys
0xB7ED8000 sr.sys
0xB8128000 PxHelp20.sys
0xB7EC1000 KSecDD.sys
0xB7E34000 Ntfs.sys
0xB7E07000 NDIS.sys
0xB7DED000 Mup.sys
0xB82C8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB6C30000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB6C1C000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB83F0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB6BF8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB83F8000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB6BD0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB82D8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB82E8000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB6BAD000 \SystemRoot\system32\DRIVERS\ks.sys
0xB8400000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB82F8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8308000 \SystemRoot\system32\DRIVERS\atl01_xp.sys
0xB8318000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB8408000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB85E8000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB6B9C000 \SystemRoot\system32\DRIVERS\serial.sys
0xB7DB9000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB8410000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8797000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB7DB1000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB6B85000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB81C8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8418000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB6B74000 \SystemRoot\system32\DRIVERS\psched.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB8420000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8428000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB6B44000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB81E8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB8430000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB85EA000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB6AE6000 \SystemRoot\system32\DRIVERS\update.sys
0xB7A15000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB8238000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB75FD000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB8610000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB03A0000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xB02A4000 \SystemRoot\system32\drivers\portcls.sys
0xB69BB000 \SystemRoot\system32\drivers\drmk.sys
0xB83B0000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xAFD1B000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0xB8636000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB86B9000 \SystemRoot\System32\Drivers\Null.SYS
0xB8638000 \SystemRoot\System32\Drivers\Beep.SYS
0xB8208000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB83D8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB83E0000 \SystemRoot\System32\drivers\vga.sys
0xB863A000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB863C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8340000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB8378000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB4CD7000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAFC8C000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAFC33000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAFC0D000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xAFBE5000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAFBC3000 \SystemRoot\System32\drivers\afd.sys
0xB8228000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAFB98000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAFB28000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8248000 \SystemRoot\System32\Drivers\Fips.SYS
0xB83E8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB8564000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xAFEDE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xAF729000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xAEEFB000 \SystemRoot\System32\Drivers\usbvideo.sys
0xAF71D000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xAFE6E000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xAEE69000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
0xAEE51000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB85EC000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB01F9000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8468000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB86DE000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD623000 \SystemRoot\System32\ATMFD.DLL
0xB761D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB699B000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xAE946000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAE6B2000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xAE5AD000 \SystemRoot\system32\drivers\wdmaud.sys
0xB02C8000 \SystemRoot\system32\drivers\sysaudio.sys
0xAE54F000 \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys
0xAE3C7000 \SystemRoot\system32\DRIVERS\srv.sys
0xAE0F3000 \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl
0xB8390000 \??\C:\WINDOWS\nvoclock.sys
0xADBAF000 \SystemRoot\System32\Drivers\HTTP.sys
0xAEF41000 \??\c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{356BD5E0-4AEA-4717-957C-6135022011B6}\MpKslac81359a.sys
0xB83A0000 \??\C:\DOCUME~1\YANNIC~1.E67\LOCALS~1\Temp\mbr.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 47):
0 System Idle Process
4 System
500 C:\WINDOWS\system32\smss.exe
560 csrss.exe
584 C:\WINDOWS\system32\winlogon.exe
628 C:\WINDOWS\system32\services.exe
644 C:\WINDOWS\system32\lsass.exe
820 C:\WINDOWS\system32\nvsvc32.exe
844 C:\WINDOWS\system32\svchost.exe
1332 svchost.exe
1372 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
1408 C:\WINDOWS\system32\svchost.exe
1500 svchost.exe
1608 svchost.exe
1776 C:\WINDOWS\explorer.exe
216 C:\WINDOWS\system32\spoolsv.exe
1516 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1688 C:\Program Files\Bonjour\mDNSResponder.exe
1872 C:\WINDOWS\system32\svchost.exe
1912 C:\Program Files\Java\jre6\bin\jqs.exe
2008 C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
548 C:\WINDOWS\system32\svchost.exe
164 C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
1032 C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
1060 C:\WINDOWS\system32\svchost.exe
1200 C:\WINDOWS\system32\PnkBstrA.exe
1208 C:\WINDOWS\system32\PnkBstrB.exe
1676 C:\Program Files\CyberLink\Shared files\RichVideo.exe
244 C:\WINDOWS\system32\svchost.exe
1740 wdfmgr.exe
2284 C:\WINDOWS\system32\wbem\wmiapsrv.exe
2560 C:\WINDOWS\RTHDCPL.EXE
2640 alg.exe
2668 C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
2888 C:\Program Files\CyberLink\Shared files\brs.exe
2928 C:\WINDOWS\system32\rundll32.exe
3040 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
3572 C:\Program Files\iTunes\iTunesHelper.exe
3648 C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
3688 C:\Program Files\Microsoft Security Client\msseces.exe
3956 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2372 C:\Program Files\iPod\bin\iPodService.exe
860 C:\Program Files\Internet Explorer\iexplore.exe
3288 C:\Program Files\Internet Explorer\iexplore.exe
3576 C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
3360 C:\Program Files\ZHPDiag\mbrcheck.exe
884 C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000'00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037'2d061400 (NTFS)
PhysicalDrive0 Model Number: HitachiHDT725050VLA360, Rev: V56OA7EA
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: 8637A6CD1F8DC55758E12C0B860CDE1133CA5719
Done!
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000007d
Kernel Drivers (total 124):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E5000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB80A8000 leisr.sys
0xB7F78000 ACPI.sys
0xB85AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB7F67000 pci.sys
0xB80B8000 isapnp.sys
0xB80C8000 ohci1394.sys
0xB80D8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80E8000 MountMgr.sys
0xB7F48000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7F22000 dmio.sys
0xB8330000 PartMgr.sys
0xB80F8000 VolSnap.sys
0xB7F0A000 atapi.sys
0xB8108000 disk.sys
0xB8118000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7EEA000 fltMgr.sys
0xB7ED8000 sr.sys
0xB8128000 PxHelp20.sys
0xB7EC1000 KSecDD.sys
0xB7E34000 Ntfs.sys
0xB7E07000 NDIS.sys
0xB7DED000 Mup.sys
0xB82C8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB6C30000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB6C1C000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB83F0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB6BF8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB83F8000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB6BD0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB82D8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB82E8000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB6BAD000 \SystemRoot\system32\DRIVERS\ks.sys
0xB8400000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB82F8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8308000 \SystemRoot\system32\DRIVERS\atl01_xp.sys
0xB8318000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xB8408000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB85E8000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB6B9C000 \SystemRoot\system32\DRIVERS\serial.sys
0xB7DB9000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB8410000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8797000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB7DB1000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB6B85000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB81C8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8418000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB6B74000 \SystemRoot\system32\DRIVERS\psched.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB8420000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8428000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB6B44000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB81E8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB8430000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB85EA000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB6AE6000 \SystemRoot\system32\DRIVERS\update.sys
0xB7A15000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB8238000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB75FD000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB8610000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB03A0000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xB02A4000 \SystemRoot\system32\drivers\portcls.sys
0xB69BB000 \SystemRoot\system32\drivers\drmk.sys
0xB83B0000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xAFD1B000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0xB8636000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB86B9000 \SystemRoot\System32\Drivers\Null.SYS
0xB8638000 \SystemRoot\System32\Drivers\Beep.SYS
0xB8208000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB83D8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB83E0000 \SystemRoot\System32\drivers\vga.sys
0xB863A000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB863C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8340000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB8378000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB4CD7000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAFC8C000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAFC33000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAFC0D000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xAFBE5000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAFBC3000 \SystemRoot\System32\drivers\afd.sys
0xB8228000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAFB98000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAFB28000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8248000 \SystemRoot\System32\Drivers\Fips.SYS
0xB83E8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB8564000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xAFEDE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xAF729000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xAEEFB000 \SystemRoot\System32\Drivers\usbvideo.sys
0xAF71D000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xAFE6E000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xAEE69000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
0xAEE51000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB85EC000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB01F9000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8468000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB86DE000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD623000 \SystemRoot\System32\ATMFD.DLL
0xB761D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB699B000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xAE946000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAE6B2000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xAE5AD000 \SystemRoot\system32\drivers\wdmaud.sys
0xB02C8000 \SystemRoot\system32\drivers\sysaudio.sys
0xAE54F000 \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys
0xAE3C7000 \SystemRoot\system32\DRIVERS\srv.sys
0xAE0F3000 \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl
0xB8390000 \??\C:\WINDOWS\nvoclock.sys
0xADBAF000 \SystemRoot\System32\Drivers\HTTP.sys
0xAEF41000 \??\c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{356BD5E0-4AEA-4717-957C-6135022011B6}\MpKslac81359a.sys
0xB83A0000 \??\C:\DOCUME~1\YANNIC~1.E67\LOCALS~1\Temp\mbr.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 47):
0 System Idle Process
4 System
500 C:\WINDOWS\system32\smss.exe
560 csrss.exe
584 C:\WINDOWS\system32\winlogon.exe
628 C:\WINDOWS\system32\services.exe
644 C:\WINDOWS\system32\lsass.exe
820 C:\WINDOWS\system32\nvsvc32.exe
844 C:\WINDOWS\system32\svchost.exe
1332 svchost.exe
1372 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
1408 C:\WINDOWS\system32\svchost.exe
1500 svchost.exe
1608 svchost.exe
1776 C:\WINDOWS\explorer.exe
216 C:\WINDOWS\system32\spoolsv.exe
1516 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1688 C:\Program Files\Bonjour\mDNSResponder.exe
1872 C:\WINDOWS\system32\svchost.exe
1912 C:\Program Files\Java\jre6\bin\jqs.exe
2008 C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
548 C:\WINDOWS\system32\svchost.exe
164 C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
1032 C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
1060 C:\WINDOWS\system32\svchost.exe
1200 C:\WINDOWS\system32\PnkBstrA.exe
1208 C:\WINDOWS\system32\PnkBstrB.exe
1676 C:\Program Files\CyberLink\Shared files\RichVideo.exe
244 C:\WINDOWS\system32\svchost.exe
1740 wdfmgr.exe
2284 C:\WINDOWS\system32\wbem\wmiapsrv.exe
2560 C:\WINDOWS\RTHDCPL.EXE
2640 alg.exe
2668 C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
2888 C:\Program Files\CyberLink\Shared files\brs.exe
2928 C:\WINDOWS\system32\rundll32.exe
3040 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
3572 C:\Program Files\iTunes\iTunesHelper.exe
3648 C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
3688 C:\Program Files\Microsoft Security Client\msseces.exe
3956 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2372 C:\Program Files\iPod\bin\iPodService.exe
860 C:\Program Files\Internet Explorer\iexplore.exe
3288 C:\Program Files\Internet Explorer\iexplore.exe
3576 C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
3360 C:\Program Files\ZHPDiag\mbrcheck.exe
884 C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000'00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037'2d061400 (NTFS)
PhysicalDrive0 Model Number: HitachiHDT725050VLA360, Rev: V56OA7EA
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: 8637A6CD1F8DC55758E12C0B860CDE1133CA5719
Done!
Utilisateur anonyme
4 avril 2011 à 18:52
4 avril 2011 à 18:52
* Télécharge load_tdsskiller (de Loup Blanc) sur ton Bureau
http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe
* Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur
* L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse
* Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option (Cure) est sélectionnée,
* Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),
* A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)
http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe
* Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur
* L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse
* Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option (Cure) est sélectionnée,
* Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),
* A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 19:00
4 avril 2011 à 19:00
j ai fait comme tu ma dit j ai Lance load_tdsskiller en faisant un double-clic dessus apres analyse il m ouvre une fenetre texte met il y a rien dedans ?
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 19:12
4 avril 2011 à 19:12
j ai ete dans mon disc c dans le dossier tdsskiller et il y a pas de rapport ?
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 19:43
4 avril 2011 à 19:43
comment ca relances le et post ?
andrealphuse
Messages postés
332
Date d'inscription
lundi 24 mars 2008
Statut
Membre
Dernière intervention
22 novembre 2018
10
4 avril 2011 à 20:01
4 avril 2011 à 20:01
j ai fait comme tu ma dit j ai Lance load_tdsskiller en faisant un double-clic dessus apres analyse il m ouvre une fenetre texte met il y a rien dedans ?
