Se connecter avec
S'enregistrer | Connectez-vous
Votre question

Adware impossible a supprimer

Dernière réponse : dans Sécurité et virus
Partagez
27 Avril 2011 17:48:39

Bonjour, je viens de faire une analyse avec spyboat et il me trouve 2 adware qui ne peuvent pas etre supprimer,
j'ai posté le rapport de spyboat je ne sais pas comment faire pour les supprimé
merci pour votre aide




--- Search result list ---
QuestBrowseSearch: [SBI $0A451570] Réglages (Clé du Registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse

QuestBrowseSearch: [SBI $99990BC5] Dossier Programme (Répertoire, nothing done)
C:\ProgramData\QuestBrwSearch\


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2011-01-19 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2011-03-18 Includes\Adware.sbi (*)
2011-03-22 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-03-08 Includes\DialerC.sbi (*)
2011-02-24 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-03-29 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2011-03-08 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2011-04-05 Includes\Malware.sbi (*)
2011-04-26 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-03-15 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2011-03-08 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2011-02-24 Includes\Spyware.sbi (*)
2011-03-15 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-12-28 Includes\Trojans.sbi (*)
2011-04-26 Includes\TrojansC-02.sbi (*)
2011-04-26 Includes\TrojansC-03.sbi (*)
2011-04-18 Includes\TrojansC-04.sbi (*)
2011-04-26 Includes\TrojansC-05.sbi (*)
2011-03-08 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Unknown Windows version 6.1 (Build: 7600) (6.1.7600)


--- Startup entries list ---
Located: HK_LM:Run, Adobe ARM
command: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
file: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
size: 932288
MD5: BAD6BEA0DE1F69C82BDB74378CE0C20A

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
file: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
size: 35736
MD5: 8A6683AC1DAFA824615BB3857EF8C709

Located: HK_LM:Run, AVP
command: "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
file: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
size: 365336
MD5: B2B3FCBA37671C853879DF7DDE8A839A

Located: HK_LM:Run, IAStorIcon
command: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
file: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
size: 284696
MD5: EF4BF6AB09A06867104DAC48DF35E779

Located: HK_LM:Run, ISBMgr.exe
command: "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
file: C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
size: 320880
MD5: 6C72E91639AA9D190CDA13D389FE7827

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
file: C:\Program Files (x86)\iTunes\iTunesHelper.exe
size: 421160
MD5: 0CFBE2D135A73CA98381FC8CC8BC5A03

Located: HK_LM:Run, MarketingTools
command: C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
file: C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
size: 26624
MD5: F6EA75A95BE7580273F6F4437E58A508

Located: HK_LM:Run, mcagent_exe
command: C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey
file: C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
size: 645328
MD5: 9B6E0003258F8E3006C892AD51AC7036

Located: HK_LM:Run, PMBVolumeWatcher
command: c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
file: c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
size: 597792
MD5: F81BB17F053CCF309C49107B0B09F2DA

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
file: C:\Program Files (x86)\QuickTime\QTTask.exe
size: 421888
MD5: 0AEE5668EB59912F32FF245BFA72465F

Located: HK_LM:Run, StartCCC
command: "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
file: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
size: 102400
MD5: A02446E78561CEC8EB18A93B193144D6

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
file: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
size: 249064
MD5: 2E5212A0BFB98FE0167C92C76C87AFE3

Located: HK_CU:Run, msnmsgr
where: S-1-5-21-1321362364-472648198-795738150-1000...
command: "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
size: 4240760
MD5: 6F0DAB13529BCB7C0F8A3082A8B1CDE9

Located: HK_CU:Run, Sidebar
where: S-1-5-21-1321362364-472648198-795738150-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1475072
MD5: 8FC6C4EE0A2D3EBAA70FA38F99141BCE

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1321362364-472648198-795738150-1000...
command: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887

Located: HK_CU:Run, swg
where: S-1-5-21-1321362364-472648198-795738150-1000...
command: "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
file: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD

Located: HK_CU:RunOnce, FlashPlayerUpdate
where: S-1-5-21-1321362364-472648198-795738150-1000...
command: C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe -update plugin
file: C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe
size: 235168
MD5: 17299506F8CA3FFD1C785FE50ABA9729

Located: Démarrage (tous utilisateurs), Bluetooth.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
file: C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, VESWinlogon
command: VESWinlogon.dll
file: VESWinlogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} (Aide à la navigation SFR)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Aide à la navigation SFR
CLSID name: Objet d'aide à la navigation SFR
Path: C:\Program Files (x86)\SFR\Kit\
Long name: SFRNavErrorHelper.dll
Short name: SFRNAV~1.DLL
Date (created): 15/10/2009 10:53:58
Date (last access): 09/12/2010 20:33:00
Date (last write): 15/10/2009 10:53:58
Filesize: 165184
Attributes: archive
MD5: 1FDC62785DE1C4249DC34F05FF557B5C
CRC32: DCB43198
Version: 9.10.6.0

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: AcroIEHelperStub
CLSID name: Adobe PDF Link Helper
Path: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelperShim.dll
Short name: ACROIE~2.DLL
Date (created): 30/01/2011 17:45:14
Date (last access): 24/02/2011 00:01:38
Date (last write): 30/01/2011 17:45:14
Filesize: 62376
Attributes: archive
MD5: F31208835709A62ECC5D45211D89C772
CRC32: 7859C01E
Version: 10.0.1.434

{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (IEVkbdBHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: IEVkbdBHO
CLSID name: IEVkbdBHO Class
Path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\
Long name: ievkbd.dll
Short name:
Date (created): 05/10/2010 21:27:00
Date (last access): 09/12/2010 22:01:10
Date (last write): 05/10/2010 21:27:00
Filesize: 68280
Attributes: archive
MD5: 3936312618A1B4E8B79231DC53C326E7
CRC32: 7AF036B8
Version: 11.0.2.556

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live ID)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live ID
Path: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 21/09/2010 15:08:38
Date (last access): 12/12/2010 10:57:04
Date (last write): 21/09/2010 15:08:38
Filesize: 439168
Attributes: archive
MD5: 6BF01E200063D7274F3AF06D226671F5
CRC32: C8953126
Version: 7.250.4225.0

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: C:\Program Files (x86)\Google\Google Toolbar\
Long name: GoogleToolbar_32.dll
Short name: GOOGLE~1.DLL
Date (created): 07/12/2010 12:25:54
Date (last access): 07/12/2010 12:25:54
Date (last write): 27/02/2011 18:11:26
Filesize: 298160
Attributes: archive
MD5: CD403892F553586C70FF1E1A8DE294BD
CRC32: 101E4098
Version: 6.6.1409.1944

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} (SkypeIEPluginBHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: SkypeIEPluginBHO
CLSID name: Skype Plug-In
Path: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\
Long name: skypeieplugin.dll
Short name: SKYPEI~1.DLL
Date (created): 22/11/2010 20:05:52
Date (last access): 27/12/2010 22:13:50
Date (last write): 22/11/2010 20:05:52
Filesize: 1242504
Attributes: archive
MD5: 590C4454A1D36F76DA1F636FAD139771
CRC32: 9EAA2627
Version: 5.0.0.6906

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\
Long name: swg.dll
Short name:
Date (created): 27/02/2011 18:26:38
Date (last access): 27/02/2011 18:26:38
Date (last write): 27/02/2011 18:26:38
Filesize: 848952
Attributes: archive
MD5: 2B6D566B536E695D9F40F5C19AE758B6
CRC32: EFD4ADE4
Version: 5.6.6209.1142

{B164E929-A1B6-4A06-B104-2CD0E90A88FF} (McAfee SiteAdvisor BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: McAfee SiteAdvisor BHO
Path: c:\PROGRA~2\mcafee\SITEAD~1\
Long name: McIEPlg.dll
Short name:
Date (created): 25/03/2011 09:04:30
Date (last access): 09/03/2011 20:48:28
Date (last write): 09/03/2011 20:48:28
Filesize: 251928
Attributes: archive
MD5: D4DF211AF675E891DE32C1E1D5B3DCAD
CRC32: 58ABE8FC
Version: 3.3.1.131

{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files (x86)\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 03/02/2011 00:25:32
Date (last access): 20/02/2011 10:28:18
Date (last write): 03/02/2011 00:25:32
Filesize: 41760
Attributes: archive
MD5: 88E49C2B7E75B1D9695D6A063F28A8BB
CRC32: A5ABF297
Version: 6.0.240.7

{E33CF602-D945-461A-83F0-819F76A199F8} (link filter bho)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: link filter bho
CLSID name: FilterBHO Class
Path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\
Long name: klwtbbho.dll
Short name:
Date (created): 05/10/2010 21:27:06
Date (last access): 09/12/2010 22:01:14
Date (last write): 05/10/2010 21:27:06
Filesize: 191160
Attributes: archive
MD5: 888A8C956207A88036571E8AE2356C46
CRC32: 79DC82BB
Version: 11.0.2.556



--- ActiveX list ---
{3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control)
DPF name:
CLSID name: Windows Live OneCare safety scanner control
Installer: C:\Windows\Downloaded Program Files\wlscCtrl2.inf
Codebase: http://cdn.scan.onecare.live.com/resource/download/scan...
Path: %ProgramFiles(x86)%\Windows Live Safety Center\
Long name: wlscCtrl2.dll

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_24
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind...
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files (x86)\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 07/12/2010 12:36:46
Date (last access): 02/02/2011 23:46:34
Date (last write): 02/02/2011 22:40:28
Filesize: 112416
Attributes: archive
MD5: 8E66E95FCD0218767CC5953F7BA64D19
CRC32: F9A66843
Version: 6.0.240.7

{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_24
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind...
Path: C:\Program Files (x86)\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 07/12/2010 12:36:46
Date (last access): 02/02/2011 23:46:34
Date (last write): 02/02/2011 22:40:28
Filesize: 112416
Attributes: archive
MD5: 8E66E95FCD0218767CC5953F7BA64D19
CRC32: F9A66843
Version: 6.0.240.7

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_24
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind...
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files (x86)\Java\jre6\bin\
Long name: npjpi160_24.dll
Short name: NPJPI1~1.DLL
Date (created): 02/02/2011 20:19:42
Date (last access): 02/02/2011 23:46:44
Date (last write): 02/02/2011 22:40:34
Filesize: 141088
Attributes: archive
MD5: 1DA2629EEE65A34D54BB9741CE30DE3D
CRC32: 64BB8CA2
Version: 6.0.240.7



--- Process list ---
PID: 0 ( 0) [System]
PID: 3652 (1844) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 39408
MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD
PID: 3672 (1844) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887
PID: 3864 (3700) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
size: 284696
MD5: EF4BF6AB09A06867104DAC48DF35E779
PID: 3876 (3700) C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
size: 320880
MD5: 6C72E91639AA9D190CDA13D389FE7827
PID: 3924 (3700) C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
size: 597792
MD5: F81BB17F053CCF309C49107B0B09F2DA
PID: 3932 (3700) C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
size: 26624
MD5: F6EA75A95BE7580273F6F4437E58A508
PID: 3944 (3700) C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
size: 645328
MD5: 9B6E0003258F8E3006C892AD51AC7036
PID: 3960 (3700) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
size: 365336
MD5: B2B3FCBA37671C853879DF7DDE8A839A
PID: 4088 (3700) C:\Program Files (x86)\iTunes\iTunesHelper.exe
size: 421160
MD5: 0CFBE2D135A73CA98381FC8CC8BC5A03
PID: 6072 (5672) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
size: 13600
MD5: 59F35AB946606C763B1342C4BC4566E4
PID: 9212 (6892) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe
size: 401408
MD5: 5092AA3E1FEA13BE699136751DC50DCB
PID: 1460 (9212) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
size: 207424
MD5: A7810B302294793DE88542AAE177D1B1
PID: 6376 (7516) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
size: 115712
MD5: FCB358973491095D026BB289EA5CC75A
PID: 9852 (1844) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
size: 912344
MD5: 0F3FA9FDB976C567EC0491685CF4FDF7
PID: 9764 (9852) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
size: 16856
MD5: 3AFF6B10C34CB8EAA6D6D5AA55193571
PID: 11012 (1844) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 1592 (4360) C:\Program Files\Sony\VAIO Care\listener.exe
size: 81016
MD5: 4D96F6F7508BDF46771262EEEA505F98
PID: 3216 (10272) C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
size: 3207072
MD5: 2AA659E0814FC004A320775735C4AD54
PID: 9420 (3216) C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
size: 77664
MD5: F2C82BA7E80C6054D5D20F3FBD4CFD34
PID: 4 ( 0) System
PID: 348 ( 4) smss.exe
PID: 516 ( 504) csrss.exe
PID: 596 ( 504) wininit.exe
size: 96256
PID: 612 ( 588) csrss.exe
PID: 644 ( 596) services.exe
PID: 668 ( 596) lsass.exe
PID: 680 ( 596) lsm.exe
PID: 792 ( 644) svchost.exe
size: 20992
PID: 848 ( 588) winlogon.exe
PID: 888 ( 644) svchost.exe
size: 20992
PID: 952 ( 644) atiesrxx.exe
PID: 1016 ( 644) svchost.exe
size: 20992
PID: 384 ( 644) svchost.exe
size: 20992
PID: 520 ( 644) svchost.exe
size: 20992
PID: 1060 ( 644) svchost.exe
size: 20992
PID: 1168 ( 644) svchost.exe
size: 20992
PID: 1208 ( 952) atieclxx.exe
PID: 1372 ( 644) spoolsv.exe
PID: 1404 ( 644) svchost.exe
size: 20992
PID: 1580 ( 644) AppleMobileDeviceService.exe
PID: 1708 ( 644) C:\Windows\System32\taskhost.exe
PID: 1796 ( 644) avp.exe
PID: 1820 ( 384) C:\Windows\System32\dwm.exe
PID: 1844 (1812) C:\Windows\explorer.exe
size: 2870272
MD5: 9AAAEC8DAC27AA17B053E6352AD233AE
PID: 1908 ( 520) C:\Windows\System32\taskeng.exe
size: 192000
MD5: F8952E80B7F778DA2F7AA8393CA2D30E
PID: 1980 ( 644) mDNSResponder.exe
PID: 1188 ( 644) btwdins.exe
PID: 1616 ( 644) svchost.exe
size: 20992
PID: 1952 ( 644) LMS.exe
PID: 2056 ( 644) mcsacore.exe
PID: 2112 (1908) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
size: 480624
MD5: DE855170C93C70921021F0C949B70CFF
PID: 2208 ( 644) PMBDeviceInfoProvider.exe
PID: 2220 (2056) rundll32.exe
size: 44544
PID: 2276 (2220) rundll32.exe
size: 44544
PID: 2656 ( 644) sftvsa.exe
PID: 2696 ( 520) taskeng.exe
size: 192000
PID: 2728 (2696) VAIOUpdt.exe
PID: 2736 ( 644) svchost.exe
size: 20992
PID: 2824 ( 644) VESMgr.exe
PID: 2892 ( 644) VSNService.exe
PID: 2924 (1844) C:\Program Files\Apoint\Apoint.exe
size: 208384
MD5: 50075B1F5918C8F5E08A55E7658CCF09
PID: 2932 (1844) C:\Program Files\Java\jre6\bin\jusched.exe
size: 171520
MD5: 8C61888F1581C7812B4BC221F5661EBF
PID: 3004 ( 644) svchost.exe
size: 20992
PID: 1968 ( 644) WLIDSVC.EXE
PID: 1104 ( 644) IAStorDataMgrSvc.exe
PID: 3224 (1968) WLIDSVCM.EXE
PID: 3288 ( 644) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 3360 (2892) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
size: 2367376
MD5: 3E2F9D42647CDC1024511839762ABC0C
PID: 3464 ( 792) dllhost.exe
size: 7168
PID: 3544 (2824) VESMgrSub.exe
PID: 3644 (1844) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1475072
MD5: 8FC6C4EE0A2D3EBAA70FA38F99141BCE
PID: 3720 (1844) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
size: 1081632
MD5: C98B96445945027FD0B7DA2AA325F30A
PID: 4028 (3976) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
size: 65536
MD5: E7704CBF568815C1CAA6E513387BD3F2
PID: 3172 ( 792) WmiPrvSE.exe
PID: 4108 ( 644) sftlist.exe
PID: 4876 ( 644) CVHSVC.EXE
PID: 5028 ( 644) iPodService.exe
PID: 1816 ( 644) SPMService.exe
PID: 4528 ( 644) mcmscsvc.exe
PID: 3128 ( 644) SearchIndexer.exe
size: 428032
PID: 5136 (2924) ApMsgFwd.exe
PID: 5212 ( 644) svchost.exe
size: 20992
PID: 5260 ( 644) svchost.exe
size: 20992
PID: 5332 ( 644) wmpnetwk.exe
PID: 5400 ( 384) WUDFHost.exe
PID: 5672 ( 792) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
size: 3076384
MD5: 13065A520449D74788DD0D16A7F6D660
PID: 5728 (5648) C:\Program Files\Apoint\ApntEx.exe
size: 23552
MD5: 9D9B61AF3DBDC1490CBC508C8380510B
PID: 5748 ( 612) C:\Windows\System32\conhost.exe
PID: 5772 (2924) C:\Program Files\Apoint\Apvfb.exe
size: 148992
MD5: C2AA8CA8DD71C7311D0A2B5BEE661A3A
PID: 5900 ( 644) svchost.exe
size: 20992
PID: 7156 (4028) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
size: 65536
MD5: 74EF310FAC89341CE2897B7F2C4A7B0F
PID: 3460 ( 792) dllhost.exe
size: 7168
PID: 3388 ( 644) McNASvc.exe
PID: 4360 ( 644) VCPerfService.exe
PID: 5620 ( 644) UNS.exe
PID: 804 (1908) C:\Program Files\Sony\VAIO Care\VCsystray.exe
size: 1165504
MD5: 505F3A583338F57AC4A6C826557E3FC7
PID: 6004 ( 644) VCService.exe
PID: 7132 (6004) VCAgent.exe
PID: 3636 ( 644) vds.exe
PID: 5928 (6004) Admload.exe
PID: 5040 ( 644) VUAgent.exe
PID: 8800 ( 644) ACService.exe
PID: 6584 ( 792) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtblfs.exe
size: 170680
MD5: 1424EBAE0DA10F736492503853DCAF9C
PID: 788 ( 644) OSPPSVC.EXE
PID: 11308 (9764) C:\Windows\splwow64.exe
size: 61952
MD5: 88454E4E3D0DC64E9FBC5E9D1BDBA771


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 27/04/2011 17:45:51

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=56626&homepage=h...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.google.com/ig/redirectdomain?brand=SVEC&bmod...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\SysWOW64\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=56626&homepage=h...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896


--- Winsock Layered Service Provider list ---
Namespace Provider 3: Fournisseur Shim d’affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 4: Fournisseur d’espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 5: Fournisseur d’espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 7: WindowsLive NSP
GUID: {4177DDE9-6028-479E-B7B7-03591A63FF3A}
Filename: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

Namespace Provider 8: WindowsLive Local NSP
GUID: {229F2A2C-5F18-4A06-8F89-3A372170624D}
Filename: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL



--- Uninstall list ---


--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking 4.0.0.0
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): 1394ohci
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: 1394 OHCI Compliant Host Controller
Image path: \SystemRoot\system32\drivers\1394ohci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ACDaemon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ArcSoft Connect Daemon
Object name: LocalSystem
Image path: C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
Image size: 113152
Image MD5: ADC420616C501B45D26C0FD3EF1E54E4
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\drivers\ACPI.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): AcpiPmi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ACPI Power Meter Driver
Image path: \SystemRoot\system32\drivers\acpipmi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): adp94xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adp94xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): adpahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpahci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): adpu320
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpu320.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): adsi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): AeLookupSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\aelupsvc.dll,-1
Description: @%SystemRoot%\system32\aelupsvc.dll,-2
Object name: localSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\drivers\afd.sys,-1000
Description: @%systemroot%\system32\drivers\afd.sys,-1000
Image path: \SystemRoot\system32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AGP Bus Filter
Image path: \SystemRoot\system32\drivers\agp440.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\Alg.exe,-112
Description: @%SystemRoot%\system32\Alg.exe,-113
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): aliide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\aliide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 3

Service (registry key): AMD External Events Utility
Registry path: \SYSTEM\CurrentControlSet\Services\
Object name: LocalSystem
Image path: %SystemRoot%\system32\atiesrxx.exe
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): amdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\amdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 3

Service (registry key): AmdK8
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD K8 Processor Driver
Image path: \SystemRoot\system32\drivers\amdk8.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): amdkmdag
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\atikmdag.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): amdkmdap
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\atikmpag.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): AmdPPM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD Processor Driver
Image path: \SystemRoot\system32\drivers\amdppm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): amdsata
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\amdsata.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): amdsbs
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\amdsbs.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): amdxata
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\drivers\amdxata.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): ApfiltrService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Alps Pointing-device Filter Driver
Image path: system32\DRIVERS\Apfiltr.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): AppID
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\appidsvc.dll,-102
Description: @%systemroot%\system32\appidsvc.dll,-103
Image path: \SystemRoot\system32\drivers\appid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1
Depends On services: FltMgr,DisCache

Service (registry key): AppIDSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\appidsvc.dll,-100
Description: @%systemroot%\system32\appidsvc.dll,-101
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,AppID,CryptSvc

Service (registry key): Appinfo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\appinfo.dll,-100
Description: @%systemroot%\system32\appinfo.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,ProfSvc

Service (registry key): Apple Mobile Device
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Apple Mobile Device
Description: Fournit l’interface pour les appareils mobiles Apple.
Object name: LocalSystem
Image path: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
Image size: 37664
Image MD5: 20F6F19FE9E753F2780DC2FA083AD597
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): arc
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): arcsas
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arcsas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ArcSoftKsUFilter
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ArcSoft Magic-I Visual Effect
Image path: system32\DRIVERS\ArcSoftKsUFilter.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\rascfg.dll,-32000
Description: @%systemroot%\system32\rascfg.dll,-32000
Image path: system32\DRIVERS\asyncmac.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IDE Channel
Image path: system32\drivers\atapi.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): athr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Atheros Extensible Wireless LAN device driver
Image path: system32\DRIVERS\athrx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Atierecord
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): atikmdag
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\atikmdag.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): AudioEndpointBuilder
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-204
Description: @%SystemRoot%\System32\audiosrv.dll,-205
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): AudioSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-200
Description: @%SystemRoot%\System32\audiosrv.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: AudioEndpointBuilder,RpcSs,MMCSS

Service (registry key): AVP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Kaspersky Anti-Virus Service
Description: Il protège votre ordinateur contre les virus, les applications dangereuses, les attaques de réseau, les escroqueries en ligne et le courrier indésirable.
Object name: LocalSystem
Image path: "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" -r
Image size: 365336
Image MD5: B2B3FCBA37671C853879DF7DDE8A839A
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): AxInstSV
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\AxInstSV.dll,-103
Description: @%SystemRoot%\system32\AxInstSV.dll,-104
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k AxInstSVGroup
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): b06bdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Broadcom NetXtreme II VBD
Image path: \SystemRoot\system32\drivers\bxvbda.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): b57nd60a
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
Image path: system32\DRIVERS\b57nd60a.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): BDESVC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\bdesvc.dll,-100
Description: @%SystemRoot%\system32\bdesvc.dll,-101
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1

Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Beep
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): BFE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\bfe.dll,-1001
Description: @%SystemRoot%\system32\bfe.dll,-1002
Object name: NT AUTHORITY\LocalService
Image path: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\qmgr.dll,-1000
Description: @%SystemRoot%\system32\qmgr.dll,-1001
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,EventSystem

Service (registry key): blbdrive
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\blbdrive.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Bonjour Service
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service Bonjour
Description: Permet aux périphériques matériels et aux services logiciels de se configurer automatiquement sur le réseau et de se rendre publics.
Object name: LocalSystem
Image path: "C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
Image size: 345376
Image MD5: F832F1505AD8B83474BD9A5B1B985E01
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: Tcpip

Service (registry key): bowser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\browser.dll,-102
Description: @%systemroot%\system32\browser.dll,-103
Image path: system32\DRIVERS\bowser.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): BrFiltLo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Lower Filter Driver
Image path: \SystemRoot\system32\drivers\BrFiltLo.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BrFiltUp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Upper Filter Driver
Image path: \SystemRoot\system32\drivers\BrFiltUp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\browser.dll,-100
Description: @%systemroot%\system32\browser.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): Brserid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC Serial Port Interface Driver (WDM)
Image path: \SystemRoot\System32\Drivers\Brserid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BrSerWdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother WDM Serial driver
Image path: \SystemRoot\System32\Drivers\BrSerWdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BrUsbMdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Fax Only Modem
Image path: \SystemRoot\System32\Drivers\BrUsbMdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BrUsbSer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Serial WDM Driver
Image path: \SystemRoot\System32\Drivers\BrUsbSer.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthEnum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote de bloc de demande Bluetooth
Image path: system32\DRIVERS\BthEnum.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BTHMODEM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote de communications modem Bluetooth
Image path: system32\DRIVERS\bthmodem.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthPan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Périphérique Bluetooth (réseau personnel)
Description: Périphérique Bluetooth (réseau personnel)
Image path: system32\DRIVERS\bthpan.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BTHPORT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote de port Bluetooth
Image path: System32\Drivers\BTHport.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): bthserv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\bthserv.dll,-101
Description: @%SystemRoot%\System32\bthserv.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k bthsvcs
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): BTHUSB
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote USB radio Bluetooth
Image path: System32\Drivers\BTHUSB.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): btusbflt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth USB Filter
Image path: system32\drivers\btusbflt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): btwaudio
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Périphérique audio Bluetooth
Image path: system32\drivers\btwaudio.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): btwavdt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth AVDT Service
Image path: system32\drivers\btwavdt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): btwdins
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Service
Description: Handles installation and removal of Bluetooth devices.
Object name: LocalSystem
Image path: C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
Image size: 873248
Image MD5: 31DA517946FFE416442E864592548F8A
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): btwl2cap
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth L2CAP Service
Image path: system32\DRIVERS\btwl2cap.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): btwrchid
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: system32\DRIVERS\btwrchid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD/DVD File System Reader
Description: ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces)
Image path: system32\DRIVERS\cdfs.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: \SystemRoot\system32\drivers\cdrom.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): CertPropSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\certprop.dll,-11
Description: @%SystemRoot%\System32\certprop.dll,-12
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): circlass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Consumer IR Devices
Image path: \SystemRoot\system32\drivers\circlass.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): CLFS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\clfs.sys,-100
Description: @%SystemRoot%\system32\clfs.sys,-101
Image path: System32\CLFS.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 66384
Image MD5: D88040F816FDA31C3B466F0FA0918F29
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 0

Service (registry key): clr_optimization_v2.0.50727_64
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v2.0.50727_X64
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
Image size: 89920
Image MD5: D1CEEA2B47CB998321C579651CE3E4F8
Control Set: CurrentControlSet
Start: 4
Type: 16
Error Control: 0

Service (registry key): clr_optimization_v4.0.30319_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v4.0.30319_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Image size: 130384
Image MD5: C5A75EB48E2344ABDC162BDA79E16841
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0

Service (registry key): clr_optimization_v4.0.30319_64
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v4.0.30319_X64
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
Image size: 138576
Image MD5: C6F9AF94DCD58122A4D7E89DB6BED29D
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0

Service (registry key): CmBatt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Control Method Battery Driver
Image path: \SystemRoot\system32\drivers\CmBatt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): cmdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\cmdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 3

Service (registry key): CNG
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: System32\Drivers\cng.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): Compbatt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Composite Battery Driver
Image path: system32\drivers\compbatt.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): CompositeBus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Composite Bus Enumerator Driver
Image path: \SystemRoot\system32\drivers\CompositeBus.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-947
Description: @comres.dll,-948
Object name: LocalSystem
Image path: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 7168
Image MD5: A63DC5C2EA944E6657203E0C8EDEAF61
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,EventSystem,SENS

Service (registry key): crcdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Crcdisk Filter Driver
Image path: \SystemRoot\system32\drivers\crcdisk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): crypt32
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): CryptSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\cryptsvc.dll,-1001
Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): cvhsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Client Virtualization Handler
Description: Client Virtualization Handler Service (unlocalized description)
Object name: LocalSystem
Image path: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
Image size: 821664
Image MD5: 61A86809B62769643892BC0812B204AA
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: sftlist

Service (registry key): DCLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @oleres.dll,-5012
Description: @oleres.dll,-5013
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): defragsvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\defragsvc.dll,-101
Description: @%SystemRoot%\system32\defragsvc.dll,-102
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k defragsvc
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): DfsC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\drivers\dfsc.sys,-101
Description: @%systemroot%\system32\drivers\dfsc.sys,-102
Image path: System32\Drivers\dfsc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Depends On services: Mup

Service (registry key): dgderdrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: dgderdrv
Image path: System32\drivers\dgderdrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\dhcpcore.dll,-100
Description: @%SystemRoot%\system32\dhcpcore.dll,-101
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 20992
Image MD5: 54A47F6B5E09A77E61649109C6A08866
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NSI,Tdx,Afd

Service (registry key): discache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\drivers\discache.sys,-102
Description: @%systemroot%\system32\drivers\discache.sys,-101
Image path: System32\drivers\discache.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): Disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote de disque
Image path: system32\drivers\disk.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 0
Type

Autres pages sur : adware impossible supprimer

27 Avril 2011 19:33:11

ok je le fais merci
Contenus similaires
27 Avril 2011 19:37:43

voilà le rapport

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:34:46 le 27/04/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium (X64)
vic@VIC-VAIO (Sony Corporation VPCEB2E1E)

============== RECHERCHE ==============


Dossier trouvé: C:\Program Files (x86)\Mozilla FireFox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
Dossier trouvé: C:\ProgramData\QuestBrwSearch

Clé trouvée: HKLM\Software\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Clé trouvée: HKLM\Software\QuestBrowse
Clé trouvée: HKLM\Software\aTube Catcher\OpenCandy
Clé trouvée: HKLM\Software\Wow6432Node\aTube Catcher\OpenCandy


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.16 (fr)] ****

Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension )
Extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} (QuestBrowse)
HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor

-- C:\Users\vic\AppData\Roaming\Mozilla\FireFox\Profiles\yr0tgqyc.default --
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Prefs.js - browser.download.lastDir, C:\\Users\\vic\\Pictures
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/ig
Prefs.js - browser.startup.homepage_override.buildID, 20101104131838
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.sfr.fr/kit/adsl/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)
HKCU_SearchScopes\{2A56CD95-5924-453C-A9FA-07CD58883202} - "Zinio" (hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search)
HKCU_SearchScopes\{3C2C541B-735B-4B08-A9BB-AE83A227B959} - "Shopping.com" (hxxp://fr.shopping.com/?linkin_id=8056351)
HKCU_SearchScopes\{FF67B4FD-690D-40C2-8D14-F301D253D050} - "eBay" (hxxp://rover.ebay.com/rover/1/709-42536-16445-8/4?satitle={searchTerms})
HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{64DA00B7-88FE-49a8-8515-68A5C8C305DB} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A39C536A-A41F-492f-B784-08D5A6DCF091} - c:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe (Evernote)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files (x86)\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
HKLM_ElevationPolicy\{E6856B61-272B-4e4f-AADE-1D73054BCAD1} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{ED4ABFF1-2CA0-4476-98EB-E9208D434752} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F3CD2902-C553-4d6a-B139-934BED1FAADF} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F7897EF1-FE28-4f1a-9615-E45744D29F15} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Send To Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{E0B8C461-F8FB-49b4-8373-FE32E92528A6} - "Add to Evernote" (c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll,1001)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 27/04/2011 19:34:59 (5251 Octet(s))

Fin à: 19:37:09, 27/04/2011

============== E.O.F ==============
a b 8 Sécurité
27 Avril 2011 19:40:33

Ok, tu peux relancer Ad-Remover, utiliser l'option "Nettoyer" et poster le rapport.
27 Avril 2011 19:58:52

j'ai essayé plusieur fois mais logiciel ne répond pas
a b 8 Sécurité
27 Avril 2011 20:35:55

  • Télécharge OTM (par OldTimer) sur ton Bureau.
  • Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :reg
    [-HKLM\Software\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}]
    [-HKLM\Software\QuestBrowse]
    [-HKLM\Software\aTube Catcher\OpenCandy]
    [-HKLM\Software\Wow6432Node\aTube Catcher\OpenCandy]

    :files
    C:\Program Files (x86)\Mozilla FireFox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
    C:\ProgramData\QuestBrwSearch

    :commands
    [emptytemp]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt!.

  • Le logiciel te demandera de redémarrer, accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    27 Avril 2011 21:27:42

    c'est normal que sa soit si long?
    a b 8 Sécurité
    27 Avril 2011 21:42:00

    Il en est où ?
    27 Avril 2011 21:47:19

    y'a sa écrit dans résults


    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\QuestBrowse\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\aTube Catcher\OpenCandy\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Wow6432Node\aTube Catcher\OpenCandy\ not found.
    ========== FILES ==========
    File/Folder C:\Program Files (x86)\Mozilla FireFox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} not found.
    File/Folder C:\ProgramData\QuestBrwSearch not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: vic
    27 Avril 2011 21:47:51

    il tourne encore
    a b 8 Sécurité
    27 Avril 2011 22:33:14

    Il supprime les fichiers temporaires.
    27 Avril 2011 22:35:07

    tout se temps!!!!
    il doit y'en avoir un paquet....
    a b 8 Sécurité
    27 Avril 2011 23:07:51

    Bizarre quand même, tu peux l'arrêter de force.
    27 Avril 2011 23:14:54

    non sa continue quand je clique sur exit
    a b 8 Sécurité
    27 Avril 2011 23:24:33

    Tu peux arrêter OTM avec le gestionnaire des tâches.
    27 Avril 2011 23:35:32

    oui c fais
    28 Avril 2011 11:36:27

    c fait voilà le rapport

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6461

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    28/04/2011 11:35:30
    mbam-log-2011-04-28 (11-35-11).txt

    Type d'examen: Examen complet (C:\|Q:\|)
    Elément(s) analysé(s): 383965
    Temps écoulé: 1 heure(s), 57 minute(s), 22 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Users\vic\downloads\VLCSetup.exe (Adware.Hotbar) -> No action taken.
    c:\Users\vic\downloads\xvidsetup.exe (Adware.Hotbar) -> No action taken.
    a b 8 Sécurité
    28 Avril 2011 15:25:39

    L'option "Nettoyer" d'Ad-Remover ne fonctionne toujours pas ?

    Spybot détecte encore quelque chose ?
    28 Avril 2011 17:54:17

    non il trouve plus rien
    a b 8 Sécurité
    28 Avril 2011 18:11:55

    [1/

  • Relance Ad-Remover et choisis l'option "Désinstaller".

  • Télécharge DelFix sur ton Bureau.
  • Clique droit sur DelFix et choisis Exécuter en tant qu'administrateur.
  • Clique sur le bouton Suppression.
  • Poste le rapport (C:\DelFixSuppr.txt).
  • Supprime DelFix.


    2/

  • Télécharge et installe CCleaner.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de supprimer les points de restauration.


    ==Prévention==

    Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    ;) 
    28 Avril 2011 18:14:42

    ton lien pour delfix ne fonctionne pas
    28 Avril 2011 18:21:55

    le rapport delfix


    # DelFix v7.7B - Rapport créé le 28/04/2011 à 18:21
    # Mis à jour le 15/04/11 à 19h30 par Xplode
    # Système d'exploitation : Windows 7 Home Premium (64 bits) [version 6.1.7600]
    # Nom d'utilisateur : vic - VIC-VAIO (Administrateur)
    # Exécuté depuis : C:\Users\vic\Desktop\DelFix-7.7B.exe
    # Option [Suppression]


    ~~~~~~ Dossier(s) ~~~~~~

    Supprimé : C:\_OTM
    Supprimé : C:\Program Files (x86)\ZHPDiag

    ~~~~~~ Fichier(s) ~~~~~~

    Supprimé : C:\Users\vic\Desktop\OTM.exe
    Supprimé : C:\Users\vic\Downloads\ZHPDiag2.exe

    ~~~~~~ Registre ~~~~~~

    Clé Supprimée : HKLM\Software\OldTimer Tools

    ~~~~~~ Autre ~~~~~~

    -> Prefetch vidé

    ########## EOF - "C:\DelFixSuppr.txt" - [759 octets] ##########
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter